Systemctl start lxc@.service fails

LXC
1

Hi @brauner ,

I could see the same issue in regression: lxc-start works, systemctl start lxc@.service doesn't work · Issue #3364 · lxc/lxc · GitHub in ubuntu

I use lxc@.service with slight modifications,
[Unit]
Description=LXC Container: %i
After=lxc.service
Wants=lxc.service
Documentation=man:lxc-start man:lxc

[Service]
Type=simple
KillMode=mixed
TimeoutStopSec=120s
ExecStart=/usr/local/bin/lxc-start -F -n %i -f /var/lib/lxc/app/config
ExecStop=/usr/local/bin/lxc-stop -n %i
Delegate=yes
StandardOutput=syslog
StandardError=syslog

[Install]
WantedBy=multi-user.target

Below is my config file,
lxc.idmap = u 0 231072 1002
lxc.idmap = g 0 231072 1003
lxc.idmap = u 1002 1002 1
lxc.idmap = g 1003 1003 1
lxc idmap = u 1004 232075 64533
lxc.idmap = g 1005 232076 64532
lxc.console.path = none
lxc.mount.auto = proc:rw sys:mixed cgroup:mixed

lxc-start by logging in as the user works
systemctl start lxc@app.service from host doesnt work

I want to run the same unprivialged container from systemd. Am i missing out anything from the ./stsolution inhttps://github.com/lxc/lxc/issues/3364 solution

lxc-start app 20210812192539.890 INFO lxc_confile - confile.c:set_config_idmaps:1666 - Read uid map: type u nsid 0 hostid 231072 range 1002
lxc-start app 20210812192539.890 INFO lxc_confile - confile.c:set_config_idmaps:1666 - Read uid map: type g nsid 0 hostid 231072 range 1003
lxc-start app 20210812192539.890 INFO lxc_confile - confile.c:set_config_idmaps:1666 - Read uid map: type u nsid 1002 hostid 1002 range 1
lxc-start app 20210812192539.890 INFO lxc_confile - confile.c:set_config_idmaps:1666 - Read uid map: type g nsid 1003 hostid 1003 range 1
lxc-start app 20210812192539.890 INFO lxc_confile - confile.c:set_config_idmaps:1666 - Read uid map: type g nsid 1005 hostid 232076 range 64532
lxc-start app 20210812192539.890 TRACE lxc_commands - commands.c:lxc_cmd:311 - Connection refused - Command “get_init_pid” failed to connect command socket
lxc-start app 20210812192539.890 TRACE lxc_commands - commands.c:lxc_cmd:311 - Connection refused - Command “get_state” failed to connect command socket
lxc-start app 20210812192539.890 TRACE lxc_start - start.c:lxc_init_handler:708 - Created anonymous pair {4,5} of unix sockets
lxc-start app 20210812192539.890 TRACE lxc_commands - commands.c:lxc_cmd_init:1248 - Creating abstract unix socket “/usr/local/var/lib/lxc/app/command”
lxc-start app 20210812192539.890 TRACE lxc_start - start.c:lxc_init_handler:719 - Unix domain socket 6 for command server is ready
lxc-start app 20210812192539.891 INFO lxc_container - lxccontainer.c:do_lxcapi_start:948 - Attempting to set proc title to [lxc monitor] /usr/local/var/lib/lxc app
lxc-start app 20210812192539.891 TRACE lxc_start - start.c:lxc_start:2000 - Doing lxc_start
lxc-start app 20210812192539.891 INFO lxc_lsm - lsm/lsm.c:lsm_init:46 - LSM security driver nop
lxc-start app 20210812192539.891 TRACE lxc_start - start.c:lxc_init:736 - Initialized LSM
lxc-start app 20210812192539.891 TRACE lxc_start - start.c:lxc_init:743 - Read seccomp policy
lxc-start app 20210812192539.891 TRACE lxc_start - start.c:lxc_serve_state_clients:429 - Set container state to STARTING
lxc-start app 20210812192539.891 TRACE lxc_start - start.c:lxc_serve_state_clients:432 - No state clients registered
lxc-start app 20210812192539.891 TRACE lxc_start - start.c:lxc_init:751 - Set container state to “STARTING”
lxc-start app 20210812192539.891 TRACE lxc_start - start.c:lxc_init:816 - Set environment variables
lxc-start app 20210812192539.891 TRACE lxc_start - start.c:lxc_init:823 - Ran pre-start hooks
lxc-start app 20210812192539.891 TRACE lxc_start - start.c:setup_signal_fd:330 - Created signal file descriptor 7
lxc-start app 20210812192539.891 TRACE lxc_start - start.c:lxc_init:834 - Set up signal fd
lxc-start app 20210812192539.891 INFO terminal - terminal.c:lxc_terminal_setup:902 - No terminal requested
lxc-start app 20210812192539.891 TRACE lxc_start - start.c:lxc_init:842 - Created console
lxc-start app 20210812192539.891 TRACE lxc_start - start.c:lxc_init:849 - Chowned console
lxc-start app 20210812192539.891 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_basecg_debuginfo:1025 - basecginfo is:
lxc-start app 20210812192539.891 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_basecg_debuginfo:1026 - 12:hugetlb:/
11:blkio:/
10:cpuset:/
9:freezer:/
8:perf_event:/
7:rdma:/
6:devices:/
5:cpu,cpuacct:/
4:memory:/
3:pids:/
2:net_cls,net_prio:/
1:name=systemd:/init.scope
0::/init.scope

