Přístup k zařízením z LXC konteineru; problém s cgroups? (Omnia, TurrisOS 6.3.1 HBS)

Software [CZ] SW pomoc [CZ]
#1

Ahoj, snažím se rozchodit přístup k USB zvukové kartě z LXC kontejneru. Zvukovka vcelku normálně funguje přímo z TurrisOS, ale nedaří se mi zprostředkovat přístup k zařízení k LXC kontejneru s Debianem. Vycházeje z různých příkladů na internetu (příklad) bych měl použít v nastavení kontejneru direktivu

lxc.cgroup.devices.allow = c 116:* rwm

Problém je, že s tímhle řádkem se kontejner odmítne spustit; LuCi mi konfiguraci odmítne bez vysvětlení; když spustím kontejner ručně pomocí lxc-start chobodeb --logfile=log --logpriority=DEBUG v logu nacházím mj. následující:

lxc-start chobodeb 20230502043156.440 ERROR    cgfsng - cgroups/cgfsng.c:__cgroup_tree_create:771 - File exists - Creating the final cgroup 12(lxc.monitor.chobodeb) failed
lxc-start chobodeb 20230502043156.440 ERROR    cgfsng - cgroups/cgfsng.c:cgroup_tree_create:831 - File exists - Failed to create monitor cgroup 12(lxc.monitor.chobodeb)
lxc-start chobodeb 20230502043156.440 DEBUG    cgfsng - cgroups/cgfsng.c:cgfsng_monitor_create:1056 - Failed to create cgroup lxc.monitor.chobodeb)
lxc-start chobodeb 20230502043156.440 INFO     cgfsng - cgroups/cgfsng.c:cgfsng_monitor_create:1070 - The monitor process uses "lxc.monitor.chobodeb-1" as cgroup
lxc-start chobodeb 20230502043156.441 INFO     cgfsng - cgroups/cgfsng.c:cgfsng_payload_create:1179 - The container process uses "lxc.payload.chobodeb" as inner and "lxc.payload.chobodeb" as limit cgroup
lxc-start chobodeb 20230502043156.444 INFO     cgfsng - cgroups/cgfsng.c:cgfsng_setup_limits_legacy:2769 - Limits for the legacy cgroup hierarchies have been setup
lxc-start chobodeb 20230502043156.444 WARN     cgfsng - cgroups/cgfsng.c:cgfsng_setup_limits:2834 - Invalid argument - Ignoring cgroup2 limits on legacy cgroup system
lxc-start chobodeb 20230502043156.583 WARN     cgfsng - cgroups/cgfsng.c:get_hierarchy:144 - There is no useable devices controller
lxc-start chobodeb 20230502043156.583 ERROR    cgfsng - cgroups/cgfsng.c:cg_legacy_set_data:2712 - No such file or directory - Failed to setup limits for the "devices" controller. The controller seems to be unused by "cgfsng" cgroup driver or not enabled on the cgroup hierarchy
lxc-start chobodeb 20230502043156.583 ERROR    cgfsng - cgroups/cgfsng.c:cgfsng_setup_limits_legacy:2761 - No such file or directory - Failed to set "devices.allow" to "c 116:* rwm"
lxc-start chobodeb 20230502043156.583 ERROR    start - start.c:lxc_spawn:1881 - Failed to setup legacy device cgroup controller limits

Zjevně jde o nějaký problém s cgroups, jimž bohužel rozumím jako koza petrželi. Dokázal by mě někdo nakopnout správným směrem?

#2

Celá konfigurace zde:

# Template used to create this container: /usr/share/lxc/templates/lxc-download
# Parameters passed to the template: --dist Debian --release Bullseye --arch armv7l --server repo.turris.cz/lxc
# For additional config options, please look at lxc.container.conf(5)

# Distribution configuration
lxc.arch = armv7l

# Container specific configuration
lxc.include = /usr/share/lxc/config/common.conf
lxc.hook.start-host = /usr/share/lxc/hooks/systemd-workaround
lxc.rootfs.path = btrfs:/srv/lxc/chobodeb/rootfs
lxc.uts.name = chobodeb
lxc.mount.fstab = /srv/lxc/chobodeb/fstab

# Network configuration
lxc.net.0.type = veth
lxc.net.0.link = br-lan
lxc.net.0.flags = up
lxc.net.0.name = eth0
lxc.net.0.hwaddr = 42:55:15:bf:1f:47

# https://askubuntu.com/questions/844437/error-in-playing-a-sound-using-alsa-inside-lxc-container
# Sound device nodes
# Když následující řádek zakomentuji, kontejner se normálně spustí
lxc.cgroup.devices.allow = c 116:* rwm 
#lxc.mount.entry=/dev/snd dev/snd none bind,optional,create=dir 0 0
#lxc.mount.entry=/dev/dsp dev/dsp none bind,optional,create=dir 0 0
#3

