** Description changed: - It looks like snapd in ubuntu-core (2.26.14 here) has been modified to - use a negative Nice value in systemd. Systemd seems to treat a failure - to apply the requested Nice value as critical to unit startup. + [Impact] - Unprivileged LXD containers do not allow the use of negative nice values - as those are restricted to the real root user. I believe the optimal fix - would be for systemd to ignore permission errors when attempting to - setup such custom nice values in containers but if that can't be - resolved quickly, then it means that snapd will now fail to start inside - containers. + Systemd treats a failure to apply the requested Nice value as critical + to unit startup. + Unprivileged LXD containers do not allow the use of negative nice + values. snapd will fail to start inside containers now that snapd uses a + negative Nice value. Aug 09 05:54:37 core systemd[1]: snapd.service: Main process exited, code=exited, status=201/NICE Aug 09 05:54:37 core systemd[1]: snapd.service: Unit entered failed state. Aug 09 05:54:37 core systemd[1]: snapd.service: Failed with result 'exit-code'. + The fix is for systemd to ignore permission errors when attempting to + setup such custom nice values in containers. - I have confirmed that setting up a unit override by hand which sets Nice=0 does resolve the problem, confirming that the negative Nice value is the problem (snapd.service has Nice=-5 here). + I have confirmed that setting up a unit override by hand which sets Nice + = 0 does resolve the problem. + + [Test Case] + + Boot a Xenial image in lxd: + + $ lxc launch xenial x1 + $ lxc exec x1 -- systemctl --state=failed + + Observe failures for snapd : + + ● snapd.service loaded failed failed Snappy daemon + ● snapd.socket loaded failed failed Socket activation for snapp + + Install updated systemd from -proposed and get status: (lxc exec + <container> reboot; lxc exec <container> systemctl status) + + State: running + Jobs: 0 queued + Failed: 0 units + + [Regression Potential] + + Services will now run with a Nice value other than what was specified in + the unit if it cannot be changed for some reason.
-- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1709536 Title: snapd 2.26.14 on ubuntu-core won't start in containers anymore Status in Snap Layer: New Status in snapd: New Status in systemd package in Ubuntu: Fix Released Status in systemd source package in Xenial: In Progress Status in systemd source package in Artful: Fix Released Bug description: [Impact] Systemd treats a failure to apply the requested Nice value as critical to unit startup. Unprivileged LXD containers do not allow the use of negative nice values. snapd will fail to start inside containers now that snapd uses a negative Nice value. Aug 09 05:54:37 core systemd[1]: snapd.service: Main process exited, code=exited, status=201/NICE Aug 09 05:54:37 core systemd[1]: snapd.service: Unit entered failed state. Aug 09 05:54:37 core systemd[1]: snapd.service: Failed with result 'exit-code'. The fix is for systemd to ignore permission errors when attempting to setup such custom nice values in containers. I have confirmed that setting up a unit override by hand which sets Nice = 0 does resolve the problem. [Test Case] Boot a Xenial image in lxd: $ lxc launch xenial x1 $ lxc exec x1 -- systemctl --state=failed Observe failures for snapd : ● snapd.service loaded failed failed Snappy daemon ● snapd.socket loaded failed failed Socket activation for snapp Install updated systemd from -proposed and get status: (lxc exec <container> reboot; lxc exec <container> systemctl status) State: running Jobs: 0 queued Failed: 0 units [Regression Potential] Services will now run with a Nice value other than what was specified in the unit if it cannot be changed for some reason. To manage notifications about this bug go to: https://bugs.launchpad.net/layer-snap/+bug/1709536/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
