Unable to load properly LXC without systemd service

luccons · March 14, 2022, 3:21pm

Hi,

I’m working on a mips embedded platform equipped with kernel linux 3.10.104 and I’ve installed on my firmware linux distro lxc 4.0.12 successfully.
So later I’ve enabled cgroups linux configs, below you have lxc-checkconfig printout and lxc container test config.
Unfortunately I can’t start with LXC API a valid container, instead if I use lxc commands with bash shell (user root) the container will be created well.
What should I modify in order to get a correct container setup? Is there anything related to cgroups which fails?

Best regards,
Francesco

lxc-checkconfig
LXC version 4.0.12
— Namespaces —
Namespaces: enabled
Utsname namespace: enabled
Ipc namespace: enabled
Pid namespace: enabled
User namespace: enabled
newuidmap is not installed
newgidmap is not installed
Network namespace: enabled
Multiple /dev/pts instances: enabled

— Control groups —
Cgroups: enabled
Cgroup namespace: missing

Cgroup v1 mount points:
/sys/fs/cgroup/cpuset
/sys/fs/cgroup/cpu
/sys/fs/cgroup/cpuacct
/sys/fs/cgroup/memory
/sys/fs/cgroup/devices
/sys/fs/cgroup/freezer

Cgroup v2 mount points:

Cgroup v1 systemd controller: missing
Cgroup v1 clone_children flag: enabled
Cgroup device: enabled
Cgroup sched: enabled
Cgroup cpu account: enabled
Cgroup memory controller: enabled
Cgroup cpuset: enabled

— Misc —
Veth pair device: enabled, not loaded
Macvlan: enabled, not loaded
Vlan: enabled, not loaded
Bridges: enabled, not loaded
Advanced netfilter: enabled, not loaded
CONFIG_IP_NF_TARGET_MASQUERADE: enabled, not loaded
CONFIG_IP6_NF_TARGET_MASQUERADE: enabled, not loaded
CONFIG_NETFILTER_XT_TARGET_CHECKSUM: enabled, not loaded
CONFIG_NETFILTER_XT_MATCH_COMMENT: enabled, not loaded
FUSE (for use with lxcfs): enabled, not loaded

— Checkpoint/Restore —
checkpoint restore: enabled
CONFIG_FHANDLE: enabled
CONFIG_EVENTFD: enabled
CONFIG_EPOLL: enabled
CONFIG_UNIX_DIAG: enabled
CONFIG_INET_DIAG: enabled
CONFIG_PACKET_DIAG: enabled
CONFIG_NETLINK_DIAG: enabled
File capabilities:

I noticed that cgroup v1 systemd controller hasn’t been enabled but I don’t care since on my embedded system I don’t work with systemd framework.

/var/lib/lxc/test/config
lxc.uts.name = test
lxc.rootfs.path = /mnt/DiskE/test
lxc.init.cmd = /sbin/init
lxc.log.level = 0
lxc.log.syslog = daemon
lxc.rootfs.managed = 0
lxc.autodev = 1
lxc.tty.max = 5
lxc.pty.max = 1
lxc.mount.auto = cgroup proc:mixed sys:ro
lxc.mount.entry = shm dev/shm tmpfs defaults,create=dir 0 0
lxc.mount.entry = mqueue dev/mqueue mqueue defaults,optional,create=dir 0 0
lxc.mount.entry = /bin bin none ro,bind 0 0
lxc.mount.entry = /lib lib none ro,bind 0 0

