LXD to Incus migrated container doesnt start

trumee · August 25, 2024, 8:11am

Hello,

I migrated from LXD to Incus on an Archlinux host. The migration was successful, and most containers started up fine. However one container isnt starting up.

$ incus start downloader1
Error: Failed to handle idmapped storage: invalid argument - Failed to change ACLs on /var/lib/incus/storage-pools/lxd/containers/downloader1/rootfs/var/lib/tpm2-tss/system/keystore
Try `incus info --show-log downloader1` for more info


$ incus info --show-log downloader1
Name: downloader1
Status: STOPPED
Type: container
Architecture: x86_64
Created: 2020/03/14 20:33 IST
Last Used: 2024/08/25 10:05 IST

Log:

The container is setup like so,

$ incus config show downloader1
architecture: x86_64
config:
  boot.autostart: "true"
  image.architecture: amd64
  image.description: Archlinux current amd64 (20200314_04:18)
  image.os: Archlinux
  image.release: current
  image.serial: "20200314_04:18"
  image.type: squashfs
  linux.kernel_modules: loop
  raw.idmap: both 816 816
  volatile.base_image: 8f441004e4977a09b05f6caf9c982967f8501b384b23901554c0ac599f9d963d
  volatile.eth0.hwaddr: 00:16:3e:b5:47:9e
  volatile.idmap.base: "0"
  volatile.idmap.current: '[{"Isuid":true,"Isgid":false,"Hostid":1000000,"Nsid":0,"Maprange":816},{"Isuid":true,"Isgid":true,"Hostid":816,"Nsid":816,"Maprange":1},{"Isuid":true,"Isgid":false,"Hostid":1000817,"Nsid":817,"Maprange":999999183},{"Isuid":false,"Isgid":true,"Hostid":1000000,"Nsid":0,"Maprange":816},{"Isuid":true,"Isgid":true,"Hostid":816,"Nsid":816,"Maprange":1},{"Isuid":false,"Isgid":true,"Hostid":1000817,"Nsid":817,"Maprange":999999183}]'
  volatile.idmap.next: '[{"Isuid":true,"Isgid":false,"Hostid":100000,"Nsid":0,"Maprange":816},{"Isuid":true,"Isgid":true,"Hostid":816,"Nsid":816,"Maprange":1},{"Isuid":true,"Isgid":false,"Hostid":100817,"Nsid":817,"Maprange":64719},{"Isuid":false,"Isgid":true,"Hostid":100000,"Nsid":0,"Maprange":816},{"Isuid":false,"Isgid":true,"Hostid":100817,"Nsid":817,"Maprange":64719}]'
  volatile.last_state.idmap: '[{"Isuid":true,"Isgid":false,"Hostid":1000000,"Nsid":0,"Maprange":816},{"Isuid":true,"Isgid":true,"Hostid":816,"Nsid":816,"Maprange":1},{"Isuid":true,"Isgid":false,"Hostid":1000817,"Nsid":817,"Maprange":999999183},{"Isuid":false,"Isgid":true,"Hostid":1000000,"Nsid":0,"Maprange":816},{"Isuid":true,"Isgid":true,"Hostid":816,"Nsid":816,"Maprange":1},{"Isuid":false,"Isgid":true,"Hostid":1000817,"Nsid":817,"Maprange":999999183}]'
  volatile.last_state.power: RUNNING
  volatile.uuid: af1e444c-ef83-4f37-9d76-b27a2692bde3
  volatile.uuid.generation: af1e444c-ef83-4f37-9d76-b27a2692bde3
devices:
  shareMedia:
    path: /mnt/Media
    source: /mnt/Media
    type: disk
ephemeral: false
profiles:
- vlan300profile
stateful: false
description: ""

How can i fix this?

simos · August 25, 2024, 8:50am

The container is called downloader1 and it has this advanced package from GitHub - tpm2-software/tpm2-tss: OSS implementation of the TCG TPM2 Software Stack (TSS2)

Is that package essential to the use of the container?

trumee · August 25, 2024, 8:56am

I mounted the zfs dataset and removed the ‘keystore’ directory. Now i get this,

$ incus start downloader1
Error: Failed to handle idmapped storage: invalid argument - Failed to change ACLs on /var/lib/incus/storage-pools/lxd/containers/downloader1/rootfs/var/log/journal
Try `incus info --show-log downloader1` for more info

The permissions of the path is,

# ls -lad /var/log/journal/
drwxr-sr-x+ 4 root systemd-journal 4 Mar 14  2020 /var/log/journal/

I deleted this folder as well and now the container is up.