LXD 4.0.1, lxcfs 4.0.3: limits.memory not honoured by container despite running lxcfs

pajot · August 1, 2020, 2:36pm

I have set limits.memory for a container, but the setting is ignored.

I have lxcfs running on the host:

# lxd --version
4.0.1
# lxcfs --version
4.0.3
# rc-service lxcfs status
 * status: started
# mount
lxcfs on /var/lib/lxcfs type fuse.lxcfs (rw,nosuid,nodev,relatime,user_id=0,group_id=0,allow_other)
tmpfs on /var/lib/lxd/shmounts type tmpfs (rw,relatime,size=100k,mode=711)
tmpfs on /var/lib/lxd/devlxd type tmpfs (rw,relatime,size=100k,mode=755)
tmpfs on /run/user/1000 type tmpfs (rw,nosuid,nodev,relatime,size=3280448k,mode=700,uid=1000,gid=1000)
zfs_lxd/containers/gentooC01 on /var/lib/lxd/storage-pools/lxd_zfs/containers/gentooC01 type zfs (rw,xattr,posixacl)

# lxc list
+-----------+---------+------+------+-----------+-----------+
|   NAME    |  STATE  | IPV4 | IPV6 |   TYPE    | SNAPSHOTS |
+-----------+---------+------+------+-----------+-----------+
| gentooC01 | STOPPED |      |      | CONTAINER | 0         |
+-----------+---------+------+------+-----------+-----------+
# lxc start gentooC01
# lxc list
+-----------+---------+---------------------+-----------------------------------------------+-----------+-----------+
|   NAME    |  STATE  |        IPV4         |                     IPV6                      |   TYPE    | SNAPSHOTS |
+-----------+---------+---------------------+-----------------------------------------------+-----------+-----------+
| gentooC01 | RUNNING | 10.248.20.57 (eth0) | fd42:9c78:69e0:463f:216:3eff:fe6d:d6ba (eth0) | CONTAINER | 0         |
+-----------+---------+---------------------+-----------------------------------------------+-----------+-----------+
# lxc config show gentooC01
architecture: x86_64
config:
  image.architecture: amd64
  image.description: Gentoo current amd64 (20200731_16:07)
  image.os: Gentoo
  image.release: current
  image.serial: "20200731_16:07"
  image.type: squashfs
  limits.memory: 1024MB
  volatile.base_image: 966106a9d0cd5cff89e6896c477f31e8cb881daeeab9e7e9fb0dee2a4fd0a873
  volatile.eth0.host_name: veth09cf5094
  volatile.eth0.hwaddr: 00:16:3e:6d:d6:ba
  volatile.idmap.base: "0"
  volatile.idmap.current: '[{"Isuid":true,"Isgid":false,"Hostid":1000000,"Nsid":0,"Maprange":65536},{"Isuid":false,"Isgid":true,"Hostid":1000000,"Nsid":0,"Maprange":65536}]'
  volatile.idmap.next: '[{"Isuid":true,"Isgid":false,"Hostid":1000000,"Nsid":0,"Maprange":65536},{"Isuid":false,"Isgid":true,"Hostid":1000000,"Nsid":0,"Maprange":65536}]'
  volatile.last_state.idmap: '[{"Isuid":true,"Isgid":false,"Hostid":1000000,"Nsid":0,"Maprange":65536},{"Isuid":false,"Isgid":true,"Hostid":1000000,"Nsid":0,"Maprange":65536}]'
  volatile.last_state.power: RUNNING
devices: {}
ephemeral: false
profiles:
- default
stateful: false
description: ""

But in the container, the limits are not applied:

$ lxc exec gentooC01 /bin/bash
gentooC01 ~ # free 
              total        used        free      shared  buff/cache   available
Mem:       32804508     4273444    23502984      480012     5028080    27734920
Swap:      32813020           0    32813020
gentooC01 ~ # cat /proc/meminfo
MemTotal:       32804508 kB
MemFree:        23502432 kB
MemAvailable:   27735212 kB
Buffers:          462952 kB
Cached:          4233792 kB
SwapCached:            0 kB
Active:          3448792 kB
Inactive:        3806896 kB
Active(anon):    2575496 kB
Inactive(anon):   446304 kB
Active(file):     873296 kB
Inactive(file):  3360592 kB
Unevictable:          32 kB
Mlocked:              32 kB
SwapTotal:      32813020 kB
SwapFree:       32813020 kB
Dirty:               152 kB
Writeback:             0 kB
AnonPages:       2559004 kB
Mapped:           934648 kB
Shmem:            480356 kB
Slab:             466060 kB
SReclaimable:     332524 kB
SUnreclaim:       133536 kB
KernelStack:       13344 kB
PageTables:        24880 kB
NFS_Unstable:          0 kB
Bounce:                0 kB
WritebackTmp:          0 kB
CommitLimit:    49215272 kB
Committed_AS:    6557056 kB
VmallocTotal:   34359738367 kB
VmallocUsed:           0 kB
VmallocChunk:          0 kB
Percpu:             1264 kB
HugePages_Total:       0
HugePages_Free:        0
HugePages_Rsvd:        0
HugePages_Surp:        0
Hugepagesize:       2048 kB
Hugetlb:               0 kB
DirectMap4k:      188200 kB
DirectMap2M:    14364672 kB
DirectMap1G:    19922944 kB
gentooC01 ~ #

The log on the host might provide a clue (sorry for the log messages in German; the error message is “File exists”):

# cat /var/log/lxd/gentooC01/lxc.log
lxc gentooC01 20200801130211.143 WARN     cgfsng - cgroups/cgfsng.c:cgroup_tree_create:1157 - Die Datei existiert bereits - The /sys/fs/cgroup/cpuset//lxc.monitor.gentooC01 cgroup already existed
lxc gentooC01 20200801130211.143 ERROR    cgfsng - cgroups/cgfsng.c:cgfsng_monitor_create:1264 - Failed to create cgroup "(null)"
lxc gentooC01 20200801130211.143 WARN     cgfsng - cgroups/cgfsng.c:cgroup_tree_create:1157 - Die Datei existiert bereits - The /sys/fs/cgroup/cpuset//lxc.monitor.gentooC01-1 cgroup already existed
lxc gentooC01 20200801130211.143 ERROR    cgfsng - cgroups/cgfsng.c:cgfsng_monitor_create:1264 - Failed to create cgroup "(null)"
lxc gentooC01 20200801130211.143 WARN     cgfsng - cgroups/cgfsng.c:cgroup_tree_create:1157 - Die Datei existiert bereits - The /sys/fs/cgroup/cpuset//lxc.monitor.gentooC01-2 cgroup already existed
lxc gentooC01 20200801130211.143 ERROR    cgfsng - cgroups/cgfsng.c:cgfsng_monitor_create:1264 - Failed to create cgroup "(null)"
lxc gentooC01 20200801130211.143 ERROR    cgfsng - cgroups/cgfsng.c:mkdir_eexist_on_last:1143 - Die Datei existiert bereits - Failed to create directory "/sys/fs/cgroup/cpuset//lxc.monitor.gentooC01-3"
lxc gentooC01 20200801130211.143 ERROR    cgfsng - cgroups/cgfsng.c:mkdir_eexist_on_last:1143 - Die Datei existiert bereits - Failed to create directory "/sys/fs/cgroup/cpuset//lxc.payload.gentooC01"
lxc gentooC01 20200801130211.144 ERROR    utils - utils.c:lxc_can_use_pidfd:1834 - Kernel does not support pidfds

Here is lxc info:

# lxc info
config: {}
api_extensions:
- storage_zfs_remove_snapshots
- container_host_shutdown_timeout
- container_stop_priority
- container_syscall_filtering
- auth_pki
- container_last_used_at
- etag
- patch
- usb_devices
- https_allowed_credentials
- image_compression_algorithm
- directory_manipulation
- container_cpu_time
- storage_zfs_use_refquota
- storage_lvm_mount_options
- network
- profile_usedby
- container_push
- container_exec_recording
- certificate_update
- container_exec_signal_handling
- gpu_devices
- container_image_properties
- migration_progress
- id_map
- network_firewall_filtering
- network_routes
- storage
- file_delete
- file_append
- network_dhcp_expiry
- storage_lvm_vg_rename
- storage_lvm_thinpool_rename
- network_vlan
- image_create_aliases
- container_stateless_copy
- container_only_migration
- storage_zfs_clone_copy
- unix_device_rename
- storage_lvm_use_thinpool
- storage_rsync_bwlimit
- network_vxlan_interface
- storage_btrfs_mount_options
- entity_description
- image_force_refresh
- storage_lvm_lv_resizing
- id_map_base
- file_symlinks
- container_push_target
- network_vlan_physical
- storage_images_delete
- container_edit_metadata
- container_snapshot_stateful_migration
- storage_driver_ceph
- storage_ceph_user_name
- resource_limits
- storage_volatile_initial_source
- storage_ceph_force_osd_reuse
- storage_block_filesystem_btrfs
- resources
- kernel_limits
- storage_api_volume_rename
- macaroon_authentication
- network_sriov
- console
- restrict_devlxd
- migration_pre_copy
- infiniband
- maas_network
- devlxd_events
- proxy
- network_dhcp_gateway
- file_get_symlink
- network_leases
- unix_device_hotplug
- storage_api_local_volume_handling
- operation_description
- clustering
- event_lifecycle
- storage_api_remote_volume_handling
- nvidia_runtime
- container_mount_propagation
- container_backup
- devlxd_images
- container_local_cross_pool_handling
- proxy_unix
- proxy_udp
- clustering_join
- proxy_tcp_udp_multi_port_handling
- network_state
- proxy_unix_dac_properties
- container_protection_delete
- unix_priv_drop
- pprof_http
- proxy_haproxy_protocol
- network_hwaddr
- proxy_nat
- network_nat_order
- container_full
- candid_authentication
- backup_compression
- candid_config
- nvidia_runtime_config
- storage_api_volume_snapshots
- storage_unmapped
- projects
- candid_config_key
- network_vxlan_ttl
- container_incremental_copy
- usb_optional_vendorid
- snapshot_scheduling
- container_copy_project
- clustering_server_address
- clustering_image_replication
- container_protection_shift
- snapshot_expiry
- container_backup_override_pool
- snapshot_expiry_creation
- network_leases_location
- resources_cpu_socket
- resources_gpu
- resources_numa
- kernel_features
- id_map_current
- event_location
- storage_api_remote_volume_snapshots
- network_nat_address
- container_nic_routes
- rbac
- cluster_internal_copy
- seccomp_notify
- lxc_features
- container_nic_ipvlan
- network_vlan_sriov
- storage_cephfs
- container_nic_ipfilter
- resources_v2
- container_exec_user_group_cwd
- container_syscall_intercept
- container_disk_shift
- storage_shifted
- resources_infiniband
- daemon_storage
- instances
- image_types
- resources_disk_sata
- clustering_roles
- images_expiry
- resources_network_firmware
- backup_compression_algorithm
- ceph_data_pool_name
- container_syscall_intercept_mount
- compression_squashfs
- container_raw_mount
- container_nic_routed
- container_syscall_intercept_mount_fuse
- container_disk_ceph
- virtual-machines
- image_profiles
- clustering_architecture
- resources_disk_id
- storage_lvm_stripes
- vm_boot_priority
- unix_hotplug_devices
- api_filtering
- instance_nic_network
- clustering_sizing
- firewall_driver
- projects_limits
- container_syscall_intercept_hugetlbfs
- limits_hugepages
- container_nic_routed_gateway
- projects_restrictions
- custom_volume_snapshot_expiry
- volume_snapshot_scheduling
- trust_ca_certificates
- snapshot_disk_usage
- clustering_edit_roles
- container_nic_routed_host_address
- container_nic_ipvlan_gateway
- resources_usb_pci
- resources_cpu_threads_numa
- resources_cpu_core_die
- api_os
- resources_system
api_status: stable
api_version: "1.0"
auth: trusted
public: false
auth_methods:
- tls
environment:
  addresses: []
  architectures:
  - x86_64
  - i686
  certificate: |
    -----BEGIN CERTIFICATE-----
    -----END CERTIFICATE-----
  certificate_fingerprint: 
  driver: lxc
  driver_version: 4.0.2
  firewall: xtables
  kernel: Linux
  kernel_architecture: x86_64
  kernel_features:
    netnsid_getifaddrs: "false"
    seccomp_listener: "false"
    seccomp_listener_continue: "false"
    shiftfs: "false"
    uevent_injection: "true"
    unpriv_fscaps: "true"
  kernel_version: 4.19.97-gentoo
  lxc_features:
    cgroup2: "true"
    mount_injection_file: "true"
    network_gateway_device_route: "true"
    network_ipvlan: "true"
    network_l2proxy: "true"
    network_phys_macvlan_mtu: "true"
    network_veth_router: "true"
    seccomp_notify: "true"
  os_name: Gentoo
  os_version: ""
  project: default
  server: lxd
  server_clustered: false
  server_name: t470
  server_pid: 4909
  server_version: 4.0.1
  storage: zfs
  storage_version: 0.8.4-r0-gentoo

