lxc-execute does not work, but with the same config file lxc-create, lxc-start, lxc-attach works.
config file:
lxc.idmap = u 0 231072 1002
lxc.idmap = g 0 231072 1003
lxc.idmap = u 1002 1002 1
lxc.idmap = g 1003 1003 1
lxc idmap = u 1004 232075 64533
lxc.idmap = g 1005 232076 64532
lxc.console.path = none
lxc.mount.auto = proc:rw sys:mixed cgroup:mixed
lxc.mount.entry = /media/lxc_poc/lxc_app_binaries /var/lib/lxc/test/media/ none ro,bind,0 0
Tried below approaches…
First approach:
- Created config file
- Executed lxc-create -n test -f config -P /var/lib/lxc -t none
- Executed lxc-execute-n test -t config – /usr/lib/app_1
Second approach:
- Created config file
- lxc-execute-n test -t config – /usr/lib/app_1
Both the approaches didnt work
Lxc version is : 3.0.2[built and installed manually ]
Query:
-
Should lxc-execute be run on the already created container.
Because , lxc-execute(1) - Linux manual page says lxc-execute will setup the container according to the configuration previously defined with the lxc-create -
I want to mount a folder from host to inside the container and access mounted folder to run the binary. Without attaching to the container how can i get into mounted directories from the container
-
init.lxc.static binary should be explicitly installed or is the the part make and make install?
Exact procedure to execute lxc-execute is not known
Error logs:
lxc-execute test 20210916154258.313 INFO utils - utils.c:get_rundir:273 - XDG_RUNTIME_DIR isn’t set in the environment.
lxc-execute test 20210916154258.313 INFO confile - confile.c:set_config_idmaps:1542 - Read uid map: type u nsid 0 hostid 231072 range 1002
lxc-execute test 20210916154258.313 INFO confile - confile.c:set_config_idmaps:1542 - Read uid map: type g nsid 0 hostid 231072 range 1003
lxc-execute test 20210916154258.313 INFO confile - confile.c:set_config_idmaps:1542 - Read uid map: type u nsid 1002 hostid 1002 range 1
lxc-execute test 20210916154258.313 INFO confile - confile.c:set_config_idmaps:1542 - Read uid map: type g nsid 1003 hostid 1003 range 1
lxc-execute test 20210916154258.313 INFO confile - confile.c:set_config_idmaps:1542 - Read uid map: type g nsid 1005 hostid 232076 range 64532
lxc-execute test 20210916154258.313 INFO lsm - lsm/lsm.c:lsm_init:47 - LSM security driver nop
lxc-execute test 20210916154258.313 INFO utils - utils.c:get_rundir:273 - XDG_RUNTIME_DIR isn’t set in the environment.
lxc-execute test 20210916154258.313 INFO terminal - terminal.c:lxc_terminal_setup:927 - No terminal requested
lxc-execute test 20210916154258.313 INFO start - start.c:lxc_init:866 - Container “test” is initialized
lxc-execute test 20210916154258.313 ERROR cgfsng - cgroups/cgfsng.c:create_path_for_hierarchy:1198 - The cgroup “/sys/fs/cgroup/systemd/user/appfw/0/lxc/test” already existed
lxc-execute test 20210916154258.313 ERROR cgfsng - cgroups/cgfsng.c:cgfsng_create:1287 - Failed to create cgroup “/sys/fs/cgroup/systemd/user/appfw/0/lxc/test”
lxc-execute test 20210916154258.314 DEBUG cgfsng - cgroups/cgfsng.c:cg_legacy_handle_cpuset_hierarchy:613 - “cgroup.clone_children” was already set to “1”
lxc-execute test 20210916154258.314 INFO start - start.c:lxc_spawn:1657 - Cloned CLONE_NEWUSER
lxc-execute test 20210916154258.314 INFO start - start.c:lxc_spawn:1657 - Cloned CLONE_NEWNS
lxc-execute test 20210916154258.314 INFO start - start.c:lxc_spawn:1657 - Cloned CLONE_NEWPID
lxc-execute test 20210916154258.314 INFO start - start.c:lxc_spawn:1657 - Cloned CLONE_NEWUTS
lxc-execute test 20210916154258.314 INFO start - start.c:lxc_spawn:1657 - Cloned CLONE_NEWIPC
lxc-execute test 20210916154258.314 DEBUG start - start.c:lxc_try_preserve_namespaces:205 - Preserved user namespace via fd 10
lxc-execute test 20210916154258.314 DEBUG start - start.c:lxc_try_preserve_namespaces:205 - Preserved mnt namespace via fd 11