Kompletní log pří pokusu o spuštění:

lxc-start chobodeb 20230502043156.438 INFO     lxccontainer - lxccontainer.c:do_lxcapi_start:986 - Failed to set process title to [lxc monitor] /srv/lxc chobodeb
lxc-start chobodeb 20230502043156.439 DEBUG    lxccontainer - lxccontainer.c:wait_on_daemonized_start:849 - First child 25926 exited
lxc-start chobodeb 20230502043156.439 INFO     lsm - lsm/lsm.c:lsm_init_static:40 - Initialized LSM security driver nop
lxc-start chobodeb 20230502043156.440 DEBUG    terminal - terminal.c:lxc_terminal_peer_default:665 - No such device - The process does not have a controlling terminal
lxc-start chobodeb 20230502043156.440 INFO     seccomp - seccomp.c:use_seccomp:1174 - Seccomp is not enabled in the kernel
lxc-start chobodeb 20230502043156.440 INFO     start - start.c:lxc_init:889 - Container "chobodeb" is initialized
lxc-start chobodeb 20230502043156.440 ERROR    cgfsng - cgroups/cgfsng.c:__cgroup_tree_create:771 - File exists - Creating the final cgroup 12(lxc.monitor.chobodeb) failed
lxc-start chobodeb 20230502043156.440 ERROR    cgfsng - cgroups/cgfsng.c:cgroup_tree_create:831 - File exists - Failed to create monitor cgroup 12(lxc.monitor.chobodeb)
lxc-start chobodeb 20230502043156.440 DEBUG    cgfsng - cgroups/cgfsng.c:cgfsng_monitor_create:1056 - Failed to create cgroup lxc.monitor.chobodeb)
lxc-start chobodeb 20230502043156.440 INFO     cgfsng - cgroups/cgfsng.c:cgfsng_monitor_create:1070 - The monitor process uses "lxc.monitor.chobodeb-1" as cgroup
lxc-start chobodeb 20230502043156.441 DEBUG    storage - storage/storage.c:get_storage_by_name:211 - Detected rootfs type "btrfs"
lxc-start chobodeb 20230502043156.441 INFO     cgfsng - cgroups/cgfsng.c:cgfsng_payload_create:1179 - The container process uses "lxc.payload.chobodeb" as inner and "lxc.payload.chobodeb" as limit cgroup
lxc-start chobodeb 20230502043156.443 INFO     start - start.c:lxc_spawn:1748 - Cloned CLONE_NEWNS
lxc-start chobodeb 20230502043156.443 INFO     start - start.c:lxc_spawn:1748 - Cloned CLONE_NEWPID
lxc-start chobodeb 20230502043156.443 INFO     start - start.c:lxc_spawn:1748 - Cloned CLONE_NEWUTS
lxc-start chobodeb 20230502043156.443 INFO     start - start.c:lxc_spawn:1748 - Cloned CLONE_NEWIPC
lxc-start chobodeb 20230502043156.443 INFO     start - start.c:lxc_spawn:1748 - Cloned CLONE_NEWNET
lxc-start chobodeb 20230502043156.443 DEBUG    start - start.c:lxc_try_preserve_namespace:140 - Preserved mnt namespace via fd 23 and stashed path as mnt:/proc/25927/fd/23
lxc-start chobodeb 20230502043156.444 DEBUG    start - start.c:lxc_try_preserve_namespace:140 - Preserved pid namespace via fd 24 and stashed path as pid:/proc/25927/fd/24
lxc-start chobodeb 20230502043156.444 DEBUG    start - start.c:lxc_try_preserve_namespace:140 - Preserved uts namespace via fd 25 and stashed path as uts:/proc/25927/fd/25
lxc-start chobodeb 20230502043156.444 DEBUG    start - start.c:lxc_try_preserve_namespace:140 - Preserved ipc namespace via fd 26 and stashed path as ipc:/proc/25927/fd/26
lxc-start chobodeb 20230502043156.444 DEBUG    start - start.c:lxc_try_preserve_namespace:140 - Preserved net namespace via fd 27 and stashed path as net:/proc/25927/fd/27
lxc-start chobodeb 20230502043156.444 INFO     cgfsng - cgroups/cgfsng.c:cgfsng_setup_limits_legacy:2769 - Limits for the legacy cgroup hierarchies have been setup
lxc-start chobodeb 20230502043156.444 WARN     cgfsng - cgroups/cgfsng.c:cgfsng_setup_limits:2834 - Invalid argument - Ignoring cgroup2 limits on legacy cgroup system