Here you have the printout about the container startup with API functions:

lxc[2994]: test: start - start.c:lxc_start:2188 - Doing lxc_start
lxc[2994]: test: lsm - lsm/lsm.c:lsm_init_static:38 - Initialized LSM security driver nop
lxc[2994]: test: start - start.c:lxc_init:781 - Initialized LSM
lxc[2994]: test: start - start.c:lxc_serve_state_clients:486 - Set container state to STARTING
lxc[2994]: test: start - start.c:lxc_serve_state_clients:489 - No state clients registered
lxc[2994]: test: start - start.c:lxc_init:787 - Set container state to “STARTING”
lxc[2994]: test: start - start.c:lxc_init:843 - Set environment variables
lxc[2994]: test: start - start.c:lxc_init:848 - Ran pre-start hooks
lxc[2994]: test: terminal - terminal.c:lxc_devpts_terminal:992 - Inappropriate ioctl for device - Pure fd-based terminal allocation not possible
lxc[2994]: test: start - start.c:setup_signal_fd:373 - Created signal file descriptor 6
lxc[2994]: test: start - start.c:lxc_init:861 - Set up signal fd
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:cgroup_hierarchy_add:457 - Adding cgroup hierarchy mounted at freezer and base cgroup (null)
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:cgroup_hierarchy_add:459 - The hierarchy contains the freezer controller
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:cgroup_hierarchy_add:457 - Adding cgroup hierarchy mounted at devices and base cgroup (null)
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:cgroup_hierarchy_add:459 - The hierarchy contains the devices controller
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:cgroup_hierarchy_add:457 - Adding cgroup hierarchy mounted at memory and base cgroup (null)
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:cgroup_hierarchy_add:459 - The hierarchy contains the memory controller
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:cgroup_hierarchy_add:457 - Adding cgroup hierarchy mounted at cpuacct and base cgroup (null)
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:cgroup_hierarchy_add:459 - The hierarchy contains the cpuacct controller
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:cgroup_hierarchy_add:457 - Adding cgroup hierarchy mounted at cpu and base cgroup (null)
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:cgroup_hierarchy_add:459 - The hierarchy contains the cpu controller
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:cgroup_hierarchy_add:457 - Adding cgroup hierarchy mounted at cpuset and base cgroup (null)
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:cgroup_hierarchy_add:459 - The hierarchy contains the cpuset controller
lxc[2994]: test: cgroup - cgroups/cgroup.c:cgroup_init:40 - Initialized cgroup driver cgfsng
lxc[2994]: test: cgroup - cgroups/cgroup.c:cgroup_init:43 - Legacy cgroup layout
lxc[2994]: test: start - start.c:lxc_init:868 - Initialized cgroup driver
lxc[2994]: test: start - start.c:lxc_init:875 - Read seccomp policy
lxc[2994]: test: start - start.c:lxc_init:882 - Initialized LSM
lxc[2994]: test: start - start.c:lxc_init:884 - Container “test” is initialized
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:__cgroup_tree_create:715 - Created 9(lxc.monitor.test) cgroup
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:__cgroup_tree_create:715 - Created 10(lxc.monitor.test) cgroup
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:__cgroup_tree_create:715 - Created 11(lxc.monitor.test) cgroup
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:__cgroup_tree_create:715 - Created 12(lxc.monitor.test) cgroup
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:__cgroup_tree_create:715 - Created 13(lxc.monitor.test) cgroup
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:__cgroup_tree_create:715 - Created 14(lxc.monitor.test) cgroup
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:cpuset1_cpus_initialize:595 - The path “/sys/devices/system/cpu/isolated” to read isolated cpus from does not exist
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:cpuset1_cpus_initialize:626 - No isolated or offline cpus present in cpuset
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:cpuset1_cpus_initialize:640 - Copied cpu settings of parent cgroup