Here is the complete log with --debug set:

lxc gentooC01 20200801134013.516 TRACE    commands - commands.c:lxc_cmd:285 - Verbindungsaufbau abgelehnt - Command "get_state" failed to connect command socket
lxc gentooC01 20200801134013.516 TRACE    start - start.c:lxc_init_handler:701 - Created anonymous pair {3,7} of unix sockets
lxc gentooC01 20200801134013.516 TRACE    commands - commands.c:lxc_cmd_init:1582 - Created abstract unix socket "/var/lib/lxd/containers/gentooC01/command"
lxc gentooC01 20200801134013.516 TRACE    start - start.c:lxc_init_handler:714 - Unix domain socket 9 for command server is ready
lxc gentooC01 20200801134013.517 INFO     lxccontainer - lxccontainer.c:do_lxcapi_start:972 - Set process title to [lxc monitor] /var/lib/lxd/containers gentooC01
lxc gentooC01 20200801134013.518 DEBUG    lxccontainer - lxccontainer.c:wait_on_daemonized_start:830 - First child 800 exited
lxc gentooC01 20200801134013.519 INFO     start - start.c:lxc_check_inherited:277 - Closed inherited fd 4
lxc gentooC01 20200801134013.519 INFO     start - start.c:lxc_check_inherited:277 - Closed inherited fd 5
lxc gentooC01 20200801134013.519 INFO     start - start.c:lxc_check_inherited:277 - Closed inherited fd 6
lxc gentooC01 20200801134013.519 TRACE    start - start.c:lxc_start:2068 - Doing lxc_start
lxc gentooC01 20200801134013.520 INFO     lsm - lsm/lsm.c:lsm_init:29 - LSM security driver nop
lxc gentooC01 20200801134013.520 TRACE    start - start.c:lxc_init:738 - Initialized LSM
lxc gentooC01 20200801134013.520 TRACE    start - start.c:lxc_serve_state_clients:427 - Set container state to STARTING
lxc gentooC01 20200801134013.520 TRACE    start - start.c:lxc_serve_state_clients:430 - No state clients registered
lxc gentooC01 20200801134013.520 TRACE    start - start.c:lxc_init:744 - Set container state to "STARTING"
lxc gentooC01 20200801134013.520 TRACE    start - start.c:lxc_init:800 - Set environment variables
lxc gentooC01 20200801134013.520 INFO     conf - conf.c:run_script_argv:342 - Executing script "/proc/616/exe callhook /var/lib/lxd 1 start" for container "gentooC01"
lxc gentooC01 20200801134013.520 TRACE    conf - conf.c:run_script_argv:385 - Set environment variable: LXC_HOOK_TYPE=pre-start
lxc gentooC01 20200801134013.520 TRACE    conf - conf.c:run_script_argv:390 - Set environment variable: LXC_HOOK_SECTION=lxc
lxc gentooC01 20200801134013.576 TRACE    start - start.c:lxc_init:805 - Ran pre-start hooks
lxc gentooC01 20200801134013.576 TRACE    start - start.c:setup_signal_fd:320 - Created signal file descriptor 5
lxc gentooC01 20200801134013.576 TRACE    start - start.c:lxc_init:814 - Set up signal fd
lxc gentooC01 20200801134013.577 DEBUG    terminal - terminal.c:lxc_terminal_peer_default:655 - Kein passendes Gerät gefunden - The process does not have a controlling terminal
lxc gentooC01 20200801134013.577 DEBUG    terminal - terminal.c:lxc_terminal_create_log_file:827 - Using "/var/log/lxd/gentooC01/console.log" as terminal log file
lxc gentooC01 20200801134013.577 TRACE    terminal - terminal.c:lxc_terminal_create_ringbuf:808 - Allocated 131072 byte terminal ringbuffer
lxc gentooC01 20200801134013.577 TRACE    start - start.c:lxc_init:822 - Created console
lxc gentooC01 20200801134013.577 TRACE    terminal - terminal.c:lxc_terminal_map_ids:1176 - Chowned terminal "/dev/pts/5"
lxc gentooC01 20200801134013.577 TRACE    start - start.c:lxc_init:829 - Chowned console
lxc gentooC01 20200801134013.577 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_basecg_debuginfo:939 - basecginfo is:
lxc gentooC01 20200801134013.577 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_basecg_debuginfo:940 - 7:net_cls:/
6:freezer:/
5:devices:/
4:cpuacct:/
3:cpu:/
2:cpuset:/
1:name=openrc:/
0::/