lxc-execute test 20210916154258.314 DEBUG start - start.c:lxc_try_preserve_namespaces:205 - Preserved pid namespace via fd 12
lxc-execute test 20210916154258.314 DEBUG start - start.c:lxc_try_preserve_namespaces:205 - Preserved uts namespace via fd 13
lxc-execute test 20210916154258.314 DEBUG start - start.c:lxc_try_preserve_namespaces:205 - Preserved ipc namespace via fd 14
lxc-execute test 20210916154258.314 DEBUG conf - conf.c:idmaptool_on_path_and_privileged:2836 - The binary “/usr/bin/newuidmap” does have the setuid bit set
lxc-execute test 20210916154258.314 DEBUG conf - conf.c:idmaptool_on_path_and_privileged:2836 - The binary “/usr/bin/newgidmap” does have the setuid bit set
lxc-execute test 20210916154258.314 DEBUG conf - conf.c:lxc_map_ids:2928 - Functional newuidmap and newgidmap binary found
lxc-execute test 20210916154258.318 INFO start - start.c:do_start:1105 - Unshared CLONE_NEWNET
lxc-execute test 20210916154258.318 DEBUG conf - conf.c:idmaptool_on_path_and_privileged:2836 - The binary “/usr/bin/newuidmap” does have the setuid bit set
lxc-execute test 20210916154258.318 DEBUG conf - conf.c:idmaptool_on_path_and_privileged:2836 - The binary “/usr/bin/newgidmap” does have the setuid bit set
lxc-execute test 20210916154258.318 DEBUG conf - conf.c:lxc_map_ids:2928 - Functional newuidmap and newgidmap binary found
lxc-execute test 20210916154258.322 DEBUG start - start.c:lxc_spawn:1711 - Preserved net namespace via fd 6
lxc-execute test 20210916154258.322 ERROR start - start.c:lxc_spawn:1716 - Operation not permitted - Failed to allocate new network namespace id
lxc-execute test 20210916154258.322 NOTICE utils - utils.c:lxc_switch_uid_gid:2183 - Switched to gid 0.
lxc-execute test 20210916154258.322 NOTICE utils - utils.c:lxc_switch_uid_gid:2189 - Switched to uid 0.
lxc-execute test 20210916154258.322 NOTICE utils - utils.c:lxc_setgroups:2201 - Dropped additional groups.
lxc-execute test 20210916154258.322 INFO start - start.c:do_start:1213 - Unshared CLONE_NEWCGROUP
lxc-execute test 20210916154258.323 INFO conf - conf.c:mount_autodev:1129 - Preparing “/dev”
lxc-execute test 20210916154258.323 INFO conf - conf.c:mount_autodev:1176 - Prepared “/dev”
lxc-execute test 20210916154258.323 ERROR conf - conf.c:lxc_setup:3574 - No such file or directory - Unable to open lxc.init.static
lxc-execute test 20210916154258.323 ERROR start - start.c:do_start:1234 - Failed to setup container “test”
lxc-execute test 20210916154258.323 ERROR sync - sync.c:__sync_wait:59 - An error occurred in another process (expected sequence number 5)
lxc-execute test 20210916154258.323 DEBUG network - network.c:lxc_delete_network:3164 - Deleted network devices
lxc-execute test 20210916154258.323 INFO utils - utils.c:get_rundir:273 - XDG_RUNTIME_DIR isn’t set in the environment.
lxc-execute test 20210916154258.323 ERROR start - start.c:__lxc_start:1910 - Failed to spawn container “test”
lxc-execute test 20210916154258.323 INFO utils - utils.c:get_rundir:273 - XDG_RUNTIME_DIR isn’t set in the environment.
lxc-execute test 20210916154258.323 DEBUG conf - conf.c:idmaptool_on_path_and_privileged:2836 - The binary “/usr/bin/newuidmap” does have the setuid bit set
lxc-execute test 20210916154258.323 DEBUG conf - conf.c:idmaptool_on_path_and_privileged:2836 - The binary “/usr/bin/newgidmap” does have the setuid bit set
lxc-execute test 20210916154258.323 DEBUG conf - conf.c:lxc_map_ids:2928 - Functional newuidmap and newgidmap binary found
lxc-execute test 20210916154258.332 INFO utils - utils.c:get_rundir:273 - XDG_RUNTIME_DIR isn’t set in the environment.
lxc-execute test 20210916154258.374 ERROR lxc_execute - tools/lxc_execute.c:main:240 - Failed run an application inside container