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:cpuset1_initialize:676 - Initialized cpuset in the legacy hierarchy
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:cgfsng_monitor_create:1028 - The monitor process uses “lxc.monitor.test” as cgroup
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:cgfsng_monitor_enter:1178 - Moved monitor into cgroup 15
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:cgfsng_monitor_enter:1187 - Moved transient process into cgroup 15
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:cgfsng_monitor_enter:1178 - Moved monitor into cgroup 16
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:cgfsng_monitor_enter:1187 - Moved transient process into cgroup 16
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:cgfsng_monitor_enter:1178 - Moved monitor into cgroup 17
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:cgfsng_monitor_enter:1187 - Moved transient process into cgroup 17
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:cgfsng_monitor_enter:1178 - Moved monitor into cgroup 18
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:cgfsng_monitor_enter:1187 - Moved transient process into cgroup 18
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:cgfsng_monitor_enter:1178 - Moved monitor into cgroup 19
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:cgfsng_monitor_enter:1185 - Invalid argument - Failed to enter cgroup 19
lxc[2994]: test: start - start.c:__lxc_start:2035 - Failed to enter monitor cgroup
lxc[2994]: test: start - start.c:lxc_serve_state_socket_pair:548 - Sent container state “ABORTING” to 90
lxc[2994]: test: start - start.c:lxc_serve_state_clients:486 - Set container state to ABORTING
lxc[2994]: test: start - start.c:lxc_serve_state_clients:489 - No state clients registered
lxc[2994]: test: start - start.c:lxc_serve_state_clients:486 - Set container state to STOPPING
lxc[2994]: test: start - start.c:lxc_serve_state_clients:489 - No state clients registered
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:cgfsng_payload_destroy:548 - Uninitialized limit cgroup
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:__cgroup_tree_create:715 - Created 9(lxc.pivot) cgroup
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:cgfsng_monitor_destroy:913 - Device or resource busy - Failed to destroy 9(lxc.monitor.test)
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:__cgroup_tree_create:715 - Created 10(lxc.pivot) cgroup
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:cgfsng_monitor_destroy:913 - Device or resource busy - Failed to destroy 10(lxc.monitor.test)
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:__cgroup_tree_create:715 - Created 11(lxc.pivot) cgroup
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:cgfsng_monitor_destroy:913 - Device or resource busy - Failed to destroy 11(lxc.monitor.test)
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:__cgroup_tree_create:715 - Created 12(lxc.pivot) cgroup
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:cgfsng_monitor_destroy:913 - Device or resource busy - Failed to destroy 12(lxc.monitor.test)
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:__cgroup_tree_create:715 - Created 13(lxc.pivot) cgroup
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:cgfsng_monitor_destroy:915 - Removed cgroup tree 13(lxc.monitor.test)
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:__cgroup_tree_create:715 - Created 14(lxc.pivot) cgroup
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:cpuset1_cpus_initialize:595 - The path “/sys/devices/system/cpu/isolated” to read isolated cpus from does not exist
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:cpuset1_cpus_initialize:626 - No isolated or offline cpus present in cpuset
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:cpuset1_cpus_initialize:640 - Copied cpu settings of parent cgroup
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:cpuset1_initialize:676 - Initialized cpuset in the legacy hierarchy
lxc[2994]: test: cgfsng - cgroups/cgfsng.c:cgfsng_monitor_destroy:915 - Removed cgroup tree 14(lxc.monitor.test)
lxc[2994]: test: start - start.c:lxc_end:966 - Closed command socket
lxc[2994]: test: start - start.c:lxc_end:977 - Set container state to “STOPPED”

