Ede Wolf
unread,May 13, 2021, 11:31:54 AM5/13/21Sign in to reply to author
Sign in to forward
You do not have permission to delete messages in this group
Sign in to report message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to LXC users mailing-list
After an upgrade of either lxc or systemd unpriviledged containers using
systemd as init fail to start, because they cannot mount
/sys/fs/cgroup/systemd:
"Failed to mount cgroup at /sys/fs/cgroup/systemd: Operation not permitted"
[!!!!!!] "Failed to mount API filesystems."
And fair enough, this directory does not exist on the host. Creating it
manually and assigning it the proper permissions makes the continer
start up:
mkdir /sys/fs/cgroup/systemd
mount -t cgroup -o none,name=systemd systemd /sys/fs/cgroup/systemd
chown unpriv:lxc /sys/fs/cgroup/systemd
Now, while it is no deal to create this directory beforehand, what is
unclear to me, if I have multiple containers running under different
users, how would that be accomplished when all are trying to mount the
same directory? So I am not sure, this is the proper way.
Another, not yet updated host, does neither feature this cgroup/systemd
directory, but the containers do still start up fine. And we are not
talking about a big jump:
lxc-4.0.6 vs. 4.0.8,
systemd 248-5 vs. 248.2-2
kernel 5.10.31 vs. 5.10.36
respectively, with the lower versions working flawlessly.
Why is such a fundamental change, that breaks existing installations,
not being reflected in versioning? Or is there just a fundamental
configuration issue on my side that I just have gotten away with so far?
Thanks
Ede