lxc-start chobodeb 20230502043156.444 INFO     start - start.c:do_start:1219 - Unshared CLONE_NEWCGROUP
lxc-start chobodeb 20230502043156.489 INFO     network - network.c:netdev_configure_server_veth:653 - Retrieved mtu 1500 from br-lan
lxc-start chobodeb 20230502043156.509 INFO     network - network.c:netdev_configure_server_veth:718 - Attached "vethJWo3Cj" to bridge "br-lan"
lxc-start chobodeb 20230502043156.517 DEBUG    network - network.c:netdev_configure_server_veth:849 - Instantiated veth tunnel "vethJWo3Cj <--> vethzDNDTu"
lxc-start chobodeb 20230502043156.518 DEBUG    conf - conf.c:lxc_mount_rootfs:1425 - Mounted rootfs "/srv/lxc/chobodeb/rootfs" onto "/usr/lib/lxc/rootfs" with options "(null)"
lxc-start chobodeb 20230502043156.518 INFO     conf - conf.c:setup_utsname:869 - Set hostname to "chobodeb"
lxc-start chobodeb 20230502043156.553 DEBUG    network - network.c:setup_hw_addr:3815 - Mac address "42:55:15:bf:1f:47" on "eth0" has been setup
lxc-start chobodeb 20230502043156.579 DEBUG    network - network.c:lxc_network_setup_in_child_namespaces_common:3965 - Network device "eth0" has been setup
lxc-start chobodeb 20230502043156.579 INFO     network - network.c:lxc_setup_network_in_child_namespaces:4023 - Finished setting up network devices with caller assigned names
lxc-start chobodeb 20230502043156.580 INFO     conf - conf.c:mount_autodev:1210 - Preparing "/dev"
lxc-start chobodeb 20230502043156.580 INFO     conf - conf.c:mount_autodev:1271 - Prepared "/dev"
lxc-start chobodeb 20230502043156.580 DEBUG    conf - conf.c:lxc_mount_auto_mounts:733 - Invalid argument - Tried to ensure procfs is unmounted
lxc-start chobodeb 20230502043156.580 DEBUG    conf - conf.c:lxc_mount_auto_mounts:756 - Invalid argument - Tried to ensure sysfs is unmounted
lxc-start chobodeb 20230502043156.581 DEBUG    conf - conf.c:mount_entry:2254 - Remounting "/sys/fs/fuse/connections" on "/usr/lib/lxc/rootfs/sys/fs/fuse/connections" to respect bind or remount options
lxc-start chobodeb 20230502043156.581 DEBUG    conf - conf.c:mount_entry:2273 - Flags for "/sys/fs/fuse/connections" were 1070, required extra flags are 14
lxc-start chobodeb 20230502043156.581 DEBUG    conf - conf.c:mount_entry:2317 - Mounted "/sys/fs/fuse/connections" on "/usr/lib/lxc/rootfs/sys/fs/fuse/connections" with filesystem type "none"
lxc-start chobodeb 20230502043156.581 INFO     conf - conf.c:lxc_fill_autodev:1308 - Populating "/dev"
lxc-start chobodeb 20230502043156.581 DEBUG    conf - conf.c:lxc_fill_autodev:1317 - Created device node "full"
lxc-start chobodeb 20230502043156.581 DEBUG    conf - conf.c:lxc_fill_autodev:1317 - Created device node "null"
lxc-start chobodeb 20230502043156.581 DEBUG    conf - conf.c:lxc_fill_autodev:1317 - Created device node "random"
lxc-start chobodeb 20230502043156.581 DEBUG    conf - conf.c:lxc_fill_autodev:1317 - Created device node "tty"
lxc-start chobodeb 20230502043156.581 DEBUG    conf - conf.c:lxc_fill_autodev:1317 - Created device node "urandom"
lxc-start chobodeb 20230502043156.581 DEBUG    conf - conf.c:lxc_fill_autodev:1317 - Created device node "zero"
lxc-start chobodeb 20230502043156.581 INFO     conf - conf.c:lxc_fill_autodev:1392 - Populated "/dev"
lxc-start chobodeb 20230502043156.581 INFO     conf - conf.c:lxc_transient_proc:3580 - Caller's PID is 1; /proc/self points to 1
lxc-start chobodeb 20230502043156.581 DEBUG    conf - conf.c:lxc_setup_ttydir_console:1897 - Created directory for console and tty devices at "/usr/lib/lxc/rootfs/dev/lxc"
