I am able to create and run privileged containers on OpenWRT 19.07.2 and LXC 2.1.1
I am unable to run unprivileged containers. I am getting the following errors
lxc-start myalpine 20200410140608.707 ERROR lxc_utils - utils.c:mkdir_p:257 - Permission denied - failed to create directory '/sys/fs/cgroup/lxc/myalpine' lxc-start myalpine 20200410140608.707 ERROR lxc_cgfs - cgroups/cgfs.c:lxc_cgroupfs_create:1022 - Permission denied - Could not create cgroup '/lxc/myalpine' in '/sys/fs/cgroup'. lxc-start myalpine 20200410140608.710 ERROR lxc_cgfs - cgroups/cgfs.c:cgroup_rmdir:209 - Permission denied - Failed to delete /sys/fs/cgroup//lxc lxc-start myalpine 20200410140608.711 ERROR lxc_cgfs - cgroups/cgfs.c:cgroup_rmdir:209 - Permission denied - Failed to delete /sys/fs/cgroup/ lxc-start myalpine 20200410140608.711 ERROR lxc_start - start.c:lxc_spawn:1221 - Failed creating cgroups.
lxc directory under
/sys/fs/cgroup and it is owned by
I went through similar posts in this forum and other forums as well. I am trying to provide as much information as possible here:
cat /proc/self/cgroup 1:cpuset,cpu,cpuacct,blkio,memory,devices,freezer,net_cls,perf_event,pids,debug:/
cat /home/strive/.local/share/lxc/myalpine/config lxc.include = /etc/lxc/default.conf lxc.include = /usr/share/lxc/config/alpine.common.conf lxc.include = /usr/share/lxc/config/alpine.userns.conf lxc.arch = linux64 # find your ids via # cat /etc/s*id|grep $USER lxc.idmap = u 0 100000 65536 lxc.idmap = g 0 100000 65536 lxc.init.uid = 100000 lxc.init.gid = 100000 lxc.mount.auto = proc:mixed sys:ro cgroup:mixed # lan interface lxc.net.0.type = veth lxc.net.0.link = br-lan lxc.net.0.flags = up # wan interface #lxc.net.1.type = veth #lxc.net.1.link = br-lan # adapt <user> and <vm-name> lxc.rootfs.path = dir:/home/strive/.local/share/lxc/myalpine/rootfs
In one of the posts it was mentioned to include the line
session optional pam_cgfs.so -c freezer,memory,name=systemd,cpuset,cpu in
/etc/pam.d/common-session-noninteractive files. However,
pam_cgfs.so is not present in my OpenWRT VM.
Am i missing something that is required for proper cgroup hierarchy. Please give me some pointers to solve this issue.