I originally created an issue on my distribution’s issue tracker, but a maintainer of the Incus package is unsure if this is upstream or not, and suggested I ask here for more troubleshooting advice.
After migrating my installation from LXD to Incus, I can no longer create unprivileged containers. Doing so errors as such:
~$ incus launch images:ubuntu/24.04 sample
Launching sample
Error: Failed instance creation: Failed to run: /nix/store/i9dkdkh6ndlvdqg94rxdfy7qp8bp09jq-incus-lts-6.0.1/bin/incusd forkstart sample /var/lib/incus/containers /run/incus/sample/lxc.conf: exit status 1
~ [1]$ incus info --show-log sample
Name: sample
Status: STOPPED
Type: container
Architecture: x86_64
Created: 2024/08/08 22:26 CEST
Last Used: 2024/08/08 22:26 CEST
Log:
lxc sample 20240808202646.963 ERROR idmap_utils - ../src/lxc/idmap_utils.c:lxc_map_ids:245 - newuidmap failed to write mapping "newuidmap: write to uid_map failed: Invalid argument": newuidmap 1496505 0 1000000 1000000000 0 1000000 65536
lxc sample 20240808202646.963 ERROR start - ../src/lxc/start.c:lxc_spawn:1795 - Failed to set up id mapping.
lxc sample 20240808202646.963 ERROR lxccontainer - ../src/lxc/lxccontainer.c:wait_on_daemonized_start:837 - Received container state "ABORTING" instead of "RUNNING"
lxc sample 20240808202646.964 ERROR start - ../src/lxc/start.c:__lxc_start:2114 - Failed to spawn container "sample"
lxc sample 20240808202646.964 WARN start - ../src/lxc/start.c:lxc_abort:1037 - No such process - Failed to send SIGKILL via pidfd 17 for process 1496505
lxc 20240808202646.999 ERROR af_unix - ../src/lxc/af_unix.c:lxc_abstract_unix_recv_fds_iov:218 - Connection reset by peer - Failed to receive response
lxc 20240808202646.999 ERROR commands - ../src/lxc/commands.c:lxc_cmd_rsp_recv_fds:128 - Failed to receive file descriptors for command "get_init_pid"
Privileged containers can be created without issue and existing unprivileged containers that were migrated work without issue.
In the linked issue I was asked to check /etc/subuid and /etc/subgid, their contents are:
/etc/subuid
root:1000000:1000000000
anselmschueler:100000:65536
/etc/subgid
root:1000000:1000000000
anselmschueler:100000:65536
This installation was migrated after the system itself was migrated from one computer to another.
The distribution I’m using ships a service that reapplies a preseed on Incus initialization, to allow for static configuration. I am using this preseed:
networks:
- config:
dns.mode: managed
ipv4.address: auto
ipv6.address: auto
name: incusbr0
project: default
profiles:
- devices:
eth0:
name: eth0
network: incusbr0
type: nic
root:
path: /
pool: default
type: disk
name: default
storage_pools:
- config:
driver: btrfs
name: default
Does anybody have an idea what might be going wrong, what I could to find out more, or what I could do to fix it?