>From my current experience on Ubuntu 16.10 and LXC managed by Proxmox
with Neo4j:
+ The service starts but does not create listening sockets after the
initial run, when the /etc/neo4j/neo4j.conf configuration is changed to
the following below:
neo4j.conf >> ++ dbms.connectors.default_listen_address=0.0.0.0
root@neo4j-nmap:~# service neo4j status
* neo4j.service - LSB: Neo4j Graph Database server
Loaded: loaded (/etc/init.d/neo4j; generated; vendor preset: enabled)
Active: active (exited) since Fri 2017-02-17 04:24:15 UTC; 5 days ago
Docs: man:systemd-sysv-generator(8)
Process: 486 ExecStart=/etc/init.d/neo4j start (code=exited, status=0/SUCCESS)
Tasks: 0 (limit: 4915)
CGroup: /system.slice/neo4j.service
Feb 17 04:24:15 neo4j-nmap systemd[1]: neo4j.service: Failed to reset
devices.list: Operation n
Feb 17 04:24:15 neo4j-nmap systemd[1]: Starting LSB: Neo4j Graph Database
server...
Feb 17 04:24:15 neo4j-nmap neo4j[486]: Starting Neo4j.
Feb 17 04:24:15 neo4j-nmap neo4j[486]: WARNING: Max 1024 open files allowed,
minimum of 40000 r
Feb 17 04:24:15 neo4j-nmap neo4j[486]: Started neo4j (pid 579). By default, it
is available at
Feb 17 04:24:15 neo4j-nmap neo4j[486]: There may be a short delay until the
server is ready.
Feb 17 04:24:15 neo4j-nmap neo4j[486]: See /var/log/neo4j/neo4j.log for current
status.
Feb 17 04:24:15 neo4j-nmap systemd[1]: Started LSB: Neo4j Graph Database server.
Feb 17 04:38:44 neo4j-nmap systemd[1]: neo4j.service: Failed to reset
devices.list: Operation n
root@neo4j-nmap:~# netstat -ant|grep LISTEN
tcp 0 0 0.0.0.0:5355 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
tcp6 0 0 :::5355 :::* LISTEN
tcp6 0 0 :::22 :::* LISTEN
tcp6 0 0 ::1:25 :::* LISTEN
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/1582364
Title:
Failure to reset devices.list on LXC privileged containers on Xenial
Status in lxc package in Ubuntu:
Invalid
Bug description:
I created a privilege container on Xenial using command "sudo lxc-
create -n test-privilege -t ubuntu", and container hits failed to
reset devices.list errors for every boot:
root@psyduck-maas20:/var/lib/lxc# sudo lxc-start -n test-privilege -F
systemd 229 running in system mode. (+PAM +AUDIT +SELINUX +IMA +APPARMOR
+SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ -LZ4 +SECCOMP
+BLKID +ELFUTILS +KMOD -IDN)
Detected virtualization lxc.
Detected architecture x86-64.
Welcome to Ubuntu 16.04 LTS!
Set hostname to <test-privilege>.
Failed to install release agent, ignoring: No such file or directory
[ OK ] Reached target Swap.
[ OK ] Listening on Syslog Socket.
Failed to reset devices.list on /system.slice: Operation not permitted
[ OK ] Created slice System Slice.
Failed to reset devices.list on /system.slice/system-getty.slice: Operation
not permitted
[ OK ] Created slice system-getty.slice.
[ OK ] Reached target Encrypted Volumes.
[ OK ] Reached target Remote File Systems (Pre).
[ OK ] Reached target Remote File Systems.
[ OK ] Listening on Journal Socket (/dev/log).
[ OK ] Started Forward Password Requests to Wall Directory Watch.
[ OK ] Listening on Journal Audit Socket.
[ OK ] Listening on Journal Socket.
Failed to reset devices.list on /system.slice/dev-hugepages.mount: Operation
not permitted
Mounting Huge Pages File System...
Failed to reset devices.list on /system.slice/systemd-journald.service:
Operation not permitted
Starting Journal Service...
Failed to reset devices.list on /system.slice/resolvconf.service: Operation
not permitted
Starting Nameserver information manager...
Failed to reset devices.list on /system.slice/systemd-remount-fs.service:
Operation not permitted
Starting Remount Root and Kernel File Systems...
[ OK ] Started Dispatch Password Requests to Console Directory Watch.
Failed to reset devices.list on
/system.slice/system-container\x2dgetty.slice: Operation not permitted
[ OK ] Created slice system-container\x2dgetty.slice.
[ OK ] Reached target Slices.
[ OK ] Listening on /dev/initctl Compatibility Named Pipe.
[ OK ] Reached target Sockets.
Failed to reset devices.list on /system.slice/dev-lxc-tty4.mount: Operation
not permitted
Failed to reset devices.list on /system.slice/sys-kernel-debug.mount:
Operation not permitted
Failed to reset devices.list on /system.slice/dev-lxc-tty2.mount: Operation
not permitted
Failed to reset devices.list on /system.slice/-.mount: Operation not permitted
Failed to reset devices.list on /system.slice/dev-lxc-tty1.mount: Operation
not permitted
Failed to reset devices.list on /system.slice/dev-mqueue.mount: Operation not
permitted
Failed to reset devices.list on /system.slice/dev-lxc-tty3.mount: Operation
not permitted
Failed to reset devices.list on /system.slice/proc-diskstats.mount: Operation
not permitted
Failed to reset devices.list on /system.slice/sys-fs-fuse-connections.mount:
Operation not permitted
Failed to reset devices.list on /system.slice/proc-meminfo.mount: Operation
not permitted
Failed to reset devices.list on /system.slice/proc-uptime.mount: Operation
not permitted
Failed to reset devices.list on /system.slice/sys-devices-virtual-net.mount:
Operation not permitted
Failed to reset devices.list on /system.slice/dev-lxc-console.mount:
Operation not permitted
Failed to reset devices.list on /system.slice/proc-sys-net.mount: Operation
not permitted
Failed to reset devices.list on /system.slice/proc-swaps.mount: Operation not
permitted
Failed to reset devices.list on /system.slice/proc-sysrq\x2dtrigger.mount:
Operation not permitted
Failed to reset devices.list on /system.slice/proc-stat.mount: Operation not
permitted
Failed to reset devices.list on /system.slice/proc-cpuinfo.mount: Operation
not permitted
Failed to reset devices.list on /init.scope: Operation not permitted
[ OK ] Mounted Huge Pages File System.