lxc-start app 20210812192539.891 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_basecg_debuginfo:1029 - kernel subsystem 0: hugetlb
lxc-start app 20210812192539.891 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_basecg_debuginfo:1029 - kernel subsystem 1: blkio
lxc-start app 20210812192539.891 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_basecg_debuginfo:1029 - kernel subsystem 2: cpuset
lxc-start app 20210812192539.891 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_basecg_debuginfo:1029 - kernel subsystem 3: freezer
lxc-start app 20210812192539.891 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_basecg_debuginfo:1029 - kernel subsystem 4: perf_event
lxc-start app 20210812192539.891 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_basecg_debuginfo:1029 - kernel subsystem 5: rdma
lxc-start app 20210812192539.891 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_basecg_debuginfo:1029 - kernel subsystem 6: devices
lxc-start app 20210812192539.891 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_basecg_debuginfo:1029 - kernel subsystem 7: cpu
lxc-start app 20210812192539.891 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_basecg_debuginfo:1029 - kernel subsystem 8: cpuacct
lxc-start app 20210812192539.891 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_basecg_debuginfo:1029 - kernel subsystem 9: memory
lxc-start app 20210812192539.891 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_basecg_debuginfo:1029 - kernel subsystem 10: pids
lxc-start app 20210812192539.891 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_basecg_debuginfo:1029 - kernel subsystem 11: net_cls
lxc-start app 20210812192539.891 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_basecg_debuginfo:1029 - kernel subsystem 12: net_prio
lxc-start app 20210812192539.891 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_basecg_debuginfo:1029 - kernel subsystem 13: cgroup2
lxc-start app 20210812192539.891 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_basecg_debuginfo:1032 - named subsystem 0: name=systemd
lxc-start app 20210812192539.891 TRACE lxc_cgfsng - cgroups/cgfsng.c:cg_hybrid_init:2410 - No controllers are enabled for delegation in the unified hierarchy
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:cg_hybrid_init:2434 - Writable cgroup hierarchies:
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1006 - Hierarchies:
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1011 - 0: base_cgroup: /
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1012 - mountpoint: /sys/fs/cgroup/unified
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1013 - controllers:
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1011 - 1: base_cgroup: /
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1012 - mountpoint: /sys/fs/cgroup/systemd
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1013 - controllers:
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1015 - 0: name=systemd
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1011 - 2: base_cgroup: /
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1012 - mountpoint: /sys/fs/cgroup/net_cls,net_prio
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1013 - controllers:
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1015 - 0: net_cls
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1015 - 1: net_prio
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1011 - 3: base_cgroup: /
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1012 - mountpoint: /sys/fs/cgroup/pids
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1013 - controllers:
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1015 - 0: pids
