Ubuntu 19.04 proxy dev fail, "read-only filesystem"

I have a PC running Ubuntu 19.04 with lxd/lxc installed as a snap-package, version 3.0. I’ve tried to set up a proxy-device for a container just like every guide I found told me to, but it’s a no-go. The log-file for a test-container says:

Error: remove localhost:80: read-only file system
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x5a3398]

goroutine 1 [running]:
os.(*File).Name(...)
        /snap/go/4098/src/os/file.go:50
net.FileListener(0x0, 0x0, 0x0, 0x0, 0x0)
        /snap/go/4098/src/net/file.go:36 +0x88
main.(*cmdForkproxy).Run(0xc000150248, 0xc0002e9b80, 0xc000143860, 0x6, 0x6, 0x0, 0x0)
        /build/lxd/parts/lxd/go/src/github.com/lxc/lxd/lxd/main_forkproxy.go:352 +0x2de
github.com/spf13/cobra.(*Command).execute(0xc0002e9b80, 0xc000143740, 0x6, 0x6, 0xc0002e9b80, 0xc000143740)
        /build/lxd/parts/lxd/go/src/github.com/spf13/cobra/command.go:826 +0x465
github.com/spf13/cobra.(*Command).ExecuteC(0xc00026ef00, 0xc000265f60, 0x1, 0x1)
        /build/lxd/parts/lxd/go/src/github.com/spf13/cobra/command.go:914 +0x2fc
github.com/spf13/cobra.(*Command).Execute(...)
        /build/lxd/parts/lxd/go/src/github.com/spf13/cobra/command.go:864
main.main()
        /build/lxd/parts/lxd/go/src/github.com/lxc/lxd/lxd/main.go:164 +0xd32

Is this yet another case of snap breaking things or what could be wrong?

What exactly did you add to the container? One thing you should do in all cases is use 127.0.0.1 rather than localhost. In fact recent versions of LXD specifically ban the use of names as that was causing a lot of resolution issues in some scenarios.

This still looks like a bug and something we’ve almost certainly fixed with recent work around the proxy device, which hopefully 3.0.5 will include.

I did actually test with “localhost”, 127.0.0.1 and 0.0.0.0 – none of them changed anything, the result was exactly the same. Also, I did originally try to add a proxy to a container running some software, but this log is with a completely fresh container without any modifications to it at all, other than the proxy-device.

@WereCatf can you post your proxy setup config here please.

Steps to reproduce:

1. lxc launch ubuntu:19.04 test

2. install apache inside the container and use port 8010 for it (I already have port 80 in use)

3. lxc config device add test proxy proxy listen=tcp:127.0.0.1:8010 connect=tcp:127.0.0.1:8010

4. ???

5. no worky

   architecture: x86_64
   config:
   image.architecture: amd64
   image.description: ubuntu 19.04 amd64 (release) (20190801)
   image.label: release
   image.os: ubuntu
   image.release: disco
   image.serial: “20190801”
   image.version: “19.04”
   volatile.base_image: 4b6301a6704253ff5e1a12c8521b55d8dcafad30f218b65edcb78ee3e110bf74
   volatile.eth0.host_name: vethB13IGY
   volatile.eth0.hwaddr: 00:16:3e:68:09:54
   volatile.idmap.base: “0”
   volatile.idmap.current: ‘[{“Isuid”:true,“Isgid”:false,“Hostid”:1000000,“Nsid”:0,“Maprange”:1000000000},{“Isuid”:false,“Isgid”:true,“Hostid”:1000000,“Nsid”:0,“Maprange”:1000000000}]’
   volatile.idmap.next: ‘[{“Isuid”:true,“Isgid”:false,“Hostid”:1000000,“Nsid”:0,“Maprange”:1000000000},{“Isuid”:false,“Isgid”:true,“Hostid”:1000000,“Nsid”:0,“Maprange”:1000000000}]’
   volatile.last_state.idmap: ‘[{“Isuid”:true,“Isgid”:false,“Hostid”:1000000,“Nsid”:0,“Maprange”:1000000000},{“Isuid”:false,“Isgid”:true,“Hostid”:1000000,“Nsid”:0,“Maprange”:1000000000}]’
   volatile.last_state.power: RUNNING
   devices:
   proxy:
   connect: tcp:127.0.0.1:8010
   listen: tcp:127.0.0.1:8010
   type: proxy
   ephemeral: false
   profiles:

   • default
     stateful: false
     description: “”

Can you show snap list?

I can confirm this problem with the following configuration:

# snap list
Name  Version  Rev   Tracking  Publisher   Notes
core  16-2.41  7713  stable    canonical✓  core
lxd   3.0.3    9663  3.0       canonical✓  devmode

on

# uname -a
Linux myserver 4.19.0-6-amd64 #1 SMP Debian 4.19.67-2 (2019-08-28) x86_64 GNU/Linux
# cat /etc/debian_version 
10.1

A device added with the following command …

lxc config device add icinga2 icinga2proxy proxy listen=tcp:0.0.0.0:5665 connect=tcp:127.0.0.1:5665

results in the following log entries:

# cat proxy.icinga2proxy.log 
Error: remove 0.0.0.0:5665: read-only file system
Invalid argument - Failed to receive file descriptor
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x59e3e8]

goroutine 1 [running]:
os.(*File).Name(...)
	/build/lxd/parts/go/build/src/os/file.go:50
net.FileListener(0x0, 0x0, 0x0, 0x0, 0x7)
	/build/lxd/parts/go/build/src/net/file.go:36 +0x88
main.(*cmdForkproxy).Run(0xc000178238, 0xc0002bc280, 0xc0000a5a40, 0x6, 0x6, 0x0, 0x0)
	/build/lxd/parts/lxd/go/src/github.com/lxc/lxd/lxd/main_forkproxy.go:361 +0x29b
main.(*cmdForkproxy).Run-fm(0xc0002bc280, 0xc0000a5a40, 0x6, 0x6, 0x0, 0x0)
	/build/lxd/parts/lxd/go/src/github.com/lxc/lxd/lxd/main_forkproxy.go:289 +0x52
github.com/spf13/cobra.(*Command).execute(0xc0002bc280, 0xc0000a5920, 0x6, 0x6, 0xc0002bc280, 0xc0000a5920)
	/build/lxd/parts/lxd/go/src/github.com/spf13/cobra/command.go:762 +0x473
github.com/spf13/cobra.(*Command).ExecuteC(0xc00027f680, 0x106caef, 0x0, 0xc0002bdb80)
	/build/lxd/parts/lxd/go/src/github.com/spf13/cobra/command.go:852 +0x2fd
github.com/spf13/cobra.(*Command).Execute(0xc00027f680, 0xc0002a3ed0, 0x1)
	/build/lxd/parts/lxd/go/src/github.com/spf13/cobra/command.go:800 +0x2b
main.main()
	/build/lxd/parts/lxd/go/src/github.com/lxc/lxd/lxd/main.go:160 +0xd97

What’s the reason behind this bug, is there any bugfix commit in the 3.16/17 branches, and is there a workaround until 3.0.5 will be available?

Thank’s a lot for your work, I really appreciate lxd.

This has been fixed and we have a fix in the stable-3.0 branch, however it’s not in a releasable state now due to ongoing database changes and a 300+ commit backlog. We’re making slow but somewhat steady progress on backporting those changes and will have a testable build of LXD hopefully pretty soon.