[ OK ] Started Remount Root and Kernel File Systems.
Failed to reset devices.list on /system.slice/systemd-random-seed.service:
Operation not permitted
Starting Load/Save Random Seed...
[ OK ] Reached target Local File Systems (Pre).
[ OK ] Reached target Local File Systems.
Failed to reset devices.list on /system.slice/systemd-remount-fs.service:
Operation not permitted
[ OK ] Started Journal Service.
Starting Flush Journal to Persistent Storage...
[ OK ] Started Nameserver information manager.
Starting Raise network interfaces...
[ OK ] Started Load/Save Random Seed.
[ OK ] Started Flush Journal to Persistent Storage.
Starting Create Volatile Files and Directories...
[ OK ] Started Create Volatile Files and Directories.
Starting Update UTMP about System Boot/Shutdown...
[ OK ] Reached target System Time Synchronized.
[ OK ] Started Update UTMP about System Boot/Shutdown.
[ OK ] Reached target System Initialization.
[ OK ] Started Trigger resolvconf update for networkd DNS.
[ OK ] Reached target Paths.
[ OK ] Reached target Basic System.
[ OK ] Started Regular background program processing daemon.
Starting System Logging Service...
Starting getty on tty2-tty6 if dbus and logind are not available...
Starting Permit User Sessions...
[ OK ] Started Daily Cleanup of Temporary Directories.
Starting LSB: Set the CPU Frequency Scaling governor to "ondemand"...
[ OK ] Started Daily apt activities.
[ OK ] Reached target Timers.
[ OK ] Started System Logging Service.
[ OK ] Started Permit User Sessions.
[ OK ] Started getty on tty2-tty6 if dbus and logind are not available.
[ OK ] Started LSB: Set the CPU Frequency Scaling governor to "ondemand".
[ OK ] Started Raise network interfaces.
[ OK ] Reached target Network.
Starting /etc/rc.local Compatibility...
Starting OpenBSD Secure Shell server...
[ OK ] Started /etc/rc.local Compatibility.
[ OK ] Started Console Getty.
[ OK ] Started Container Getty on /dev/pts/1.
[ OK ] Started Container Getty on /dev/pts/2.
[ OK ] Started Container Getty on /dev/pts/0.
[ OK ] Started Container Getty on /dev/pts/3.
[ OK ] Reached target Login Prompts.
[ OK ] Started OpenBSD Secure Shell server.
[ OK ] Reached target Multi-User System.
[ OK ] Reached target Graphical Interface.
Starting Update UTMP about System Runlevel Changes...
[ OK ] Started Update UTMP about System Runlevel Changes.
Ubuntu 16.04 LTS test-privilege console
test-privilege login:
These are the package versions:
root@psyduck-maas20:~# dpkg -l|grep lxc
ii liblxc1 2.0.0-0ubuntu2 amd64
Linux Containers userspace tools (library)
ii lxc 2.0.0-0ubuntu2 all
Transitional package for lxc1
ii lxc-common 2.0.0-0ubuntu2 amd64
Linux Containers userspace tools (common tools)
ii lxc-templates 2.0.0-0ubuntu2 amd64
Linux Containers userspace tools (templates)
ii lxc1 2.0.0-0ubuntu2 amd64
Linux Containers userspace tools
ii lxcfs 2.0.0-0ubuntu2.1 amd64
FUSE based filesystem for LXC
ii python3-lxc 2.0.0-0ubuntu2 amd64
Linux Containers userspace tools (Python 3.x bindings)
root@psyduck-maas20:~# uname -a
Linux psyduck-maas20 4.4.0-22-generic #39-Ubuntu SMP Thu May 5 16:53:32 UTC
2016 x86_64 x86_64 x86_64 GNU/Linux
root@psyduck-maas20:~#
Per IRC conversation with hallyn, we should not be seeing those given
that the container is privileged.
Additional data:
ubuntu@maas-development-may:/proc/self$ cat uid_map
0 0 4294967295
ubuntu@maas-development-may:/proc/self$ cat /proc/self/cgroups
cat: /proc/self/cgroups: No such file or directory
ubuntu@maas-development-may:/proc/self$ cat /proc/self/
attr/ cmdline environ io mem
ns/ pagemap schedstat stat
timers
autogroup comm exe limits mountinfo
numa_maps personality sessionid statm
uid_map
auxv coredump_filter fd/ loginuid mounts
oom_adj projid_map setgroups status wchan
cgroup cpuset fdinfo/ map_files/
mountstats oom_score root/ smaps syscall
clear_refs cwd/ gid_map maps net/
oom_score_adj sched stack task/
ubuntu@maas-development-may:/proc/self$ cat /proc/self/cgroup
11:hugetlb:/
10:freezer:/
9:perf_event:/
8:net_cls,net_prio:/
7:pids:/system.slice/ssh.service
6:memory:/
5:blkio:/
4:devices:/system.slice/ssh.service
3:cpu,cpuacct:/
2:cpuset:/
1:name=systemd:/system.slice/ssh.service
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1582364/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