lxc gentooC01 20200801134013.577 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_basecg_debuginfo:943 - kernel subsystem 0: net_cls
lxc gentooC01 20200801134013.577 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_basecg_debuginfo:943 - kernel subsystem 1: freezer
lxc gentooC01 20200801134013.577 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_basecg_debuginfo:943 - kernel subsystem 2: devices
lxc gentooC01 20200801134013.577 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_basecg_debuginfo:943 - kernel subsystem 3: cpuacct
lxc gentooC01 20200801134013.577 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_basecg_debuginfo:943 - kernel subsystem 4: cpu
lxc gentooC01 20200801134013.577 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_basecg_debuginfo:943 - kernel subsystem 5: cpuset
lxc gentooC01 20200801134013.577 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_basecg_debuginfo:943 - kernel subsystem 6: cgroup2
lxc gentooC01 20200801134013.577 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_basecg_debuginfo:946 - named subsystem 0: name=openrc
lxc gentooC01 20200801134013.577 TRACE    cgfsng - cgroups/cgfsng.c:cg_hybrid_init:3136 - No controllers are enabled for delegation in the unified hierarchy
lxc gentooC01 20200801134013.577 TRACE    cgfsng - cgroups/cgfsng.c:cg_hybrid_init:3155 - Writable cgroup hierarchies:
lxc gentooC01 20200801134013.577 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:920 -   Hierarchies:
lxc gentooC01 20200801134013.577 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:925 -   0: base_cgroup: /
lxc gentooC01 20200801134013.577 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:926 -       mountpoint:  /sys/fs/cgroup/openrc
lxc gentooC01 20200801134013.577 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:927 -       controllers:
lxc gentooC01 20200801134013.577 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:929 -       0: name=openrc
lxc gentooC01 20200801134013.577 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:925 -   1: base_cgroup: /
lxc gentooC01 20200801134013.577 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:926 -       mountpoint:  /sys/fs/cgroup/unified
lxc gentooC01 20200801134013.577 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:927 -       controllers:
lxc gentooC01 20200801134013.577 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:925 -   2: base_cgroup: /
lxc gentooC01 20200801134013.577 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:926 -       mountpoint:  /sys/fs/cgroup/cpuset
lxc gentooC01 20200801134013.577 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:927 -       controllers:
lxc gentooC01 20200801134013.577 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:929 -       0: cpuset
lxc gentooC01 20200801134013.577 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:925 -   3: base_cgroup: /
lxc gentooC01 20200801134013.577 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:926 -       mountpoint:  /sys/fs/cgroup/cpu
lxc gentooC01 20200801134013.577 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:927 -       controllers:
lxc gentooC01 20200801134013.577 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:929 -       0: cpu
lxc gentooC01 20200801134013.577 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:925 -   4: base_cgroup: /
lxc gentooC01 20200801134013.577 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:926 -       mountpoint:  /sys/fs/cgroup/cpuacct
lxc gentooC01 20200801134013.577 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:927 -       controllers:
lxc gentooC01 20200801134013.577 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:929 -       0: cpuacct
lxc gentooC01 20200801134013.577 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:925 -   5: base_cgroup: /
lxc gentooC01 20200801134013.577 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:926 -       mountpoint:  /sys/fs/cgroup/devices
lxc gentooC01 20200801134013.577 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:927 -       controllers:
lxc gentooC01 20200801134013.577 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:929 -       0: devices
lxc gentooC01 20200801134013.577 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:925 -   6: base_cgroup: /
lxc gentooC01 20200801134013.577 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:926 -       mountpoint:  /sys/fs/cgroup/freezer
lxc gentooC01 20200801134013.577 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:927 -       controllers:
lxc gentooC01 20200801134013.577 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:929 -       0: freezer
lxc gentooC01 20200801134013.577 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:925 -   7: base_cgroup: /
lxc gentooC01 20200801134013.577 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:926 -       mountpoint:  /sys/fs/cgroup/net_cls
lxc gentooC01 20200801134013.577 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:927 -       controllers:
lxc gentooC01 20200801134013.577 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:929 -       0: net_cls
lxc gentooC01 20200801134013.577 TRACE    cgroup - cgroups/cgroup.c:cgroup_init:40 - Initialized cgroup driver cgfsng
lxc gentooC01 20200801134013.577 TRACE    cgroup - cgroups/cgroup.c:cgroup_init:45 - Running with hybrid cgroup layout
lxc gentooC01 20200801134013.577 TRACE    start - start.c:lxc_init:836 - Initialized cgroup driver
lxc gentooC01 20200801134013.577 TRACE    seccomp - seccomp.c:get_new_ctx:469 - Added arch 2 to main seccomp context
lxc gentooC01 20200801134013.577 TRACE    seccomp - seccomp.c:get_new_ctx:477 - Removed native arch from main seccomp context
lxc gentooC01 20200801134013.577 TRACE    seccomp - seccomp.c:get_new_ctx:469 - Added arch 3 to main seccomp context
lxc gentooC01 20200801134013.577 TRACE    seccomp - seccomp.c:get_new_ctx:477 - Removed native arch from main seccomp context
lxc gentooC01 20200801134013.577 TRACE    seccomp - seccomp.c:get_new_ctx:482 - Arch 4 already present in main seccomp context
lxc gentooC01 20200801134013.577 INFO     seccomp - seccomp.c:parse_config_v2:770 - Processing "reject_force_umount  # comment this to allow umount -f;  not recommended"
lxc gentooC01 20200801134013.577 INFO     seccomp - seccomp.c:do_resolve_add_rule:516 - Set seccomp rule to reject force umounts
lxc gentooC01 20200801134013.577 INFO     seccomp - seccomp.c:parse_config_v2:965 - Added native rule for arch 0 for reject_force_umount action 0(kill)
lxc gentooC01 20200801134013.577 INFO     seccomp - seccomp.c:do_resolve_add_rule:516 - Set seccomp rule to reject force umounts
lxc gentooC01 20200801134013.577 INFO     seccomp - seccomp.c:parse_config_v2:974 - Added compat rule for arch 1073741827 for reject_force_umount action 0(kill)
lxc gentooC01 20200801134013.577 INFO     seccomp - seccomp.c:do_resolve_add_rule:516 - Set seccomp rule to reject force umounts
lxc gentooC01 20200801134013.577 INFO     seccomp - seccomp.c:parse_config_v2:984 - Added compat rule for arch 1073741886 for reject_force_umount action 0(kill)
lxc gentooC01 20200801134013.577 INFO     seccomp - seccomp.c:do_resolve_add_rule:516 - Set seccomp rule to reject force umounts
lxc gentooC01 20200801134013.577 INFO     seccomp - seccomp.c:parse_config_v2:994 - Added native rule for arch -1073741762 for reject_force_umount action 0(kill)
lxc gentooC01 20200801134013.577 INFO     seccomp - seccomp.c:parse_config_v2:770 - Processing "[all]"
lxc gentooC01 20200801134013.577 INFO     seccomp - seccomp.c:parse_config_v2:770 - Processing "kexec_load errno 38"
lxc gentooC01 20200801134013.577 INFO     seccomp - seccomp.c:parse_config_v2:965 - Added native rule for arch 0 for kexec_load action 327718(errno)
lxc gentooC01 20200801134013.577 INFO     seccomp - seccomp.c:parse_config_v2:974 - Added compat rule for arch 1073741827 for kexec_load action 327718(errno)
lxc gentooC01 20200801134013.577 INFO     seccomp - seccomp.c:parse_config_v2:984 - Added compat rule for arch 1073741886 for kexec_load action 327718(errno)
lxc gentooC01 20200801134013.577 INFO     seccomp - seccomp.c:parse_config_v2:994 - Added native rule for arch -1073741762 for kexec_load action 327718(errno)
lxc gentooC01 20200801134013.577 INFO     seccomp - seccomp.c:parse_config_v2:770 - Processing "open_by_handle_at errno 38"
lxc gentooC01 20200801134013.578 INFO     seccomp - seccomp.c:parse_config_v2:965 - Added native rule for arch 0 for open_by_handle_at action 327718(errno)
lxc gentooC01 20200801134013.578 INFO     seccomp - seccomp.c:parse_config_v2:974 - Added compat rule for arch 1073741827 for open_by_handle_at action 327718(errno)
lxc gentooC01 20200801134013.578 INFO     seccomp - seccomp.c:parse_config_v2:984 - Added compat rule for arch 1073741886 for open_by_handle_at action 327718(errno)
lxc gentooC01 20200801134013.578 INFO     seccomp - seccomp.c:parse_config_v2:994 - Added native rule for arch -1073741762 for open_by_handle_at action 327718(errno)
