[libvirt-users] Problems with user namespaces

Gao feng gaofeng at cn.fujitsu.com
Mon Sep 9 01:08:45 UTC 2013 

On 09/06/2013 07:32 PM, Jaka Hudoklin wrote:
> Hello!
> 
> Okay i tried again with only staticly linked busybox:
> offlinehacker:~/ $ /home/offlinehacker/busybox/busybox
> BusyBox v1.17.1 (Debian 1:1.17.1-8) multi-call binary.
> Copyright (C) 1998-2009 Erik Andersen, Rob Landley, Denys Vlasenko
> and others. Licensed under GPLv2.
> See source distribution for full notice.
> ....
> 
> Again my id:
> uid=499(offlinehacker) gid=100(users) groups=100(users),1(wheel),57(networkmanager)
> 
> My rootfs tree(/home/offlinehacker/busybox):
> busybox
> ├── [offlineh users   ]  busybox
> └── [offlineh users   ]  busybox-static_1.17.1-8_amd64.deb
> 
> It works just fine as root and these folders gets created:
> busybox
> ├── [offlineh users   ]  busybox
> ├── [offlineh users   ]  busybox-static_1.17.1-8_amd64.deb
> ├── [root     root    ]  dev
> ├── [root     root    ]  .oldroot
> ├── [root     root    ]  proc
> └── [root     root    ]  sys
> 
> When i start it with idmap with clean rootfs(dev proc sys and .oldroot deleted) i get this error, and it is a  little bit different now:
> error: Failed to create domain from helloworld.xml
> error: internal error: guest failed to start: 2013-09-06 11:24:57.088+0000: 5794: debug : virFileC
> 
> And log is pretty similar:
> sep 06 11:24:56 laptop libvirtd[1542]: EVENT_POLL_UPDATE_HANDLE: watch=241 events=1
> sep 06 11:24:57 laptop libvirtd[1542]: Skip interrupt, 1 140499747788544
> sep 06 11:24:57 laptop libvirtd[1542]: OBJECT_REF: obj=0x7fc878000c90
> sep 06 11:24:57 laptop libvirtd[1542]: OBJECT_REF: obj=0x7fc878000c90
> sep 06 11:24:57 laptop libvirtd[1542]: server=0x7fc8a60ddd60 client=0x7fc8a60e8bb0 msg=0x7fc8a60e6970 rerr=0x7fc89a32cd40 args=0x7fc8880160a0 ret=0x7fc888016030
> sep 06 11:24:57 laptop libvirtd[1542]: priv=0x7fc8a60ea3a0 conn=(nil)
> sep 06 11:24:57 laptop libvirtd[1542]: name=lxc:///
> sep 06 11:24:57 laptop libvirtd[1542]: Cannot recv data: Connection reset by peer
> sep 06 11:24:57 laptop libvirtd[1542]: internal error: guest failed to start: 2013-09-06 11:24:57.088+0000: 5794: debug : virFileC
> 
> Rootfs after failed creation looks like this:
> busybox
> ├── [offlineh users   ]  busybox
> ├── [offlineh users   ]  busybox-static_1.17.1-8_amd64.deb
> ├── [offlineh users   ]  .oldroot
> ├── [offlineh users   ]  proc
> └── [offlineh users   ]  sys
> 
> I have debugging enabled, at least LIBVIRT_DEBUG is set to 1 and i get much more messages. If there's any my granular debug please let me know.
> 
> PS: I forgot to mention my version of libvirt is 1.1.2
> 

OK, I get it, Maybe you need this patch

1583dfda7c4e5ad71efe0615c06e5676528d8203
LXC: Don't mount securityfs when user namespace enabled

Thanks

More information about the libvirt-users mailing list