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1011 - 4: base_cgroup: /
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1012 - mountpoint: /sys/fs/cgroup/memory
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1013 - controllers:
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1015 - 0: memory
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1011 - 5: base_cgroup: /
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1012 - mountpoint: /sys/fs/cgroup/cpu,cpuacct
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1013 - controllers:
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1015 - 0: cpu
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1015 - 1: cpuacct
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1011 - 6: base_cgroup: /
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1012 - mountpoint: /sys/fs/cgroup/devices
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1013 - controllers:
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1015 - 0: devices
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1011 - 7: base_cgroup: /
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1012 - mountpoint: /sys/fs/cgroup/rdma
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1013 - controllers:
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1015 - 0: rdma
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1011 - 8: base_cgroup: /
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1012 - mountpoint: /sys/fs/cgroup/perf_event
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1013 - controllers:
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1015 - 0: perf_event
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1011 - 9: base_cgroup: /
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1012 - mountpoint: /sys/fs/cgroup/freezer
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1013 - controllers:
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1015 - 0: freezer
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1011 - 10: base_cgroup: /
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1012 - mountpoint: /sys/fs/cgroup/cpuset
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1013 - controllers:
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1015 - 0: cpuset
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1011 - 11: base_cgroup: /
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1012 - mountpoint: /sys/fs/cgroup/blkio
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1013 - controllers:
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1015 - 0: blkio
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1011 - 12: base_cgroup: /
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1012 - mountpoint: /sys/fs/cgroup/hugetlb
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1013 - controllers:
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:lxc_cgfsng_print_hierarchies:1015 - 0: hugetlb
lxc-start app 20210812192539.892 TRACE lxc_cgroup - cgroups/cgroup.c:cgroup_init:50 - Initialized cgroup driver cgfsng
lxc-start app 20210812192539.892 TRACE lxc_cgroup - cgroups/cgroup.c:cgroup_init:55 - Running with hybrid cgroup layout
lxc-start app 20210812192539.892 TRACE lxc_start - start.c:lxc_init:856 - Initialized cgroup driver
lxc-start app 20210812192539.892 INFO lxc_start - start.c:lxc_init:858 - Container “app” is initialized
lxc-start app 20210812192539.892 ERROR lxc_cgfsng - cgroups/cgfsng.c:create_path_for_hierarchy:1246 - The cgroup “/sys/fs/cgroup/unified//lxc/app” already existed
lxc-start app 20210812192539.892 ERROR lxc_cgfsng - cgroups/cgfsng.c:cgfsng_create:1334 - Failed to create cgroup “/sys/fs/cgroup/unified//lxc/app”