lxc gentooC01 20200801134013.578 INFO     seccomp - seccomp.c:parse_config_v2:770 - Processing "init_module errno 38"
lxc gentooC01 20200801134013.578 INFO     seccomp - seccomp.c:parse_config_v2:965 - Added native rule for arch 0 for init_module action 327718(errno)
lxc gentooC01 20200801134013.578 INFO     seccomp - seccomp.c:parse_config_v2:974 - Added compat rule for arch 1073741827 for init_module action 327718(errno)
lxc gentooC01 20200801134013.578 INFO     seccomp - seccomp.c:parse_config_v2:984 - Added compat rule for arch 1073741886 for init_module action 327718(errno)
lxc gentooC01 20200801134013.578 INFO     seccomp - seccomp.c:parse_config_v2:994 - Added native rule for arch -1073741762 for init_module action 327718(errno)
lxc gentooC01 20200801134013.578 INFO     seccomp - seccomp.c:parse_config_v2:770 - Processing "finit_module errno 38"
lxc gentooC01 20200801134013.578 INFO     seccomp - seccomp.c:parse_config_v2:965 - Added native rule for arch 0 for finit_module action 327718(errno)
lxc gentooC01 20200801134013.578 INFO     seccomp - seccomp.c:parse_config_v2:974 - Added compat rule for arch 1073741827 for finit_module action 327718(errno)
lxc gentooC01 20200801134013.578 INFO     seccomp - seccomp.c:parse_config_v2:984 - Added compat rule for arch 1073741886 for finit_module action 327718(errno)
lxc gentooC01 20200801134013.578 INFO     seccomp - seccomp.c:parse_config_v2:994 - Added native rule for arch -1073741762 for finit_module action 327718(errno)
lxc gentooC01 20200801134013.578 INFO     seccomp - seccomp.c:parse_config_v2:770 - Processing "delete_module errno 38"
lxc gentooC01 20200801134013.578 INFO     seccomp - seccomp.c:parse_config_v2:965 - Added native rule for arch 0 for delete_module action 327718(errno)
lxc gentooC01 20200801134013.578 INFO     seccomp - seccomp.c:parse_config_v2:974 - Added compat rule for arch 1073741827 for delete_module action 327718(errno)
lxc gentooC01 20200801134013.578 INFO     seccomp - seccomp.c:parse_config_v2:984 - Added compat rule for arch 1073741886 for delete_module action 327718(errno)
lxc gentooC01 20200801134013.578 INFO     seccomp - seccomp.c:parse_config_v2:994 - Added native rule for arch -1073741762 for delete_module action 327718(errno)
lxc gentooC01 20200801134013.578 INFO     seccomp - seccomp.c:parse_config_v2:1000 - Merging compat seccomp contexts into main context
lxc gentooC01 20200801134013.578 TRACE    seccomp - seccomp.c:parse_config_v2:1010 - Merged first compat seccomp context into main context
lxc gentooC01 20200801134013.578 TRACE    seccomp - seccomp.c:parse_config_v2:1026 - Merged second compat seccomp context into main context
lxc gentooC01 20200801134013.578 TRACE    start - start.c:lxc_init:841 - Read seccomp policy
lxc gentooC01 20200801134013.578 TRACE    start - start.c:lxc_init:848 - Initialized LSM
lxc gentooC01 20200801134013.578 INFO     start - start.c:lxc_init:850 - Container "gentooC01" is initialized
lxc gentooC01 20200801134013.578 WARN     cgfsng - cgroups/cgfsng.c:cgroup_tree_create:1157 - Die Datei existiert bereits - The /sys/fs/cgroup/cpuset//lxc.monitor.gentooC01 cgroup already existed
lxc gentooC01 20200801134013.578 ERROR    cgfsng - cgroups/cgfsng.c:cgfsng_monitor_create:1264 - Failed to create cgroup "(null)"
lxc gentooC01 20200801134013.578 WARN     cgfsng - cgroups/cgfsng.c:cgroup_tree_create:1157 - Die Datei existiert bereits - The /sys/fs/cgroup/cpuset//lxc.monitor.gentooC01-1 cgroup already existed
lxc gentooC01 20200801134013.578 ERROR    cgfsng - cgroups/cgfsng.c:cgfsng_monitor_create:1264 - Failed to create cgroup "(null)"
lxc gentooC01 20200801134013.578 WARN     cgfsng - cgroups/cgfsng.c:cgroup_tree_create:1157 - Die Datei existiert bereits - The /sys/fs/cgroup/cpuset//lxc.monitor.gentooC01-2 cgroup already existed
lxc gentooC01 20200801134013.578 ERROR    cgfsng - cgroups/cgfsng.c:cgfsng_monitor_create:1264 - Failed to create cgroup "(null)"
lxc gentooC01 20200801134013.578 WARN     cgfsng - cgroups/cgfsng.c:cgroup_tree_create:1157 - Die Datei existiert bereits - The /sys/fs/cgroup/cpuset//lxc.monitor.gentooC01-3 cgroup already existed
lxc gentooC01 20200801134013.578 ERROR    cgfsng - cgroups/cgfsng.c:cgfsng_monitor_create:1264 - Failed to create cgroup "(null)"
lxc gentooC01 20200801134013.578 TRACE    cgfsng - cgroups/cgfsng.c:cg_legacy_filter_and_set_cpus:448 - Copied cpu settings of parent cgroup
lxc gentooC01 20200801134013.578 ERROR    cgfsng - cgroups/cgfsng.c:mkdir_eexist_on_last:1143 - Die Datei existiert bereits - Failed to create directory "/sys/fs/cgroup/cpuset//lxc.monitor.gentooC01-4"
lxc gentooC01 20200801134013.578 INFO     cgfsng - cgroups/cgfsng.c:cgfsng_monitor_create:1277 - The monitor process uses "lxc.monitor.gentooC01-4" as cgroup
lxc gentooC01 20200801134013.578 DEBUG    storage - storage/storage.c:get_storage_by_name:211 - Detected rootfs type "dir"
lxc gentooC01 20200801134013.579 TRACE    cgfsng - cgroups/cgfsng.c:cg_legacy_filter_and_set_cpus:448 - Copied cpu settings of parent cgroup
lxc gentooC01 20200801134013.579 ERROR    cgfsng - cgroups/cgfsng.c:mkdir_eexist_on_last:1143 - Die Datei existiert bereits - Failed to create directory "/sys/fs/cgroup/cpuset//lxc.payload.gentooC01"
lxc gentooC01 20200801134013.579 INFO     cgfsng - cgroups/cgfsng.c:cgfsng_payload_create:1356 - The container process uses "lxc.payload.gentooC01" as cgroup
lxc gentooC01 20200801134013.579 TRACE    start - start.c:lxc_spawn:1648 - Cloned child process 833
lxc gentooC01 20200801134013.579 ERROR    utils - utils.c:lxc_can_use_pidfd:1834 - Kernel does not support pidfds
lxc gentooC01 20200801134013.579 INFO     start - start.c:lxc_spawn:1664 - Cloned CLONE_NEWUSER
lxc gentooC01 20200801134013.579 INFO     start - start.c:lxc_spawn:1664 - Cloned CLONE_NEWNS
lxc gentooC01 20200801134013.579 INFO     start - start.c:lxc_spawn:1664 - Cloned CLONE_NEWPID
lxc gentooC01 20200801134013.579 INFO     start - start.c:lxc_spawn:1664 - Cloned CLONE_NEWUTS
lxc gentooC01 20200801134013.579 INFO     start - start.c:lxc_spawn:1664 - Cloned CLONE_NEWIPC
lxc gentooC01 20200801134013.579 DEBUG    start - start.c:lxc_try_preserve_namespaces:165 - Preserved user namespace via fd 25
lxc gentooC01 20200801134013.579 DEBUG    start - start.c:lxc_try_preserve_namespaces:165 - Preserved mnt namespace via fd 26
lxc gentooC01 20200801134013.579 DEBUG    start - start.c:lxc_try_preserve_namespaces:165 - Preserved pid namespace via fd 27
lxc gentooC01 20200801134013.579 DEBUG    start - start.c:lxc_try_preserve_namespaces:165 - Preserved uts namespace via fd 28
lxc gentooC01 20200801134013.579 DEBUG    start - start.c:lxc_try_preserve_namespaces:165 - Preserved ipc namespace via fd 29
lxc gentooC01 20200801134013.579 DEBUG    conf - conf.c:idmaptool_on_path_and_privileged:2642 - The binary "/usr/bin/newuidmap" does have the setuid bit set
lxc gentooC01 20200801134013.579 DEBUG    conf - conf.c:idmaptool_on_path_and_privileged:2642 - The binary "/usr/bin/newgidmap" does have the setuid bit set
lxc gentooC01 20200801134013.579 DEBUG    conf - conf.c:lxc_map_ids:2710 - Functional newuidmap and newgidmap binary found
lxc gentooC01 20200801134013.583 TRACE    conf - conf.c:lxc_map_ids:2780 - newuidmap wrote mapping "newuidmap 833 0 1000000 65536"
lxc gentooC01 20200801134013.586 TRACE    conf - conf.c:lxc_map_ids:2780 - newgidmap wrote mapping "newgidmap 833 0 1000000 65536"
lxc gentooC01 20200801134013.586 INFO     start - start.c:do_start:1098 - Unshared CLONE_NEWNET
lxc gentooC01 20200801134013.587 TRACE    conf - conf.c:get_minimal_idmap:4015 - Allocated minimal idmapping for ns uid 0 and ns gid 0
lxc gentooC01 20200801134013.588 TRACE    conf - conf.c:userns_exec_1:4080 - Establishing uid mapping for "842" in new user namespace: nsuid 65536 - hostid 0 - range 1
lxc gentooC01 20200801134013.588 TRACE    conf - conf.c:userns_exec_1:4080 - Establishing uid mapping for "842" in new user namespace: nsuid 0 - hostid 1000000 - range 65536
lxc gentooC01 20200801134013.588 TRACE    conf - conf.c:userns_exec_1:4080 - Establishing gid mapping for "842" in new user namespace: nsuid 65536 - hostid 0 - range 1
lxc gentooC01 20200801134013.588 TRACE    conf - conf.c:userns_exec_1:4080 - Establishing gid mapping for "842" in new user namespace: nsuid 0 - hostid 1000000 - range 65536
lxc gentooC01 20200801134013.588 DEBUG    conf - conf.c:idmaptool_on_path_and_privileged:2642 - The binary "/usr/bin/newuidmap" does have the setuid bit set
lxc gentooC01 20200801134013.588 DEBUG    conf - conf.c:idmaptool_on_path_and_privileged:2642 - The binary "/usr/bin/newgidmap" does have the setuid bit set
lxc gentooC01 20200801134013.588 DEBUG    conf - conf.c:lxc_map_ids:2710 - Functional newuidmap and newgidmap binary found
lxc gentooC01 20200801134013.592 TRACE    conf - conf.c:lxc_map_ids:2780 - newuidmap wrote mapping "newuidmap 842 65536 0 1 0 1000000 65536"
