Bug#808364: marked as done (lxc: lxc-start fails to mount proc (Operation not permitted))

To: carnil@debian.org
Subject: Bug#808364: marked as done (lxc: lxc-start fails to mount proc (Operation not permitted))
From: "Debian Bug Tracking System" <owner@bugs.debian.org>
Date: Sat, 16 Oct 2021 11:54:05 +0000
Message-id: <[🔎] handler.808364.D808364.163438509626202.ackdone@bugs.debian.org>
Reply-to: 808364@bugs.debian.org
References: <616abcc5.1c69fb81.af1a0.3eb3@mx.google.com> <20151219014806.10094.97972.reportbug@pyre.virge.net>

Your message dated Sat, 16 Oct 2021 04:51:33 -0700 (PDT)
with message-id <616abcc5.1c69fb81.af1a0.3eb3@mx.google.com>
and subject line Closing this bug (BTS maintenance for src:linux bugs)
has caused the Debian Bug report #808364,
regarding lxc: lxc-start fails to mount proc (Operation not permitted)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
808364: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=808364
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: lxc: lxc-start fails to mount proc (Operation not permitted)
From: Norbert Veber <nveber@debian.org>
Date: Fri, 18 Dec 2015 20:48:06 -0500
Message-id: <20151219014806.10094.97972.reportbug@pyre.virge.net>

Package: src:linux
Version: 3.16.7-ckt20-1+deb8u1
Severity: important

After some troubleshooting with the help of snapshot.debian.org I found
that any kernel newer than 3.16.7-ckt11-1+deb8u6 is not able to start
unprivileged lxc containers (as root).  Downgrading to
3.16.7-ckt11-1+deb8u6 or older makes it work again.

Here is the error that happens on the newer versions:

# lxc-start -n db1
lxc-start: Operation not permitted - Mount of 'proc' onto '/usr/lib/x86_64-linux-gnu/lxc/rootfs/proc' failed
lxc-start: Operation not permitted - failed to mount 'proc' on '/usr/lib/x86_64-linux-gnu/lxc/rootfs/proc'
lxc-start: failed to setup the mount entries for 'db1'
lxc-start: failed to setup the container
lxc-start: invalid sequence number 1. expected 2
lxc-start: failed to spawn 'db1'
lxc-start: The container failed to start.
lxc-start: Additional information can be obtained by setting the --logfile and --logpriority options.

An strace showed the mount system call simply failed with EPERM as the
error says above.

A similar issue was also reported with lxd on newer Ubuntu kernels here:
https://github.com/lxc/lxd/issues/946

PS. If anyone else is having this issue, download the older kernel from:
http://snapshot.debian.org/binary/linux-image-3.16.0-4-amd64/
The older versions of course will be missing the latest security fixes.

--- End Message ---

--- Begin Message ---

To: 808364-done@bugs.debian.org

Cc: 808364-submitter@bugs.debian.org

Subject: Closing this bug (BTS maintenance for src:linux bugs)

From: carnil@debian.org

Date: Sat, 16 Oct 2021 04:51:33 -0700 (PDT)

Message-id: <616abcc5.1c69fb81.af1a0.3eb3@mx.google.com>
Hi

This bug was filed for a very old kernel or the bug is old itself
without resolution.

If you can reproduce it with

- the current version in unstable/testing
- the latest kernel from backports

please reopen the bug, see https://www.debian.org/Bugs/server-control
for details.

Regards,
Salvatore
--- End Message ---

Reply to:

Prev by Date: Bug#800085: marked as done (linux-image-4.1.0-2-armmp: The ethernet fails to come up on my Allwinner A10 device.)
Next by Date: Bug#807010: marked as done (xl2tpd freezes all system)
Previous by thread: Bug#800085: marked as done (linux-image-4.1.0-2-armmp: The ethernet fails to come up on my Allwinner A10 device.)
Next by thread: Bug#807010: marked as done (xl2tpd freezes all system)
Index(es):
- Date
- Thread