stgraber · March 16, 2022, 1:26am

So to clarify on the same system, you have a container which you can lxc-start -n NAME just fine but can’t perform the same using your own program using liblxc?

luccons · March 16, 2022, 7:33am

Exactly.

stgraber · March 16, 2022, 2:27pm

Even when you’re running both lxc-start and your equivalent from the same terminal?

luccons · March 16, 2022, 3:03pm

No, when I start the equivalent program from the terminal I can create and run LXC container correctly, matching the same beaviour as lxc-start application.

stgraber · March 16, 2022, 5:08pm

What’s running your program in the failing environment? Some kind of init system?

luccons · March 16, 2022, 5:24pm

Yes, there’s a linux distribution where the system runs init as busybox applet.

stgraber · March 16, 2022, 7:34pm

Ok, what you’d need to figure out is what’s different between your init system calling your binary and you calling your binary from a shell after boot.

Maybe it’s just a timing thing and it’s running too early?

luccons · March 17, 2022, 4:12pm

Trying to apply some syncronous delay to startup code but it doesn’t fix this issue. Now I’ve applied a workaround so I call lxc-start application within my firmware code and it works.

Alex2000 · December 17, 2023, 9:24am

Any update on this i have the same issue i’m running a fresh install of debian 12

Container logs:

lxc test 20231217092238.252 TRACE    commands - ../src/lxc/commands.c:lxc_cmd:514 - Connection refused - Command "get_init_pid" failed to connect command socket
lxc test 20231217092238.252 TRACE    commands - ../src/lxc/commands.c:lxc_cmd:514 - Connection refused - Command "get_state" failed to connect command socket
lxc test 20231217092238.252 TRACE    start - ../src/lxc/start.c:lxc_init_handler:738 - Created anonymous pair {30,31} of unix sockets
lxc test 20231217092238.252 TRACE    commands - ../src/lxc/commands.c:lxc_server_init:2129 - Created abstract unix socket "/var/lib/lxc/test/command"
lxc test 20231217092238.252 TRACE    start - ../src/lxc/start.c:lxc_init_handler:754 - Unix domain socket 32 for command server is ready
lxc test 20231217092238.254 INFO     lxccontainer - ../src/lxc/lxccontainer.c:do_lxcapi_start:998 - Set process title to [lxc monitor] /var/lib/lxc test
lxc test 20231217092238.256 INFO     start - ../src/lxc/start.c:lxc_check_inherited:325 - Closed inherited fd 3
lxc test 20231217092238.256 INFO     start - ../src/lxc/start.c:lxc_check_inherited:325 - Closed inherited fd 4
lxc test 20231217092238.256 INFO     start - ../src/lxc/start.c:lxc_check_inherited:325 - Closed inherited fd 5
lxc test 20231217092238.256 INFO     start - ../src/lxc/start.c:lxc_check_inherited:325 - Closed inherited fd 6
lxc test 20231217092238.256 INFO     start - ../src/lxc/start.c:lxc_check_inherited:325 - Closed inherited fd 7
lxc test 20231217092238.256 INFO     start - ../src/lxc/start.c:lxc_check_inherited:325 - Closed inherited fd 8
lxc test 20231217092238.256 INFO     start - ../src/lxc/start.c:lxc_check_inherited:325 - Closed inherited fd 9
lxc test 20231217092238.256 DEBUG    lxccontainer - ../src/lxc/lxccontainer.c:wait_on_daemonized_start:859 - First child 351699 exited
lxc test 20231217092238.257 INFO     start - ../src/lxc/start.c:lxc_check_inherited:325 - Closed inherited fd 10
lxc test 20231217092238.257 INFO     start - ../src/lxc/start.c:lxc_check_inherited:325 - Closed inherited fd 11
lxc test 20231217092238.257 INFO     start - ../src/lxc/start.c:lxc_check_inherited:325 - Closed inherited fd 12
lxc test 20231217092238.257 INFO     start - ../src/lxc/start.c:lxc_check_inherited:325 - Closed inherited fd 13
lxc test 20231217092238.257 INFO     start - ../src/lxc/start.c:lxc_check_inherited:325 - Closed inherited fd 14
lxc test 20231217092238.257 INFO     start - ../src/lxc/start.c:lxc_check_inherited:325 - Closed inherited fd 15
lxc test 20231217092238.257 INFO     start - ../src/lxc/start.c:lxc_check_inherited:325 - Closed inherited fd 16
lxc test 20231217092238.257 INFO     start - ../src/lxc/start.c:lxc_check_inherited:325 - Closed inherited fd 17
lxc test 20231217092238.257 INFO     start - ../src/lxc/start.c:lxc_check_inherited:325 - Closed inherited fd 18
lxc test 20231217092238.257 INFO     start - ../src/lxc/start.c:lxc_check_inherited:325 - Closed inherited fd 19
lxc test 20231217092238.257 INFO     start - ../src/lxc/start.c:lxc_check_inherited:325 - Closed inherited fd 20