lxc gentooC01 20200801134013.595 TRACE    conf - conf.c:lxc_map_ids:2780 - newgidmap wrote mapping "newgidmap 842 65536 0 1 0 1000000 65536"
lxc gentooC01 20200801134013.595 TRACE    conf - conf.c:run_userns_fn:3857 - Calling function "chown_cgroup_wrapper"
lxc gentooC01 20200801134013.595 NOTICE   utils - utils.c:lxc_setgroups:1366 - Dropped additional groups
lxc gentooC01 20200801134013.596 DEBUG    start - start.c:lxc_spawn:1737 - Preserved net namespace via fd 4
lxc gentooC01 20200801134013.596 TRACE    start - start.c:lxc_spawn:1744 - Allocated new network namespace id
lxc gentooC01 20200801134013.596 DEBUG    network - network.c:instantiate_phys:827 - Instantiated phys "veth890240b8" with ifindex is "20"
lxc gentooC01 20200801134013.611 DEBUG    network - network.c:lxc_network_move_created_netdev_priv:3131 - Moved network device "veth890240b8" with ifindex 20 to network namespace of 833
lxc gentooC01 20200801134013.611 TRACE    network - network.c:lxc_network_send_to_child:3586 - Sent network device name "veth890240b8" to child
lxc gentooC01 20200801134013.611 TRACE    network - network.c:lxc_network_recv_from_parent:3613 - Received network device name "veth890240b8" from parent
lxc gentooC01 20200801134013.611 NOTICE   utils - utils.c:lxc_setgroups:1366 - Dropped additional groups
lxc gentooC01 20200801134013.611 NOTICE   utils - utils.c:lxc_switch_uid_gid:1344 - Switched to gid 0
lxc gentooC01 20200801134013.611 NOTICE   utils - utils.c:lxc_switch_uid_gid:1353 - Switched to uid 0
lxc gentooC01 20200801134013.611 INFO     start - start.c:do_start:1211 - Unshared CLONE_NEWCGROUP
lxc gentooC01 20200801134013.611 TRACE    conf - conf.c:remount_all_slave:3094 - Remounted all mount table entries as MS_SLAVE
lxc gentooC01 20200801134013.611 DEBUG    storage - storage/storage.c:get_storage_by_name:211 - Detected rootfs type "dir"
lxc gentooC01 20200801134013.611 TRACE    dir - storage/dir.c:dir_mount:165 - Mounted "/var/lib/lxd/containers/gentooC01/rootfs" on "/var/lib/lxc/rootfs" with options "(null)", mount flags "0", and propagation flags "0"
lxc gentooC01 20200801134013.611 DEBUG    conf - conf.c:lxc_mount_rootfs:1258 - Mounted rootfs "/var/lib/lxd/containers/gentooC01/rootfs" onto "/var/lib/lxc/rootfs" with options "(null)"
lxc gentooC01 20200801134013.611 INFO     conf - conf.c:setup_utsname:751 - Set hostname to "gentooC01"
lxc gentooC01 20200801134013.611 DEBUG    network - network.c:lxc_network_setup_in_child_namespaces_common:3538 - Network device "eth0" has been setup
lxc gentooC01 20200801134013.611 INFO     network - network.c:lxc_setup_network_in_child_namespaces:3560 - Network has been setup
lxc gentooC01 20200801134013.611 TRACE    network - network.c:lxc_network_send_name_and_ifindex_to_parent:3646 - Sent network device names and ifindices to parent
lxc gentooC01 20200801134013.611 INFO     conf - conf.c:mount_autodev:1059 - Preparing "/dev"
lxc gentooC01 20200801134013.611 DEBUG    conf - conf.c:mount_autodev:1065 - Using mount options: size=500000,mode=755
lxc gentooC01 20200801134013.612 TRACE    conf - conf.c:mount_autodev:1085 - Mounted tmpfs on "/var/lib/lxc/rootfs/dev"
lxc gentooC01 20200801134013.612 INFO     conf - conf.c:mount_autodev:1108 - Prepared "/dev"
lxc gentooC01 20200801134013.612 DEBUG    conf - conf.c:mount_entry:1860 - Remounting "/dev/fuse" on "/var/lib/lxc/rootfs/dev/fuse" to respect bind or remount options
lxc gentooC01 20200801134013.612 DEBUG    conf - conf.c:mount_entry:1879 - Flags for "/dev/fuse" were 4098, required extra flags are 2
lxc gentooC01 20200801134013.612 DEBUG    conf - conf.c:mount_entry:1923 - Mounted "/dev/fuse" on "/var/lib/lxc/rootfs/dev/fuse" with filesystem type "none"
lxc gentooC01 20200801134013.612 DEBUG    conf - conf.c:mount_entry:1860 - Remounting "/dev/net/tun" on "/var/lib/lxc/rootfs/dev/net/tun" to respect bind or remount options
lxc gentooC01 20200801134013.612 DEBUG    conf - conf.c:mount_entry:1879 - Flags for "/dev/net/tun" were 4098, required extra flags are 2
lxc gentooC01 20200801134013.612 DEBUG    conf - conf.c:mount_entry:1923 - Mounted "/dev/net/tun" on "/var/lib/lxc/rootfs/dev/net/tun" with filesystem type "none"
lxc gentooC01 20200801134013.612 DEBUG    conf - conf.c:mount_entry:1860 - Remounting "/proc/sys/fs/binfmt_misc" on "/var/lib/lxc/rootfs/proc/sys/fs/binfmt_misc" to respect bind or remount options
lxc gentooC01 20200801134013.612 DEBUG    conf - conf.c:mount_entry:1879 - Flags for "/proc/sys/fs/binfmt_misc" were 4110, required extra flags are 14
lxc gentooC01 20200801134013.612 DEBUG    conf - conf.c:mount_entry:1923 - Mounted "/proc/sys/fs/binfmt_misc" on "/var/lib/lxc/rootfs/proc/sys/fs/binfmt_misc" with filesystem type "none"
lxc gentooC01 20200801134013.612 DEBUG    conf - conf.c:mount_entry:1860 - Remounting "/sys/firmware/efi/efivars" on "/var/lib/lxc/rootfs/sys/firmware/efi/efivars" to respect bind or remount options
lxc gentooC01 20200801134013.612 DEBUG    conf - conf.c:mount_entry:1879 - Flags for "/sys/firmware/efi/efivars" were 4110, required extra flags are 14
lxc gentooC01 20200801134013.612 DEBUG    conf - conf.c:mount_entry:1923 - Mounted "/sys/firmware/efi/efivars" on "/var/lib/lxc/rootfs/sys/firmware/efi/efivars" with filesystem type "none"
lxc gentooC01 20200801134013.612 DEBUG    conf - conf.c:mount_entry:1860 - Remounting "/sys/fs/fuse/connections" on "/var/lib/lxc/rootfs/sys/fs/fuse/connections" to respect bind or remount options
lxc gentooC01 20200801134013.612 DEBUG    conf - conf.c:mount_entry:1879 - Flags for "/sys/fs/fuse/connections" were 4110, required extra flags are 14
lxc gentooC01 20200801134013.612 DEBUG    conf - conf.c:mount_entry:1923 - Mounted "/sys/fs/fuse/connections" on "/var/lib/lxc/rootfs/sys/fs/fuse/connections" with filesystem type "none"
lxc gentooC01 20200801134013.612 DEBUG    conf - conf.c:mount_entry:1860 - Remounting "/sys/kernel/config" on "/var/lib/lxc/rootfs/sys/kernel/config" to respect bind or remount options
lxc gentooC01 20200801134013.612 DEBUG    conf - conf.c:mount_entry:1879 - Flags for "/sys/kernel/config" were 4110, required extra flags are 14
lxc gentooC01 20200801134013.612 DEBUG    conf - conf.c:mount_entry:1923 - Mounted "/sys/kernel/config" on "/var/lib/lxc/rootfs/sys/kernel/config" with filesystem type "none"
lxc gentooC01 20200801134013.612 DEBUG    conf - conf.c:mount_entry:1860 - Remounting "/sys/kernel/debug" on "/var/lib/lxc/rootfs/sys/kernel/debug" to respect bind or remount options
lxc gentooC01 20200801134013.612 DEBUG    conf - conf.c:mount_entry:1879 - Flags for "/sys/kernel/debug" were 4110, required extra flags are 14
lxc gentooC01 20200801134013.612 DEBUG    conf - conf.c:mount_entry:1923 - Mounted "/sys/kernel/debug" on "/var/lib/lxc/rootfs/sys/kernel/debug" with filesystem type "none"
lxc gentooC01 20200801134013.612 DEBUG    conf - conf.c:mount_entry:1860 - Remounting "/sys/kernel/tracing" on "/var/lib/lxc/rootfs/sys/kernel/tracing" to respect bind or remount options
lxc gentooC01 20200801134013.612 DEBUG    conf - conf.c:mount_entry:1879 - Flags for "/sys/kernel/tracing" were 4110, required extra flags are 14
lxc gentooC01 20200801134013.612 DEBUG    conf - conf.c:mount_entry:1923 - Mounted "/sys/kernel/tracing" on "/var/lib/lxc/rootfs/sys/kernel/tracing" with filesystem type "none"
lxc gentooC01 20200801134013.612 DEBUG    conf - conf.c:mount_entry:1860 - Remounting "/dev/mqueue" on "/var/lib/lxc/rootfs/dev/mqueue" to respect bind or remount options
lxc gentooC01 20200801134013.612 DEBUG    conf - conf.c:mount_entry:1879 - Flags for "/dev/mqueue" were 4110, required extra flags are 14
lxc gentooC01 20200801134013.612 DEBUG    conf - conf.c:mount_entry:1923 - Mounted "/dev/mqueue" on "/var/lib/lxc/rootfs/dev/mqueue" with filesystem type "none"
lxc gentooC01 20200801134013.612 DEBUG    conf - conf.c:mount_entry:1860 - Remounting "/var/lib/lxd/devlxd" on "/var/lib/lxc/rootfs/dev/lxd" to respect bind or remount options
lxc gentooC01 20200801134013.612 DEBUG    conf - conf.c:mount_entry:1879 - Flags for "/var/lib/lxd/devlxd" were 4096, required extra flags are 0
lxc gentooC01 20200801134013.612 DEBUG    conf - conf.c:mount_entry:1888 - Mountflags already were 4096, skipping remount
lxc gentooC01 20200801134013.612 DEBUG    conf - conf.c:mount_entry:1923 - Mounted "/var/lib/lxd/devlxd" on "/var/lib/lxc/rootfs/dev/lxd" with filesystem type "none"
lxc gentooC01 20200801134013.612 DEBUG    conf - conf.c:mount_entry:1860 - Remounting "/var/lib/lxd/shmounts/gentooC01" on "/var/lib/lxc/rootfs/dev/.lxd-mounts" to respect bind or remount options
lxc gentooC01 20200801134013.612 DEBUG    conf - conf.c:mount_entry:1879 - Flags for "/var/lib/lxd/shmounts/gentooC01" were 4096, required extra flags are 0
lxc gentooC01 20200801134013.612 DEBUG    conf - conf.c:mount_entry:1888 - Mountflags already were 4096, skipping remount
lxc gentooC01 20200801134013.612 DEBUG    conf - conf.c:mount_entry:1923 - Mounted "/var/lib/lxd/shmounts/gentooC01" on "/var/lib/lxc/rootfs/dev/.lxd-mounts" with filesystem type "none"
