I have multiple Users on my Arclinux host:
- j
- apper
- ulxc – NOT IN USE
The third was an afterthought but I had already apper as my lxc user.
j is pid 1000
apper is pid 1001
apper previously was able to run lxc commnads but no longer with getting “Failed opening dbus connection”
I tested with j user and all lxc commands work properly. I may port my work to user j, but I’d rather use apper for my container work.
[root]# cat /etc/subuid
j:100000:165536
apper:265536:165536
ulxc:431072:165536
root:600000:262144
[root]# cat /etc/subgid
j:100000:165536
apper:265536:165536
ulxc:431072:165536
root:600000:262144
[root]# cat /home/apper/.local/share/lxc/php/config
# Distribution configuration
lxc.include = /usr/share/lxc/config/common.conf
lxc.include = /usr/share/lxc/config/userns.conf
lxc.arch = x86_64
# Container specific configuration
lxc.idmap = u 0 265536 165536
lxc.idmap = g 0 265536 165536
#lxc.idmap = u 0 100000 65536
#lxc.idmap = g 0 100000 65536
lxc.rootfs.path = dir:/home/apper/.local/share/lxc/php/rootfs
lxc.uts.name = php
# Network configuration
lxc.net.0.type = veth
lxc.net.0.link = lxcbr0
lxc.net.0.flags = up
lxc.net.0.hwaddr = 00:16:3e:25:18:24
$ lxc-start --version
6.0.1
$ lxc-checkconfig
LXC version 6.0.1
--- Namespaces ---
Namespaces: enabled
Utsname namespace: enabled
Ipc namespace: enabled
Pid namespace: enabled
User namespace: enabled
Warning: newuidmap is not setuid-root
Warning: newgidmap is not setuid-root
Network namespace: enabled
Namespace limits:
cgroup: 62606
ipc: 62606
mnt: 62606
net: 62606
pid: 62606
time: 62606
user: 62606
uts: 62606
--- Control groups ---
Cgroups: enabled
Cgroup namespace: enabled
Cgroup v1 mount points:
Cgroup v2 mount points:
- /sys/fs/cgroup
Cgroup device: enabled
Cgroup sched: enabled
Cgroup cpu account: enabled
Cgroup memory controller: enabled
Cgroup cpuset: enabled
--- Misc ---
Veth pair device: enabled, loaded
Macvlan: enabled, not loaded
Vlan: enabled, not loaded
Bridges: enabled, loaded
Advanced netfilter: enabled, loaded
CONFIG_IP_NF_TARGET_MASQUERADE: enabled, not loaded
CONFIG_IP6_NF_TARGET_MASQUERADE: enabled, not loaded
CONFIG_NETFILTER_XT_TARGET_CHECKSUM: enabled, not loaded
CONFIG_NETFILTER_XT_MATCH_COMMENT: enabled, not loaded
FUSE (for use with lxcfs): enabled, not loaded
--- Checkpoint/Restore ---
checkpoint restore: enabled
CONFIG_FHANDLE: enabled
CONFIG_EVENTFD: enabled
CONFIG_EPOLL: enabled
CONFIG_UNIX_DIAG: enabled
CONFIG_INET_DIAG: enabled
CONFIG_PACKET_DIAG: enabled
CONFIG_NETLINK_DIAG: enabled
File capabilities: enabled
Note: Before booting a new kernel, you can check its configuration with:
CONFIG=/path/to/config /usr/bin/lxc-checkconfig
$ uname -a
Linux ham 6.9.1-arch1-1 #1 SMP PREEMPT_DYNAMIC Fri, 17 May 2024 16:56:38 +0000 x86_64 GNU/Linux
$ cat /proc/self/cgroup
0::/user.slice/user-1001.slice/session-15.scope
$ cat /proc/1/mounts
proc /proc proc rw,nosuid,nodev,noexec,relatime 0 0
sys /sys sysfs rw,nosuid,nodev,noexec,relatime 0 0
dev /dev devtmpfs rw,nosuid,relatime,size=8013616k,nr_inodes=2003404,mode=755,inode64 0 0
run /run tmpfs rw,nosuid,nodev,relatime,mode=755,inode64 0 0
/dev/sda12 / ext4 rw,relatime 0 0
securityfs /sys/kernel/security securityfs rw,nosuid,nodev,noexec,relatime 0 0
tmpfs /dev/shm tmpfs rw,nosuid,nodev,inode64 0 0
devpts /dev/pts devpts rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000 0 0
cgroup2 /sys/fs/cgroup cgroup2 rw,nosuid,nodev,noexec,relatime,nsdelegate,memory_recursiveprot 0 0
pstore /sys/fs/pstore pstore rw,nosuid,nodev,noexec,relatime 0 0
bpf /sys/fs/bpf bpf rw,nosuid,nodev,noexec,relatime,mode=700 0 0
systemd-1 /proc/sys/fs/binfmt_misc autofs rw,relatime,fd=37,pgrp=1,timeout=0,minproto=5,maxproto=5,direct,pipe_ino=3795 0 0
hugetlbfs /dev/hugepages hugetlbfs rw,nosuid,nodev,relatime,pagesize=2M 0 0
mqueue /dev/mqueue mqueue rw,nosuid,nodev,noexec,relatime 0 0
tracefs /sys/kernel/tracing tracefs rw,nosuid,nodev,noexec,relatime 0 0
debugfs /sys/kernel/debug debugfs rw,nosuid,nodev,noexec,relatime 0 0
fusectl /sys/fs/fuse/connections fusectl rw,nosuid,nodev,noexec,relatime 0 0
configfs /sys/kernel/config configfs rw,nosuid,nodev,noexec,relatime 0 0
tmpfs /tmp tmpfs rw,nosuid,nodev,size=8028468k,nr_inodes=1048576,inode64 0 0
/dev/sda5 /home/j/Data btrfs rw,relatime,ssd,discard=async,space_cache=v2,subvolid=5,subvol=/ 0 0
tmpfs /run/user/1000 tmpfs rw,nosuid,nodev,relatime,size=1605692k,nr_inodes=401423,mode=700,uid=1000,gid=1000,inode64 0 0
gvfsd-fuse /run/user/1000/gvfs fuse.gvfsd-fuse rw,nosuid,nodev,relatime,user_id=1000,group_id=1000 0 0
tmpfs /run/user/1001 tmpfs rw,nosuid,nodev,relatime,size=1605692k,nr_inodes=401423,mode=700,uid=1001,gid=1001,inode64 0 0
/dev/sda2 /mnt/sda2 ext4 rw,relatime 0 0
ISSUE DESCRIPTION
I log into my main user account “j”
Then the following:
[j@myhost]$ ssh apper@localhost
[apper@myhost]$ lxc-start -n php
$ lxc-ls -f
NAME STATE AUTOSTART GROUPS IPV4 IPV6 UNPRIVILEGED
deb STOPPED 0 - - - true
php STOPPED 0 - - - true
`$ lxc-start -n php --logfile out`
$ cat out
lxc-start php 20240627234141.195 ERROR cgfsng - ../src/lxc/cgroups/cgfsng.c:unpriv_systemd_create_scope:1516 - Failed opening dbus connection