lxc test 20231217092238.257 INFO     start - ../src/lxc/start.c:lxc_check_inherited:325 - Closed inherited fd 21
lxc test 20231217092238.257 INFO     start - ../src/lxc/start.c:lxc_check_inherited:325 - Closed inherited fd 22
lxc test 20231217092238.257 INFO     start - ../src/lxc/start.c:lxc_check_inherited:325 - Closed inherited fd 23
lxc test 20231217092238.257 INFO     start - ../src/lxc/start.c:lxc_check_inherited:325 - Closed inherited fd 24
lxc test 20231217092238.258 INFO     start - ../src/lxc/start.c:lxc_check_inherited:325 - Closed inherited fd 25
lxc test 20231217092238.258 INFO     start - ../src/lxc/start.c:lxc_check_inherited:325 - Closed inherited fd 26
lxc test 20231217092238.258 INFO     start - ../src/lxc/start.c:lxc_check_inherited:325 - Closed inherited fd 27
lxc test 20231217092238.258 INFO     start - ../src/lxc/start.c:lxc_check_inherited:325 - Closed inherited fd 28
lxc test 20231217092238.258 TRACE    start - ../src/lxc/start.c:lxc_start:2221 - Doing lxc_start
lxc test 20231217092238.258 INFO     lsm - ../src/lxc/lsm/lsm.c:lsm_init_static:38 - Initialized LSM security driver AppArmor
lxc test 20231217092238.258 TRACE    start - ../src/lxc/start.c:lxc_init:778 - Initialized LSM
lxc test 20231217092238.258 TRACE    start - ../src/lxc/start.c:lxc_serve_state_clients:483 - Set container state to STARTING
lxc test 20231217092238.258 TRACE    start - ../src/lxc/start.c:lxc_serve_state_clients:486 - No state clients registered
lxc test 20231217092238.258 TRACE    start - ../src/lxc/start.c:lxc_init:784 - Set container state to "STARTING"
lxc test 20231217092238.259 TRACE    start - ../src/lxc/start.c:lxc_init:840 - Set environment variables
lxc test 20231217092238.259 TRACE    start - ../src/lxc/start.c:lxc_init:845 - Ran pre-start hooks
lxc test 20231217092238.259 TRACE    start - ../src/lxc/start.c:setup_signal_fd:370 - Created signal file descriptor 5
lxc test 20231217092238.259 TRACE    start - ../src/lxc/start.c:lxc_init:858 - Set up signal fd
lxc test 20231217092238.259 TRACE    cgfsng - ../src/lxc/cgroups/cgfsng.c:unpriv_systemd_create_scope:1292 - unpriv_systemd_create_scope: no systemd support
lxc test 20231217092238.259 TRACE    cgfsng - ../src/lxc/cgroups/cgfsng.c:cgroup_hierarchy_add:463 - Adding cgroup hierarchy mounted at  and base cgroup (null)
lxc test 20231217092238.259 TRACE    cgfsng - ../src/lxc/cgroups/cgfsng.c:cgroup_hierarchy_add:466 - The hierarchy contains the cpuset controller
lxc test 20231217092238.259 TRACE    cgfsng - ../src/lxc/cgroups/cgfsng.c:cgroup_hierarchy_add:466 - The hierarchy contains the cpu controller
lxc test 20231217092238.259 TRACE    cgfsng - ../src/lxc/cgroups/cgfsng.c:cgroup_hierarchy_add:466 - The hierarchy contains the io controller
lxc test 20231217092238.259 TRACE    cgfsng - ../src/lxc/cgroups/cgfsng.c:cgroup_hierarchy_add:466 - The hierarchy contains the memory controller
lxc test 20231217092238.260 TRACE    cgfsng - ../src/lxc/cgroups/cgfsng.c:cgroup_hierarchy_add:466 - The hierarchy contains the hugetlb controller
lxc test 20231217092238.260 TRACE    cgfsng - ../src/lxc/cgroups/cgfsng.c:cgroup_hierarchy_add:466 - The hierarchy contains the pids controller
lxc test 20231217092238.260 TRACE    cgfsng - ../src/lxc/cgroups/cgfsng.c:cgroup_hierarchy_add:466 - The hierarchy contains the rdma controller
lxc test 20231217092238.260 TRACE    cgfsng - ../src/lxc/cgroups/cgfsng.c:cgroup_hierarchy_add:466 - The hierarchy contains the misc controller
lxc test 20231217092238.263 TRACE    cgroup2_devices - ../src/lxc/cgroups/cgroup2_devices.c:bpf_program_load_kernel:335 - Loaded bpf program: func#0 @0
0: R1=ctx(off=0,imm=0) R10=fp0
0: (61) r2 = *(u32 *)(r1 +0)          ; R1=ctx(off=0,imm=0) R2_w=scalar(umax=4294967295,var_off=(0x0; 0xffffffff))
1: (54) w2 &= 65535                   ; R2_w=scalar(umax=65535,var_off=(0x0; 0xffff))
2: (61) r3 = *(u32 *)(r1 +0)          ; R1=ctx(off=0,imm=0) R3_w=scalar(umax=4294967295,var_off=(0x0; 0xffffffff))
3: (74) w3 >>= 16                     ; R3_w=scalar(umax=65535,var_off=(0x0; 0xffff))
4: (61) r4 = *(u32 *)(r1 +4)          ; R1=ctx(off=0,imm=0) R4_w=scalar(umax=4294967295,var_off=(0x0; 0xffffffff))
5: (61) r5 = *(u32 *)(r1 +8)          ; R1=ctx(off=0,imm=0) R5_w=scalar(umax=4294967295,var_off=(0x0; 0xffffffff))
6: (b7) r0 = 1                        ; R0_w=1
7: (95) exit
processed 8 insns (limit 1000000) max_states_per_insn 0 total_states 0 peak_states 0 mark_read 0