lxc gentooC01 20200801134013.612 INFO     conf - conf.c:run_script_argv:342 - Executing script "/usr/share/lxcfs/lxc.mount.hook" for container "gentooC01"
lxc gentooC01 20200801134013.612 TRACE    conf - conf.c:run_script_argv:385 - Set environment variable: LXC_HOOK_TYPE=mount
lxc gentooC01 20200801134013.612 TRACE    conf - conf.c:run_script_argv:390 - Set environment variable: LXC_HOOK_SECTION=lxc
lxc gentooC01 20200801134013.645 INFO     conf - conf.c:lxc_fill_autodev:1152 - Populating "/dev"
lxc gentooC01 20200801134013.646 DEBUG    conf - conf.c:lxc_fill_autodev:1218 - Bind mounted host device node "/dev/full" onto "/var/lib/lxc/rootfs/dev/full"
lxc gentooC01 20200801134013.646 DEBUG    conf - conf.c:lxc_fill_autodev:1218 - Bind mounted host device node "/dev/null" onto "/var/lib/lxc/rootfs/dev/null"
lxc gentooC01 20200801134013.646 DEBUG    conf - conf.c:lxc_fill_autodev:1218 - Bind mounted host device node "/dev/random" onto "/var/lib/lxc/rootfs/dev/random"
lxc gentooC01 20200801134013.646 DEBUG    conf - conf.c:lxc_fill_autodev:1218 - Bind mounted host device node "/dev/tty" onto "/var/lib/lxc/rootfs/dev/tty"
lxc gentooC01 20200801134013.646 DEBUG    conf - conf.c:lxc_fill_autodev:1218 - Bind mounted host device node "/dev/urandom" onto "/var/lib/lxc/rootfs/dev/urandom"
lxc gentooC01 20200801134013.646 DEBUG    conf - conf.c:lxc_fill_autodev:1218 - Bind mounted host device node "/dev/zero" onto "/var/lib/lxc/rootfs/dev/zero"
lxc gentooC01 20200801134013.646 INFO     conf - conf.c:lxc_fill_autodev:1222 - Populated "/dev"
lxc gentooC01 20200801134013.646 DEBUG    conf - conf.c:lxc_setup_dev_console:1618 - Mounted pts device "/dev/pts/5" onto "/var/lib/lxc/rootfs/dev/console"
lxc gentooC01 20200801134013.646 INFO     utils - utils.c:lxc_mount_proc_if_needed:1200 - I am 1, /proc/self points to "1"
lxc gentooC01 20200801134013.655 TRACE    conf - conf.c:lxc_pivot_root:1427 - pivot_root("/var/lib/lxc/rootfs") successful
lxc gentooC01 20200801134013.655 DEBUG    conf - conf.c:lxc_setup_devpts:1521 - Mount new devpts instance with options "gid=5,newinstance,ptmxmode=0666,mode=0620,max=1024"
lxc gentooC01 20200801134013.655 DEBUG    conf - conf.c:lxc_setup_devpts:1536 - Created dummy "/dev/ptmx" file as bind mount target
lxc gentooC01 20200801134013.655 DEBUG    conf - conf.c:lxc_setup_devpts:1541 - Bind mounted "/dev/pts/ptmx" to "/dev/ptmx"
lxc gentooC01 20200801134013.655 INFO     conf - conf.c:lxc_setup_ttys:900 - Finished setting up 0 /dev/tty<N> device(s)
lxc gentooC01 20200801134013.655 INFO     conf - conf.c:setup_personality:1572 - Set personality to "0x0"
lxc gentooC01 20200801134013.655 DEBUG    conf - conf.c:setup_caps:2338 - Capabilities have been setup
lxc gentooC01 20200801134013.655 NOTICE   conf - conf.c:lxc_setup:3433 - The container "gentooC01" is set up
lxc gentooC01 20200801134013.655 TRACE    start - start.c:lxc_spawn:1790 - Set up legacy device cgroup controller limits
lxc gentooC01 20200801134013.655 TRACE    start - start.c:lxc_spawn:1796 - Set up cgroup2 device controller limits
lxc gentooC01 20200801134013.655 DEBUG    start - start.c:lxc_spawn:1808 - Preserved cgroup namespace via fd 12
lxc gentooC01 20200801134013.655 TRACE    start - start.c:lxc_spawn:1813 - Finished setting up cgroups
lxc gentooC01 20200801134013.655 NOTICE   start - start.c:start:2041 - Exec'ing "/sbin/init"
lxc gentooC01 20200801134013.656 TRACE    confile_utils - confile_utils.c:lxc_log_configured_netdevs:254 - index: 0
lxc gentooC01 20200801134013.656 TRACE    confile_utils - confile_utils.c:lxc_log_configured_netdevs:255 - ifindex: 20
lxc gentooC01 20200801134013.656 TRACE    confile_utils - confile_utils.c:lxc_log_configured_netdevs:301 - type: phys
lxc gentooC01 20200801134013.656 TRACE    confile_utils - confile_utils.c:lxc_log_configured_netdevs:304 - host side ifindex for phys device: 20
lxc gentooC01 20200801134013.656 TRACE    confile_utils - confile_utils.c:lxc_log_configured_netdevs:319 - flags: up
lxc gentooC01 20200801134013.656 TRACE    confile_utils - confile_utils.c:lxc_log_configured_netdevs:323 - link: veth890240b8
lxc gentooC01 20200801134013.656 TRACE    confile_utils - confile_utils.c:lxc_log_configured_netdevs:327 - l2proxy: false
lxc gentooC01 20200801134013.656 TRACE    confile_utils - confile_utils.c:lxc_log_configured_netdevs:330 - name: eth0
lxc gentooC01 20200801134013.656 TRACE    confile_utils - confile_utils.c:lxc_log_configured_netdevs:344 - ipv4 gateway auto: false
lxc gentooC01 20200801134013.656 TRACE    confile_utils - confile_utils.c:lxc_log_configured_netdevs:347 - ipv4 gateway dev: false
lxc gentooC01 20200801134013.656 TRACE    confile_utils - confile_utils.c:lxc_log_configured_netdevs:363 - ipv6 gateway auto: false
lxc gentooC01 20200801134013.656 TRACE    confile_utils - confile_utils.c:lxc_log_configured_netdevs:366 - ipv6 gateway dev: false
lxc gentooC01 20200801134013.656 NOTICE   start - start.c:post_start:2052 - Started "/sbin/init" with pid "833"
lxc gentooC01 20200801134013.656 TRACE    lxccontainer - lxccontainer.c:wait_on_daemonized_start:856 - Container is in "RUNNING" state
lxc gentooC01 20200801134013.657 TRACE    start - start.c:lxc_serve_state_socket_pair:491 - Sent container state "RUNNING" to 7
lxc gentooC01 20200801134013.657 TRACE    start - start.c:lxc_serve_state_clients:427 - Set container state to RUNNING
lxc gentooC01 20200801134013.657 TRACE    start - start.c:lxc_serve_state_clients:430 - No state clients registered
lxc gentooC01 20200801134013.657 TRACE    start - start.c:lxc_poll:581 - Mainloop is ready
lxc gentooC01 20200801134013.657 NOTICE   start - start.c:signal_handler:393 - Received 17 from pid 834 instead of container init 833
lxc gentooC01 20200801134013.657 TRACE    commands - commands.c:lxc_cmd_accept:1555 - Accepted new client as fd 14 on command server fd 9
lxc 20200801134013.657 TRACE    commands - commands.c:lxc_cmd_rsp_recv:123 - Command "get_state" received response
lxc 20200801134013.657 DEBUG    commands - commands.c:lxc_cmd_rsp_recv:156 - Response data length for command "get_state" is 0
lxc 20200801134013.657 TRACE    commands - commands.c:lxc_cmd:293 - Opened new command socket connection fd 31 for command "get_state"
lxc 20200801134013.657 DEBUG    commands - commands.c:lxc_cmd_get_state:656 - Container "gentooC01" is in "RUNNING" state
lxc gentooC01 20200801134013.657 TRACE    commands - commands.c:lxc_cmd_fd_cleanup:1467 - Closing client fd 14 for command "get_state"
lxc gentooC01 20200801134013.657 TRACE    commands - commands.c:lxc_cmd_accept:1555 - Accepted new client as fd 14 on command server fd 9
lxc 20200801134013.657 TRACE    commands - commands.c:lxc_cmd_rsp_recv:123 - Command "get_state" received response
lxc 20200801134013.657 DEBUG    commands - commands.c:lxc_cmd_rsp_recv:156 - Response data length for command "get_state" is 0
lxc 20200801134013.657 TRACE    commands - commands.c:lxc_cmd:293 - Opened new command socket connection fd 31 for command "get_state"
lxc 20200801134013.657 DEBUG    commands - commands.c:lxc_cmd_get_state:656 - Container "gentooC01" is in "RUNNING" state
lxc gentooC01 20200801134013.657 TRACE    commands - commands.c:lxc_cmd_fd_cleanup:1467 - Closing client fd 14 for command "get_state"
lxc gentooC01 20200801134013.657 TRACE    commands - commands.c:lxc_cmd_accept:1555 - Accepted new client as fd 14 on command server fd 9
lxc 20200801134013.657 TRACE    commands - commands.c:lxc_cmd_rsp_recv:123 - Command "get_state" received response
lxc 20200801134013.657 DEBUG    commands - commands.c:lxc_cmd_rsp_recv:156 - Response data length for command "get_state" is 0
lxc 20200801134013.657 TRACE    commands - commands.c:lxc_cmd:293 - Opened new command socket connection fd 31 for command "get_state"
lxc 20200801134013.657 DEBUG    commands - commands.c:lxc_cmd_get_state:656 - Container "gentooC01" is in "RUNNING" state
lxc gentooC01 20200801134013.657 TRACE    commands - commands.c:lxc_cmd_fd_cleanup:1467 - Closing client fd 14 for command "get_state"
lxc gentooC01 20200801134013.657 TRACE    commands - commands.c:lxc_cmd_accept:1555 - Accepted new client as fd 14 on command server fd 9
lxc 20200801134013.657 TRACE    commands - commands.c:lxc_cmd_rsp_recv:123 - Command "get_state" received response
lxc 20200801134013.657 DEBUG    commands - commands.c:lxc_cmd_rsp_recv:156 - Response data length for command "get_state" is 0
lxc 20200801134013.657 TRACE    commands - commands.c:lxc_cmd:293 - Opened new command socket connection fd 31 for command "get_state"
lxc 20200801134013.657 DEBUG    commands - commands.c:lxc_cmd_get_state:656 - Container "gentooC01" is in "RUNNING" state
lxc 20200801134013.657 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_basecg_debuginfo:939 - basecginfo is:
lxc 20200801134013.657 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_basecg_debuginfo:940 - 7:net_cls:/
6:freezer:/
5:devices:/
4:cpuacct:/
3:cpu:/
2:cpuset:/
1:name=openrc:/
0::/

