hi

I am getting below error while building from source from your repo
libtool: link: gcc -DLXCROOTFSMOUNT="/usr/local/lib/lxc/rootfs" -DLXCPATH="/usr/local/var/lib/lxc" -DLXC_GLOBAL_CONF="/usr/local/etc/lxc/lxc.conf" -DLXCINITDIR="/usr/local/libexec" -DLIBEXECDIR="/usr/local/libexec" -DLXCTEMPLATEDIR="/usr/local/share/lxc/templates" -DLXCTEMPLATECONFIG="/usr/local/share/lxc/config" -DLOGPATH="/usr/local/var/log/lxc" -DLXC_DEFAULT_CONFIG="/usr/local/etc/lxc/default.conf" -DLXC_USERNIC_DB="/run/lxc/nics" -DLXC_USERNIC_CONF="/usr/local/etc/lxc/lxc-usernet" -DDEFAULT_CGROUP_PATTERN="/lxc/%n" -DRUNTIME_PATH="/run" -DSBINDIR="/usr/local/sbin" -I …/…/src -I …/…/src/lxc -I …/…/src/lxc/storage -I …/…/src/lxc/cgroups -DHAVE_SELINUX -g -O2 -Wall -Werror -Wl,-E -o .libs/lxc-attach tools/lxc_attach.o ./.libs/liblxc.so -lselinux -lrt -lutil -lpthread -pthread -Wl,-rpath -Wl,/usr/local/lib
./.libs/liblxc.so: undefined reference to prlimit' collect2: ld returned 1 exit status make[3]: *** [lxc-attach] Error 1 make[3]: Leaving directory /root/lxc-master/src/lxc’
make[2]: *** [all-recursive] Error 1
make[2]: Leaving directory /root/lxc-master/src' make[1]: *** [all] Error 2 make[1]: Leaving directory /root/lxc-master/src’
make: *** [all-recursive] Error 1
[root@testnode1 lxc-master]#

hi,

The error shows that it require prlimit but I am using kernel 2.6.32 which have util-linux 2.17 but prlimit(1) the user space program was added to util-linux 2.21 to make use of the prlimit(2) syscall available and available since Linux kernel 2.6.36.

Again stuck

Your still compiling from the wrong branch! There’s no process limit support in stable-1.0, the LXC tools are not located in a subfolder called tools and a bunch of other give aways. As I said you need to switch to the correct branch before compiling. Once again, please do:

git clone https://github.com/lxc/lxc.git
cd lxc
git checkout -b local/stable-1.0 origin/stable-1.0
./autogen.sh
./configure --enable-tests --prefix=/usr/ --sysconfdir=/etc/ --localstatedir=/var/" in /build/
make

Hi,

Thanks done with installation.

But failed to create the container below is the error

[root@testnode1 lxc]# lxc-create -t /usr/local/share/lxc/templates/lxc-download -n centos2

Distribution:
centos
Release:
6
Architecture:
amd64

Using image from local cache
Unpacking the rootfs

You just created a CentOS container (release=6, arch=amd64, variant=default)

To enable sshd, run: yum install openssh-server

For security reason, container images ship without user accounts
and without a root password.

Use lxc-attach or chroot directly into the rootfs to set a root password
or create user accounts.
lxc_container: confile.c: parse_line: 1750 unknown key lxc.pty.max
lxc_container: parse.c: lxc_file_for_each_line: 57 Failed to parse config: lxc.pty.max = 1024

lxc_container: parse.c: lxc_file_for_each_line: 57 Failed to parse config: lxc.include = /usr/local/share/lxc/config/common.conf

lxc_container: lxc_create.c: main: 274 Error creating container centos2

You’re doing something really weird since lxc.pty.max is a config key that has been introduced in LXC 2.1. That can’t possibly work with stable-1.0. You’re mixing LXC versions it seems. Why is your common.conf in a new format? That indicates that you either had a newer LXC version installed and not properly removed or still have it installed.
Please show the contents of /usr/local/share/lxc/config/common.conf.