lxc-start app 20210812192539.892 ERROR lxc_cgfsng - cgroups/cgfsng.c:create_path_for_hierarchy:1246 - The cgroup “/sys/fs/cgroup/unified//lxc/app-1” already existed
lxc-start app 20210812192539.892 ERROR lxc_cgfsng - cgroups/cgfsng.c:cgfsng_create:1334 - Failed to create cgroup “/sys/fs/cgroup/unified//lxc/app-1”
lxc-start app 20210812192539.892 ERROR lxc_cgfsng - cgroups/cgfsng.c:create_path_for_hierarchy:1246 - The cgroup “/sys/fs/cgroup/unified//lxc/app-2” already existed
lxc-start app 20210812192539.892 ERROR lxc_cgfsng - cgroups/cgfsng.c:cgfsng_create:1334 - Failed to create cgroup “/sys/fs/cgroup/unified//lxc/app-2”
lxc-start app 20210812192539.892 ERROR lxc_cgfsng - cgroups/cgfsng.c:create_path_for_hierarchy:1246 - The cgroup “/sys/fs/cgroup/unified//lxc/app-3” already existed
lxc-start app 20210812192539.892 ERROR lxc_cgfsng - cgroups/cgfsng.c:cgfsng_create:1334 - Failed to create cgroup “/sys/fs/cgroup/unified//lxc/app-3”
lxc-start app 20210812192539.892 ERROR lxc_cgfsng - cgroups/cgfsng.c:create_path_for_hierarchy:1246 - The cgroup “/sys/fs/cgroup/unified//lxc/app-4” already existed
lxc-start app 20210812192539.892 ERROR lxc_cgfsng - cgroups/cgfsng.c:cgfsng_create:1334 - Failed to create cgroup “/sys/fs/cgroup/unified//lxc/app-4”
lxc-start app 20210812192539.892 ERROR lxc_cgfsng - cgroups/cgfsng.c:create_path_for_hierarchy:1246 - The cgroup “/sys/fs/cgroup/unified//lxc/app-5” already existed
lxc-start app 20210812192539.892 ERROR lxc_cgfsng - cgroups/cgfsng.c:cgfsng_create:1334 - Failed to create cgroup “/sys/fs/cgroup/unified//lxc/app-5”
lxc-start app 20210812192539.892 ERROR lxc_cgfsng - cgroups/cgfsng.c:create_path_for_hierarchy:1246 - The cgroup “/sys/fs/cgroup/unified//lxc/app-6” already existed
lxc-start app 20210812192539.892 ERROR lxc_cgfsng - cgroups/cgfsng.c:cgfsng_create:1334 - Failed to create cgroup “/sys/fs/cgroup/unified//lxc/app-6”
lxc-start app 20210812192539.892 ERROR lxc_cgfsng - cgroups/cgfsng.c:create_path_for_hierarchy:1246 - The cgroup “/sys/fs/cgroup/unified//lxc/app-7” already existed
lxc-start app 20210812192539.892 ERROR lxc_cgfsng - cgroups/cgfsng.c:cgfsng_create:1334 - Failed to create cgroup “/sys/fs/cgroup/unified//lxc/app-7”
lxc-start app 20210812192539.892 TRACE lxc_cgfsng - cgroups/cgfsng.c:cg_legacy_filter_and_set_cpus:420 - No isolated cpus detected
lxc-start app 20210812192539.892 DEBUG lxc_cgfsng - cgroups/cgfsng.c:cg_legacy_handle_cpuset_hierarchy:606 - “cgroup.clone_children” was already set to “1”
lxc-start app 20210812192539.893 TRACE lxc_start - start.c:lxc_spawn:1637 - Cloned child process 13580
lxc-start app 20210812192539.893 INFO lxc_start - start.c:lxc_spawn:1641 - Cloned CLONE_NEWUSER
lxc-start app 20210812192539.893 INFO lxc_start - start.c:lxc_spawn:1641 - Cloned CLONE_NEWNS
lxc-start app 20210812192539.893 INFO lxc_start - start.c:lxc_spawn:1641 - Cloned CLONE_NEWPID
lxc-start app 20210812192539.893 INFO lxc_start - start.c:lxc_spawn:1641 - Cloned CLONE_NEWUTS
lxc-start app 20210812192539.893 INFO lxc_start - start.c:lxc_spawn:1641 - Cloned CLONE_NEWIPC
lxc-start app 20210812192539.893 DEBUG lxc_start - start.c:lxc_try_preserve_namespaces:204 - Preserved user namespace via fd 12
lxc-start app 20210812192539.893 DEBUG lxc_start - start.c:lxc_try_preserve_namespaces:204 - Preserved mnt namespace via fd 13
lxc-start app 20210812192539.893 DEBUG lxc_start - start.c:lxc_try_preserve_namespaces:204 - Preserved pid namespace via fd 14
lxc-start app 20210812192539.893 DEBUG lxc_start - start.c:lxc_try_preserve_namespaces:204 - Preserved uts namespace via fd 15
lxc-start app 20210812192539.893 DEBUG lxc_start - start.c:lxc_try_preserve_namespaces:204 - Preserved ipc namespace via fd 16
lxc-start app 20210812192539.893 DEBUG lxc_conf - conf.c:idmaptool_on_path_and_privileged:2778 - The binary “/usr/bin/newuidmap” does have the setuid bit set