lxc 20200801134013.657 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_basecg_debuginfo:943 - kernel subsystem 0: net_cls
lxc 20200801134013.657 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_basecg_debuginfo:943 - kernel subsystem 1: freezer
lxc 20200801134013.657 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_basecg_debuginfo:943 - kernel subsystem 2: devices
lxc 20200801134013.657 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_basecg_debuginfo:943 - kernel subsystem 3: cpuacct
lxc 20200801134013.657 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_basecg_debuginfo:943 - kernel subsystem 4: cpu
lxc 20200801134013.657 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_basecg_debuginfo:943 - kernel subsystem 5: cpuset
lxc 20200801134013.657 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_basecg_debuginfo:943 - kernel subsystem 6: cgroup2
lxc 20200801134013.657 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_basecg_debuginfo:946 - named subsystem 0: name=openrc
lxc 20200801134013.657 TRACE    cgfsng - cgroups/cgfsng.c:cg_hybrid_init:3136 - No controllers are enabled for delegation in the unified hierarchy
lxc 20200801134013.657 TRACE    cgfsng - cgroups/cgfsng.c:cg_hybrid_init:3155 - Writable cgroup hierarchies:
lxc 20200801134013.657 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:920 -   Hierarchies:
lxc 20200801134013.657 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:925 -   0: base_cgroup: /
lxc 20200801134013.657 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:926 -       mountpoint:  /sys/fs/cgroup/openrc
lxc 20200801134013.657 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:927 -       controllers:
lxc 20200801134013.657 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:929 -       0: name=openrc
lxc 20200801134013.657 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:925 -   1: base_cgroup: /
lxc 20200801134013.657 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:926 -       mountpoint:  /sys/fs/cgroup/unified
lxc 20200801134013.657 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:927 -       controllers:
lxc 20200801134013.657 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:925 -   2: base_cgroup: /
lxc 20200801134013.657 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:926 -       mountpoint:  /sys/fs/cgroup/cpuset
lxc 20200801134013.657 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:927 -       controllers:
lxc 20200801134013.657 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:929 -       0: cpuset
lxc 20200801134013.657 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:925 -   3: base_cgroup: /
lxc 20200801134013.657 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:926 -       mountpoint:  /sys/fs/cgroup/cpu
lxc 20200801134013.657 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:927 -       controllers:
lxc 20200801134013.657 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:929 -       0: cpu
lxc 20200801134013.657 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:925 -   4: base_cgroup: /
lxc 20200801134013.657 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:926 -       mountpoint:  /sys/fs/cgroup/cpuacct
lxc 20200801134013.657 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:927 -       controllers:
lxc 20200801134013.657 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:929 -       0: cpuacct
lxc 20200801134013.657 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:925 -   5: base_cgroup: /
lxc 20200801134013.657 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:926 -       mountpoint:  /sys/fs/cgroup/devices
lxc 20200801134013.657 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:927 -       controllers:
lxc 20200801134013.657 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:929 -       0: devices
lxc 20200801134013.657 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:925 -   6: base_cgroup: /
lxc 20200801134013.657 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:926 -       mountpoint:  /sys/fs/cgroup/freezer
lxc 20200801134013.657 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:927 -       controllers:
lxc 20200801134013.657 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:929 -       0: freezer
lxc 20200801134013.657 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:925 -   7: base_cgroup: /
lxc 20200801134013.657 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:926 -       mountpoint:  /sys/fs/cgroup/net_cls
lxc 20200801134013.657 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:927 -       controllers:
lxc 20200801134013.657 TRACE    cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:929 -       0: net_cls
lxc 20200801134013.657 TRACE    cgroup - cgroups/cgroup.c:cgroup_init:40 - Initialized cgroup driver cgfsng
lxc 20200801134013.657 TRACE    cgroup - cgroups/cgroup.c:cgroup_init:45 - Running with hybrid cgroup layout
lxc gentooC01 20200801134013.657 TRACE    commands - commands.c:lxc_cmd_fd_cleanup:1467 - Closing client fd 14 for command "get_state"
lxc gentooC01 20200801134013.657 TRACE    commands - commands.c:lxc_cmd_accept:1555 - Accepted new client as fd 14 on command server fd 9
lxc 20200801134013.657 TRACE    commands - commands.c:lxc_cmd_rsp_recv:123 - Command "get_cgroup" received response
lxc 20200801134013.657 TRACE    commands - commands.c:lxc_cmd:293 - Opened new command socket connection fd 31 for command "get_cgroup"
lxc gentooC01 20200801134013.657 TRACE    commands - commands.c:lxc_cmd_fd_cleanup:1467 - Closing client fd 14 for command "get_cgroup"
lxc gentooC01 20200801134013.659 TRACE    commands - commands.c:lxc_cmd_accept:1555 - Accepted new client as fd 14 on command server fd 9
lxc gentooC01 20200801134013.659 TRACE    commands - commands.c:lxc_cmd_fd_cleanup:1467 - Closing client fd 14 for command "get_state"
lxc gentooC01 20200801134052.888 TRACE    commands - commands.c:lxc_cmd_accept:1555 - Accepted new client as fd 14 on command server fd 9
lxc 20200801134052.888 TRACE    commands - commands.c:lxc_cmd_rsp_recv:123 - Command "get_state" received response
lxc 20200801134052.888 DEBUG    commands - commands.c:lxc_cmd_rsp_recv:156 - Response data length for command "get_state" is 0
lxc 20200801134052.888 TRACE    commands - commands.c:lxc_cmd:293 - Opened new command socket connection fd 33 for command "get_state"
lxc 20200801134052.888 DEBUG    commands - commands.c:lxc_cmd_get_state:656 - Container "gentooC01" is in "RUNNING" state
lxc gentooC01 20200801134052.888 TRACE    commands - commands.c:lxc_cmd_fd_cleanup:1467 - Closing client fd 14 for command "get_state"
lxc gentooC01 20200801134052.888 TRACE    commands - commands.c:lxc_cmd_accept:1555 - Accepted new client as fd 14 on command server fd 9
lxc 20200801134052.888 TRACE    commands - commands.c:lxc_cmd_rsp_recv:123 - Command "get_state" received response
lxc 20200801134052.888 DEBUG    commands - commands.c:lxc_cmd_rsp_recv:156 - Response data length for command "get_state" is 0
lxc 20200801134052.888 TRACE    commands - commands.c:lxc_cmd:293 - Opened new command socket connection fd 33 for command "get_state"
lxc 20200801134052.888 DEBUG    commands - commands.c:lxc_cmd_get_state:656 - Container "gentooC01" is in "RUNNING" state
lxc gentooC01 20200801134052.888 TRACE    commands - commands.c:lxc_cmd_fd_cleanup:1467 - Closing client fd 14 for command "get_state"
lxc gentooC01 20200801134052.888 TRACE    commands - commands.c:lxc_cmd_accept:1555 - Accepted new client as fd 14 on command server fd 9
lxc 20200801134052.888 TRACE    commands - commands.c:lxc_cmd_rsp_recv:123 - Command "get_state" received response
lxc 20200801134052.888 DEBUG    commands - commands.c:lxc_cmd_rsp_recv:156 - Response data length for command "get_state" is 0
lxc 20200801134052.888 TRACE    commands - commands.c:lxc_cmd:293 - Opened new command socket connection fd 33 for command "get_state"
lxc 20200801134052.888 DEBUG    commands - commands.c:lxc_cmd_get_state:656 - Container "gentooC01" is in "RUNNING" state
lxc gentooC01 20200801134052.888 TRACE    commands - commands.c:lxc_cmd_fd_cleanup:1467 - Closing client fd 14 for command "get_state"
lxc gentooC01 20200801134052.888 TRACE    commands - commands.c:lxc_cmd_accept:1555 - Accepted new client as fd 14 on command server fd 9
lxc 20200801134052.888 TRACE    commands - commands.c:lxc_cmd_rsp_recv:123 - Command "get_state" received response
lxc 20200801134052.888 DEBUG    commands - commands.c:lxc_cmd_rsp_recv:156 - Response data length for command "get_state" is 0
lxc 20200801134052.888 TRACE    commands - commands.c:lxc_cmd:293 - Opened new command socket connection fd 33 for command "get_state"
lxc 20200801134052.888 DEBUG    commands - commands.c:lxc_cmd_get_state:656 - Container "gentooC01" is in "RUNNING" state
lxc gentooC01 20200801134052.888 TRACE    commands - commands.c:lxc_cmd_fd_cleanup:1467 - Closing client fd 14 for command "get_state"
lxc gentooC01 20200801134052.888 TRACE    commands - commands.c:lxc_cmd_accept:1555 - Accepted new client as fd 14 on command server fd 9
lxc gentooC01 20200801134052.888 ERROR    commands - commands.c:lxc_cmd_get_init_pidfd_callback:441 - Failed to send init pidfd
lxc gentooC01 20200801134052.888 TRACE    commands - commands.c:lxc_cmd_fd_cleanup:1467 - Closing client fd 14 for command "get_init_pidfd"
lxc 20200801134052.888 TRACE    commands - commands.c:lxc_cmd_rsp_recv:123 - Command "get_init_pidfd" received response
lxc 20200801134052.888 DEBUG    commands - commands.c:lxc_cmd_rsp_recv:156 - Response data length for command "get_init_pidfd" is 0
lxc 20200801134052.888 TRACE    commands - commands.c:lxc_cmd:293 - Opened new command socket connection fd 33 for command "get_init_pidfd"
lxc gentooC01 20200801134052.888 TRACE    commands - commands.c:lxc_cmd_accept:1555 - Accepted new client as fd 14 on command server fd 9
lxc 20200801134052.888 TRACE    commands - commands.c:lxc_cmd_rsp_recv:123 - Command "get_init_pid" received response
lxc 20200801134052.888 DEBUG    commands - commands.c:lxc_cmd_rsp_recv:156 - Response data length for command "get_init_pid" is 0
lxc 20200801134052.888 TRACE    commands - commands.c:lxc_cmd:293 - Opened new command socket connection fd 33 for command "get_init_pid"
lxc gentooC01 20200801134052.888 TRACE    commands - commands.c:lxc_cmd_fd_cleanup:1467 - Closing client fd 14 for command "get_init_pid"
lxc gentooC01 20200801134052.888 TRACE    commands - commands.c:lxc_cmd_accept:1555 - Accepted new client as fd 14 on command server fd 9
lxc gentooC01 20200801134052.888 TRACE    commands_utils - commands_utils.c:lxc_add_state_client:191 - Added state client fd 14 to state client list
lxc 20200801134052.888 TRACE    commands - commands.c:lxc_cmd_rsp_recv:123 - Command "add_state_client" received response
lxc 20200801134052.888 DEBUG    commands - commands.c:lxc_cmd_rsp_recv:156 - Response data length for command "add_state_client" is 0
lxc 20200801134052.888 TRACE    commands - commands.c:lxc_cmd:293 - Opened new command socket connection fd 31 for command "add_state_client"
lxc 20200801134052.888 TRACE    commands - commands.c:lxc_cmd_add_state_client:968 - State connection fd 31 ready to listen for container state changes
lxc 20200801134052.888 TRACE    lxccontainer - lxccontainer.c:do_lxcapi_shutdown:2146 - Sent signal 30 to pid 833
lxc gentooC01 20200801134054.123 DEBUG    start - start.c:signal_handler:411 - Container init process 833 exited
lxc gentooC01 20200801134054.123 TRACE    start - start.c:lxc_poll:594 - Closed console mainloop
lxc gentooC01 20200801134054.123 TRACE    start - start.c:lxc_poll:599 - Closed mainloop
lxc gentooC01 20200801134054.123 TRACE    start - start.c:lxc_poll:602 - Closed signal file descriptor 5
lxc gentooC01 20200801134054.123 DEBUG    start - start.c:__lxc_start:1981 - Container "gentooC01" is halting
lxc gentooC01 20200801134054.123 TRACE    network - network.c:lxc_restore_phys_nics_to_netns:3327 - Moving physical network devices back to parent network namespace
lxc gentooC01 20200801134054.133 TRACE    network - network.c:lxc_restore_phys_nics_to_netns:3355 - Moved network device "eth0" back to network namespace
lxc gentooC01 20200801134054.133 INFO     error - error.c:lxc_error_set_and_log:33 - Child <833> ended on signal (2)
lxc gentooC01 20200801134054.135 TRACE    network - network.c:lxc_delete_network_priv:3215 - Renamed interface with index 0 from "eth0" to its initial name "veth890240b8"
lxc gentooC01 20200801134054.135 TRACE    network - network.c:lxc_delete_network_priv:3226 - Restored interface "veth890240b8" to its initial mtu "1500"
lxc gentooC01 20200801134054.135 DEBUG    network - network.c:lxc_delete_network:3693 - Deleted network devices
lxc gentooC01 20200801134054.135 TRACE    start - start.c:lxc_serve_state_clients:427 - Set container state to STOPPING
lxc gentooC01 20200801134054.135 TRACE    start - start.c:lxc_serve_state_clients:440 - State STOPPING not registered for state client 14
lxc gentooC01 20200801134054.135 TRACE    start - start.c:lxc_end:905 - Set environment variable LXC_USER_NS=/proc/801/fd/25
lxc gentooC01 20200801134054.135 TRACE    start - start.c:lxc_end:905 - Set environment variable LXC_MNT_NS=/proc/801/fd/26
lxc gentooC01 20200801134054.135 TRACE    start - start.c:lxc_end:905 - Set environment variable LXC_PID_NS=/proc/801/fd/27
lxc gentooC01 20200801134054.135 TRACE    start - start.c:lxc_end:905 - Set environment variable LXC_UTS_NS=/proc/801/fd/28
lxc gentooC01 20200801134054.135 TRACE    start - start.c:lxc_end:905 - Set environment variable LXC_IPC_NS=/proc/801/fd/29
lxc gentooC01 20200801134054.135 TRACE    start - start.c:lxc_end:905 - Set environment variable LXC_NET_NS=/proc/801/fd/4
lxc gentooC01 20200801134054.135 TRACE    start - start.c:lxc_end:905 - Set environment variable LXC_CGROUP_NS=/proc/801/fd/12
lxc gentooC01 20200801134054.135 INFO     conf - conf.c:run_script_argv:342 - Executing script "/usr/sbin/lxd callhook /var/lib/lxd 1 stopns" for container "gentooC01"
lxc gentooC01 20200801134054.135 TRACE    conf - conf.c:run_script_argv:385 - Set environment variable: LXC_HOOK_TYPE=stop
lxc gentooC01 20200801134054.135 TRACE    conf - conf.c:run_script_argv:390 - Set environment variable: LXC_HOOK_SECTION=lxc
lxc gentooC01 20200801134054.237 TRACE    conf - conf.c:get_minimal_idmap:4015 - Allocated minimal idmapping for ns uid 0 and ns gid 0
lxc gentooC01 20200801134054.237 TRACE    conf - conf.c:userns_exec_1:4080 - Establishing uid mapping for "2195" in new user namespace: nsuid 65536 - hostid 0 - range 1
lxc gentooC01 20200801134054.237 TRACE    conf - conf.c:userns_exec_1:4080 - Establishing uid mapping for "2195" in new user namespace: nsuid 0 - hostid 1000000 - range 65536
lxc gentooC01 20200801134054.237 TRACE    conf - conf.c:userns_exec_1:4080 - Establishing gid mapping for "2195" in new user namespace: nsuid 65536 - hostid 0 - range 1
lxc gentooC01 20200801134054.237 TRACE    conf - conf.c:userns_exec_1:4080 - Establishing gid mapping for "2195" in new user namespace: nsuid 0 - hostid 1000000 - range 65536
lxc gentooC01 20200801134054.237 DEBUG    conf - conf.c:idmaptool_on_path_and_privileged:2642 - The binary "/usr/bin/newuidmap" does have the setuid bit set
lxc gentooC01 20200801134054.237 DEBUG    conf - conf.c:idmaptool_on_path_and_privileged:2642 - The binary "/usr/bin/newgidmap" does have the setuid bit set
lxc gentooC01 20200801134054.237 DEBUG    conf - conf.c:lxc_map_ids:2710 - Functional newuidmap and newgidmap binary found
lxc gentooC01 20200801134054.239 TRACE    conf - conf.c:lxc_map_ids:2780 - newuidmap wrote mapping "newuidmap 2195 65536 0 1 0 1000000 65536"
lxc gentooC01 20200801134054.242 TRACE    conf - conf.c:lxc_map_ids:2780 - newgidmap wrote mapping "newgidmap 2195 65536 0 1 0 1000000 65536"
lxc gentooC01 20200801134054.242 TRACE    conf - conf.c:run_userns_fn:3857 - Calling function "cgroup_tree_remove_wrapper"
lxc gentooC01 20200801134054.242 NOTICE   utils - utils.c:lxc_setgroups:1366 - Dropped additional groups
lxc gentooC01 20200801134054.242 ERROR    utils - utils.c:lxc_rm_rf:1759 - Datei oder Verzeichnis nicht gefunden - Failed to open dir "/sys/fs/cgroup/openrc//lxc.payload.gentooC01"
lxc gentooC01 20200801134054.242 WARN     cgfsng - cgroups/cgfsng.c:cgroup_tree_remove:964 - Failed to destroy "/sys/fs/cgroup/openrc//lxc.payload.gentooC01"
lxc gentooC01 20200801134054.243 WARN     cgfsng - cgroups/cgfsng.c:cgfsng_monitor_destroy:1110 - Auf dem Gerät ist kein Speicherplatz mehr verfügbar - Failed to move monitor 801 to "/sys/fs/cgroup/cpuset//lxc.pivot"
lxc gentooC01 20200801134054.244 TRACE    start - start.c:lxc_end:949 - Closed command socket
lxc gentooC01 20200801134054.244 TRACE    start - start.c:lxc_end:960 - Set container state to "STOPPED"
lxc gentooC01 20200801134054.254 INFO     conf - conf.c:run_script_argv:342 - Executing script "/usr/share/lxcfs/lxc.reboot.hook" for container "gentooC01"
lxc gentooC01 20200801134054.254 TRACE    conf - conf.c:run_script_argv:385 - Set environment variable: LXC_HOOK_TYPE=post-stop
lxc gentooC01 20200801134054.254 TRACE    conf - conf.c:run_script_argv:390 - Set environment variable: LXC_HOOK_SECTION=lxc
lxc gentooC01 20200801134054.758 INFO     conf - conf.c:run_script_argv:342 - Executing script "/usr/sbin/lxd callhook /var/lib/lxd 1 stop" for container "gentooC01"
lxc gentooC01 20200801134054.758 TRACE    conf - conf.c:run_script_argv:385 - Set environment variable: LXC_HOOK_TYPE=post-stop
lxc gentooC01 20200801134054.758 TRACE    conf - conf.c:run_script_argv:390 - Set environment variable: LXC_HOOK_SECTION=lxc
lxc 20200801134054.822 TRACE    commands - commands.c:lxc_cmd:285 - Verbindungsaufbau abgelehnt - Command "get_state" failed to connect command socket
lxc 20200801134054.822 TRACE    commands - commands.c:lxc_cmd:285 - Verbindungsaufbau abgelehnt - Command "get_state" failed to connect command socket
lxc 20200801134054.823 TRACE    commands_utils - commands_utils.c:lxc_cmd_sock_rcv_state:52 - Received state STOPPED from state client 31
lxc 20200801134054.823 TRACE    lxccontainer - lxccontainer.c:do_lxcapi_shutdown:2157 - Received state "STOPPED"
lxc 20200801134100.888 TRACE    commands - commands.c:lxc_cmd:285 - Verbindungsaufbau abgelehnt - Command "get_state" failed to connect command socket