lxc test 20231217092238.263 TRACE    cgroup2_devices - ../src/lxc/cgroups/cgroup2_devices.c:bpf_devices_cgroup_supported:553 - The bpf device cgroup is supported
lxc test 20231217092238.263 TRACE    cgroup - ../src/lxc/cgroups/cgroup.c:cgroup_init:41 - Initialized cgroup driver cgfsng
lxc test 20231217092238.263 TRACE    cgroup - ../src/lxc/cgroups/cgroup.c:cgroup_init:48 - Unified cgroup layout
lxc test 20231217092238.263 TRACE    start - ../src/lxc/start.c:lxc_init:865 - Initialized cgroup driver
lxc test 20231217092238.263 TRACE    start - ../src/lxc/start.c:lxc_init:872 - Read seccomp policy
lxc test 20231217092238.562 TRACE    start - ../src/lxc/start.c:lxc_init:879 - Initialized LSM
lxc test 20231217092238.562 INFO     start - ../src/lxc/start.c:lxc_init:881 - Container "test" is initialized
lxc test 20231217092238.562 TRACE    cgfsng - ../src/lxc/cgroups/cgfsng.c:__cgroup_tree_create:727 - Created 8(lxc.monitor.test) cgroup
lxc test 20231217092238.562 TRACE    cgfsng - ../src/lxc/cgroups/cgfsng.c:__cgroup_tree_create:742 - Opened newly created cgroup lxc.monitor.test as 9
lxc test 20231217092238.562 INFO     cgfsng - ../src/lxc/cgroups/cgfsng.c:cgfsng_monitor_create:1391 - The monitor process uses "lxc.monitor.test" as cgroup
lxc test 20231217092238.563 TRACE    cgfsng - ../src/lxc/cgroups/cgfsng.c:__cgfsng_delegate_controllers:3343 - Enabled "+cpuset +cpu +io +memory +hugetlb +pids +rdma +misc" controllers in the unified cgroup 8
lxc test 20231217092238.579 TRACE    cgfsng - ../src/lxc/cgroups/cgfsng.c:cgfsng_monitor_enter:1541 - Moved monitor (351700) into cgroup 9
lxc test 20231217092238.579 ERROR    cgfsng - ../src/lxc/cgroups/cgfsng.c:cgfsng_monitor_enter:1550 - Invalid argument - Failed to enter pid 351689 into cgroup 9
lxc test 20231217092238.579 ERROR    start - ../src/lxc/start.c:__lxc_start:2054 - Failed to enter monitor cgroup
lxc test 20231217092238.579 TRACE    start - ../src/lxc/start.c:lxc_serve_state_socket_pair:544 - Sent container state "ABORTING" to 31
lxc test 20231217092238.579 TRACE    start - ../src/lxc/start.c:lxc_serve_state_clients:483 - Set container state to ABORTING
lxc test 20231217092238.579 TRACE    start - ../src/lxc/start.c:lxc_serve_state_clients:486 - No state clients registered
lxc test 20231217092238.580 TRACE    start - ../src/lxc/start.c:lxc_serve_state_clients:483 - Set container state to STOPPING
lxc test 20231217092238.580 TRACE    start - ../src/lxc/start.c:lxc_serve_state_clients:486 - No state clients registered
lxc test 20231217092238.580 ERROR    lxccontainer - ../src/lxc/lxccontainer.c:wait_on_daemonized_start:878 - Received container state "ABORTING" instead of "RUNNING"
lxc test 20231217092238.881 WARN     cgfsng - ../src/lxc/cgroups/cgfsng.c:cgfsng_payload_destroy:555 - Uninitialized limit cgroup
lxc test 20231217092238.881 TRACE    cgfsng - ../src/lxc/cgroups/cgfsng.c:__cgroup_tree_create:727 - Reusing 8(lxc.pivot) cgroup
lxc test 20231217092238.881 TRACE    cgfsng - ../src/lxc/cgroups/cgfsng.c:__cgroup_tree_create:742 - Opened cgroup lxc.pivot as 10
lxc test 20231217092238.904 TRACE    cgfsng - ../src/lxc/cgroups/cgfsng.c:cgfsng_monitor_destroy:928 - Removed cgroup tree 8(lxc.monitor.test)
lxc test 20231217092238.904 TRACE    start - ../src/lxc/start.c:lxc_end:963 - Closed command socket
lxc test 20231217092238.904 TRACE    start - ../src/lxc/start.c:lxc_end:974 - Set container state to "STOPPED"