lxc-start app 20210812192539.893 DEBUG lxc_conf - conf.c:idmaptool_on_path_and_privileged:2778 - The binary “/usr/bin/newgidmap” does have the setuid bit set
lxc-start app 20210812192539.893 DEBUG lxc_conf - conf.c:lxc_map_ids:2866 - Functional newuidmap and newgidmap binary found
lxc-start app 20210812192539.901 ERROR lxc_conf - conf.c:lxc_map_ids:2919 - newuidmap failed to write mapping “newuidmap: uid range [0-1002) → [231072-232074) not allowed”: newuidmap 13580 0 231072 1002 1002 1002 1
lxc-start app 20210812192539.901 ERROR lxc_start - start.c:lxc_spawn:1661 - Failed to set up id mapping.
lxc-start app 20210812192539.901 DEBUG lxc_network - network.c:lxc_delete_network:3167 - Deleted network devices
lxc-start app 20210812192539.901 DEBUG lxc_container - lxccontainer.c:wait_on_daemonized_start:822 - First child 13578 exited
lxc-start app 20210812192539.901 TRACE lxc_start - start.c:lxc_serve_state_socket_pair:501 - Sent container state “ABORTING” to 5
lxc-start app 20210812192539.901 ERROR lxc_container - lxccontainer.c:wait_on_daemonized_start:834 - Received container state “ABORTING” instead of “RUNNING”
lxc-start app 20210812192539.901 TRACE lxc_start - start.c:lxc_serve_state_clients:429 - Set container state to ABORTING
lxc-start app 20210812192539.901 TRACE lxc_start - start.c:lxc_serve_state_clients:432 - No state clients registered
lxc-start app 20210812192539.901 ERROR lxc_start - start.c:__lxc_start:1887 - Failed to spawn container “app”
lxc-start app 20210812192539.901 TRACE lxc_start - start.c:lxc_serve_state_clients:429 - Set container state to STOPPING
lxc-start app 20210812192539.901 TRACE lxc_start - start.c:lxc_serve_state_clients:432 - No state clients registered
lxc-start app 20210812192539.901 TRACE lxc_conf - conf.c:get_minimal_idmap:4135 - Allocated minimal idmapping
lxc-start app 20210812192539.901 TRACE lxc_conf - conf.c:userns_exec_1:4215 - Establishing uid mapping for “13583” in new user namespace: nsuid 0 - hostid 231072 - range 1002
lxc-start app 20210812192539.901 TRACE lxc_conf - conf.c:userns_exec_1:4215 - Establishing uid mapping for “13583” in new user namespace: nsuid 1003 - hostid 0 - range 1
lxc-start app 20210812192539.901 TRACE lxc_conf - conf.c:userns_exec_1:4215 - Establishing gid mapping for “13583” in new user namespace: nsuid 0 - hostid 231072 - range 1003
lxc-start app 20210812192539.901 TRACE lxc_conf - conf.c:userns_exec_1:4215 - Establishing gid mapping for “13583” in new user namespace: nsuid 1004 - hostid 0 - range 1
lxc-start app 20210812192539.902 DEBUG lxc_conf - conf.c:idmaptool_on_path_and_privileged:2778 - The binary “/usr/bin/newuidmap” does have the setuid bit set
lxc-start app 20210812192539.902 DEBUG lxc_conf - conf.c:idmaptool_on_path_and_privileged:2778 - The binary “/usr/bin/newgidmap” does have the setuid bit set
lxc-start app 20210812192539.902 DEBUG lxc_conf - conf.c:lxc_map_ids:2866 - Functional newuidmap and newgidmap binary found
lxc-start app 20210812192539.906 ERROR lxc_conf - conf.c:lxc_map_ids:2919 - newuidmap failed to write mapping “newuidmap: uid range [0-1002) → [231072-232074) not allowed”: newuidmap 13583 0 231072 1002 1003 0 1
lxc-start app 20210812192539.906 ERROR lxc_conf - conf.c:userns_exec_1:4222 - Error setting up {g,u}id mappings for child process “13583”
lxc-start app 20210812192539.906 WARN lxc_cgfsng - cgroups/cgfsng.c:cgfsng_destroy:1171 - Failed to destroy cgroups
lxc-start app 20210812192539.906 TRACE lxc_start - start.c:lxc_fini:957 - Closed command socket
lxc-start app 20210812192539.906 TRACE lxc_start - start.c:lxc_fini:968 - Set container state to “STOPPED”

2

Any documentation on how to solve this?