But it appears as though the container is mounting cgroups successfully, perhaps the error message is a red herring:

gentooC01 # mount | grep cgroup
cgroup_root on /sys/fs/cgroup type tmpfs (rw,nosuid,nodev,noexec,relatime,size=10240k,mode=755,uid=1000000,gid=1000000)
openrc on /sys/fs/cgroup/openrc type cgroup (rw,nosuid,nodev,noexec,relatime,release_agent=/lib/rc/sh/cgroup-release-agent.sh,name=openrc)
none on /sys/fs/cgroup/unified type cgroup2 (rw,nosuid,nodev,noexec,relatime)
cpuset on /sys/fs/cgroup/cpuset type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset)
cpu on /sys/fs/cgroup/cpu type cgroup (rw,nosuid,nodev,noexec,relatime,cpu)
cpuacct on /sys/fs/cgroup/cpuacct type cgroup (rw,nosuid,nodev,noexec,relatime,cpuacct)
devices on /sys/fs/cgroup/devices type cgroup (rw,nosuid,nodev,noexec,relatime,devices)
freezer on /sys/fs/cgroup/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,freezer)
net_cls on /sys/fs/cgroup/net_cls type cgroup (rw,nosuid,nodev,noexec,relatime,net_cls)

And on the host:

# mount | grep cgroup
cgroup_root on /sys/fs/cgroup type tmpfs (rw,nosuid,nodev,noexec,relatime,size=10240k,mode=755)
openrc on /sys/fs/cgroup/openrc type cgroup (rw,nosuid,nodev,noexec,relatime,release_agent=/lib/rc/sh/cgroup-release-agent.sh,name=openrc)
none on /sys/fs/cgroup/unified type cgroup2 (rw,nosuid,nodev,noexec,relatime)
cpuset on /sys/fs/cgroup/cpuset type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset)
cpu on /sys/fs/cgroup/cpu type cgroup (rw,nosuid,nodev,noexec,relatime,cpu)
cpuacct on /sys/fs/cgroup/cpuacct type cgroup (rw,nosuid,nodev,noexec,relatime,cpuacct)
devices on /sys/fs/cgroup/devices type cgroup (rw,nosuid,nodev,noexec,relatime,devices)
freezer on /sys/fs/cgroup/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,freezer)
net_cls on /sys/fs/cgroup/net_cls type cgroup (rw,nosuid,nodev,noexec,relatime,net_cls)
#

stgraber · August 1, 2020, 11:33pm

Well, for one thing the memory cgroup appears to be missing here, that would certainly explain why the limit isn’t applied.

pajot · August 1, 2020, 10:43pm

Thanks for the tip! The Gentoo ebuild for app-emulation/lxc does kernel configuration checks before merging:

CONFIG_CHECK="~CGROUPS ~CGROUP_DEVICE
    ~CPUSETS ~CGROUP_CPUACCT
    ~CGROUP_SCHED

    ~NAMESPACES
    ~IPC_NS ~USER_NS ~PID_NS

    ~CGROUP_FREEZER
    ~UTS_NS ~NET_NS
    ~VETH ~MACVLAN

    ~POSIX_MQUEUE
    ~!NETPRIO_CGROUP"

But CONFIG_MEMCG is notably absent. I’ve filed a bug with the Gentoo maintainers.

pajot · August 1, 2020, 11:32pm

Okay, setting CONFIG_MEMCG fixed it:

gentooC01 ~ # mount | grep cgroup
cgroup_root on /sys/fs/cgroup type tmpfs (rw,nosuid,nodev,noexec,relatime,size=10240k,mode=755,uid=1000000,gid=1000000)
openrc on /sys/fs/cgroup/openrc type cgroup (rw,nosuid,nodev,noexec,relatime,release_agent=/lib/rc/sh/cgroup-release-agent.sh,name=openrc)
none on /sys/fs/cgroup/unified type cgroup2 (rw,nosuid,nodev,noexec,relatime)
cpuset on /sys/fs/cgroup/cpuset type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset)
cpu on /sys/fs/cgroup/cpu type cgroup (rw,nosuid,nodev,noexec,relatime,cpu)
cpuacct on /sys/fs/cgroup/cpuacct type cgroup (rw,nosuid,nodev,noexec,relatime,cpuacct)
memory on /sys/fs/cgroup/memory type cgroup (rw,nosuid,nodev,noexec,relatime,memory)
devices on /sys/fs/cgroup/devices type cgroup (rw,nosuid,nodev,noexec,relatime,devices)
freezer on /sys/fs/cgroup/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,freezer)
net_cls on /sys/fs/cgroup/net_cls type cgroup (rw,nosuid,nodev,noexec,relatime,net_cls)
gentooC01 ~ # free
              total        used        free      shared  buff/cache   available
Mem:        1000000        4372      989292           0        6336      995628
Swap:             0           0           0