Default configuration shared by all containers

Setup the LXC devices in /dev/lxc/

lxc.tty.dir = lxc

Allow for 1024 pseudo terminals

lxc.pty.max = 1024

Setup 4 tty devices

lxc.tty.max = 4

Drop some harmful capabilities

lxc.cap.drop = mac_admin mac_override sys_time sys_module sys_rawio

Ensure hostname is changed on clone

lxc.hook.clone = /usr/local/share/lxc/hooks/clonehostname

CGroup whitelist

lxc.cgroup.devices.deny = a

Allow any mknod (but not reading/writing the node)

lxc.cgroup.devices.allow = c : m
lxc.cgroup.devices.allow = b : m

Allow specific devices

/dev/null

lxc.cgroup.devices.allow = c 1:3 rwm

/dev/zero

lxc.cgroup.devices.allow = c 1:5 rwm

/dev/full

lxc.cgroup.devices.allow = c 1:7 rwm

/dev/tty

lxc.cgroup.devices.allow = c 5:0 rwm

/dev/console

lxc.cgroup.devices.allow = c 5:1 rwm

/dev/ptmx

lxc.cgroup.devices.allow = c 5:2 rwm

/dev/random

lxc.cgroup.devices.allow = c 1:8 rwm

/dev/urandom

lxc.cgroup.devices.allow = c 1:9 rwm

/dev/pts/*

lxc.cgroup.devices.allow = c 136:* rwm

fuse

lxc.cgroup.devices.allow = c 10:229 rwm

Setup the default mounts

lxc.mount.auto = cgroup:mixed proc:mixed sys:mixed
lxc.mount.entry = /sys/fs/fuse/connections sys/fs/fuse/connections none bind,optional 0 0

Blacklist some syscalls which are not safe in privileged

containers

lxc.seccomp.profile = /usr/local/share/lxc/config/common.seccomp

Lastly, include all the configs from /usr/local/share/lxc/config/common.conf.d/

lxc.include = /usr/local/share/lxc/config/common.conf.d/

Yes … U are correct. Now I am trying on a fresh system and update u soon.

Ah, cool. Thanks so much!

HI,

I tried on new system… now while creating I am getting the error

[root@testnode8 lxc]# export LD_LIBRARY_PATH=/usr/lib:$LD_LIBRARY_PATH
[root@testnode8 lxc]# lxc-create -t centos -n mycentos
failed to create lock
System error loading container
[root@testnode8 lxc]#

You’re running as root and does /run exist?

Yes / exist. Earlier I did in the same way

Hi Brauner,

What is the minimum kernel version LXC support?

It’s usually higher but there’s no reason why we shouldn’t be able to make this work. I’m confused why the file-lock won’t work though. Where did you compile the library? You should do:

export LD_LIBRARY_PATH=/path/to/lxc/src/lxc

Hi,

Followed below mentioned steps

[root@testnode8 lxc]# git checkout 2018-05-28/enable_pre_setns_kernels-II
Branch 2018-05-28/enable_pre_setns_kernels-II set up to track remote branch 2018-05-28/enable_pre_setns_kernels-II from origin.
Switched to a new branch ‘2018-05-28/enable_pre_setns_kernels-II’
[root@testnode8 lxc]# ./autogen.sh

• test -d autom4te.cache
• aclocal -I config
• autoheader
• autoconf
• automake --add-missing --copy
  configure.ac:31: installing config/compile' configure.ac:30: installing config/config.guess’
  configure.ac:30: installing config/config.sub' configure.ac:29: installing config/install-sh’
  configure.ac:29: installing config/missing' src/lua-lxc/Makefile.am: installing config/depcomp’
  [root@testnode8 lxc]# ./configure --enable-tests --prefix=/usr/ --sysconfdir=/etc/ --localstatedir=/var/
  checking for pkg-config… /usr/bin/pkg-config
  checking pkg-config is at least version 0.9.0… yes
  checking for a BSD-compatible install… /usr/bin/install -c
  checking whether build environment is sane… yes
  checking for a thread-safe mkdir -p… /bin/mkdir -p
  checking for gawk… gawk
  checking whether make sets $(MAKE)… yes
  checking build system type… x86_64-unknown-linux-gnu
  checking host system type… x86_64-unknown-linux-gnu

[root@testnode8 lxc]# make

[root@testnode8 lxc]# export LD_LIBRARY_PATH=/root/lxc/src/lxc/:$LD_LIBRARY_PATH

[root@testnode8 lxc]# make install

Can you do lxc-create -t centos -n mycentos -l trace -o mycentos.log and get me the contents of mycentos.log, please?

it’s creating mycentos.log as blank file (0 byte).

even though setting LD_LIBRARY_PATH it’s creating liblxc.so file in /usr/lib/liblxc.so and also in /root/lxc/src/lxc/

Hi Brauner

Any luck to make this work

Is there any way I can get access to one of those machines?
I suspect that the LD_LIBRARY_PATH is either not picked up.
The easiest way to test this properly would be to build a distro specific
package with my patch applied.
The problem is that right now I’m poking in the dark.

Thanks and I will get back to you. Will try to provide you the access.