lxc-checkconfig:

LXC version 5.0.2
Kernel configuration not found at /proc/config.gz; searching...
Kernel configuration found at /boot/config-6.1.0-15-amd64

--- Namespaces ---
Namespaces: enabled
Utsname namespace: enabled
Ipc namespace: enabled
Pid namespace: enabled
User namespace: enabled
Network namespace: enabled

--- Control groups ---
Cgroups: enabled
Cgroup namespace: enabled
Cgroup v1 mount points: 
Cgroup v2 mount points: 
 - /sys/fs/cgroup
Cgroup device: enabled
Cgroup sched: enabled
Cgroup cpu account: enabled
Cgroup memory controller: enabled
Cgroup cpuset: enabled

--- Misc ---
Veth pair device: enabled, loaded
Macvlan: enabled, not loaded
Vlan: enabled, not loaded
Bridges: enabled, loaded
Advanced netfilter: enabled, loaded
CONFIG_IP_NF_TARGET_MASQUERADE: enabled, not loaded
CONFIG_IP6_NF_TARGET_MASQUERADE: enabled, not loaded
CONFIG_NETFILTER_XT_TARGET_CHECKSUM: enabled, not loaded
CONFIG_NETFILTER_XT_MATCH_COMMENT: enabled, not loaded
FUSE (for use with lxcfs): enabled, loaded

--- Checkpoint/Restore ---
checkpoint restore: enabled
CONFIG_FHANDLE: enabled
CONFIG_EVENTFD: enabled
CONFIG_EPOLL: enabled
CONFIG_UNIX_DIAG: enabled
CONFIG_INET_DIAG: enabled
CONFIG_PACKET_DIAG: enabled
CONFIG_NETLINK_DIAG: enabled
File capabilities: enabled

Note : Before booting a new kernel, you can check its configuration
usage : CONFIG=/path/to/config /usr/bin/lxc-checkconfig