lxc-start chobodeb 20230502043156.581 DEBUG    conf - conf.c:lxc_setup_ttydir_console:1939 - Mounted "/dev/pts/1" onto "/usr/lib/lxc/rootfs/dev/lxc/console"
lxc-start chobodeb 20230502043156.581 DEBUG    conf - conf.c:lxc_setup_ttydir_console:1953 - Mounted "/usr/lib/lxc/rootfs/dev/lxc/console" onto "/usr/lib/lxc/rootfs/dev/console"
lxc-start chobodeb 20230502043156.581 DEBUG    conf - conf.c:lxc_setup_ttydir_console:1955 - Console has been setup under "/usr/lib/lxc/rootfs/dev/lxc/console" and mounted to "/usr/lib/lxc/rootfs/dev/console"
lxc-start chobodeb 20230502043156.582 DEBUG    conf - conf.c:lxc_setup_devpts_child:1707 - Mount new devpts instance with options "gid=5,newinstance,ptmxmode=0666,mode=0620,max=1024"
lxc-start chobodeb 20230502043156.582 DEBUG    conf - conf.c:lxc_setup_devpts_child:1730 - Created "/dev/ptmx" file as bind mount target
lxc-start chobodeb 20230502043156.582 DEBUG    conf - conf.c:lxc_setup_devpts_child:1735 - Bind mounted "/dev/pts/ptmx" to "/dev/ptmx"
lxc-start chobodeb 20230502043156.582 DEBUG    conf - conf.c:lxc_allocate_ttys:1084 - Created tty with ptx fd 25 and pty fd 26
lxc-start chobodeb 20230502043156.582 DEBUG    conf - conf.c:lxc_allocate_ttys:1084 - Created tty with ptx fd 27 and pty fd 28
lxc-start chobodeb 20230502043156.582 DEBUG    conf - conf.c:lxc_allocate_ttys:1084 - Created tty with ptx fd 29 and pty fd 30
lxc-start chobodeb 20230502043156.583 DEBUG    conf - conf.c:lxc_allocate_ttys:1084 - Created tty with ptx fd 31 and pty fd 32
lxc-start chobodeb 20230502043156.583 INFO     conf - conf.c:lxc_allocate_ttys:1100 - Finished creating 4 tty devices
lxc-start chobodeb 20230502043156.583 DEBUG    conf - conf.c:lxc_setup_ttys:1000 - Bind mounted "/dev/pts/0" onto "/dev/lxc/tty1"
lxc-start chobodeb 20230502043156.583 DEBUG    conf - conf.c:lxc_setup_ttys:1000 - Bind mounted "/dev/pts/1" onto "/dev/lxc/tty2"
lxc-start chobodeb 20230502043156.583 DEBUG    conf - conf.c:lxc_setup_ttys:1000 - Bind mounted "/dev/pts/2" onto "/dev/lxc/tty3"
lxc-start chobodeb 20230502043156.583 DEBUG    conf - conf.c:lxc_setup_ttys:1000 - Bind mounted "/dev/pts/3" onto "/dev/lxc/tty4"
lxc-start chobodeb 20230502043156.583 INFO     conf - conf.c:lxc_setup_ttys:1048 - Finished setting up 4 /dev/tty<N> device(s)
lxc-start chobodeb 20230502043156.583 INFO     conf - conf.c:setup_personality:1783 - Set personality to "0lx8"
lxc-start chobodeb 20230502043156.583 DEBUG    conf - conf.c:setup_caps:3005 - Dropped mac_admin (33) capability
lxc-start chobodeb 20230502043156.583 DEBUG    conf - conf.c:setup_caps:3005 - Dropped mac_override (32) capability
lxc-start chobodeb 20230502043156.583 DEBUG    conf - conf.c:setup_caps:3005 - Dropped sys_time (25) capability
lxc-start chobodeb 20230502043156.583 DEBUG    conf - conf.c:setup_caps:3005 - Dropped sys_module (16) capability
lxc-start chobodeb 20230502043156.583 DEBUG    conf - conf.c:setup_caps:3005 - Dropped sys_rawio (17) capability
lxc-start chobodeb 20230502043156.583 DEBUG    conf - conf.c:setup_caps:3008 - Capabilities have been setup
lxc-start chobodeb 20230502043156.583 NOTICE   conf - conf.c:lxc_setup:4199 - The container "chobodeb" is set up
lxc-start chobodeb 20230502043156.583 INFO     seccomp - seccomp.c:use_seccomp:1174 - Seccomp is not enabled in the kernel
lxc-start chobodeb 20230502043156.583 WARN     cgfsng - cgroups/cgfsng.c:get_hierarchy:144 - There is no useable devices controller
lxc-start chobodeb 20230502043156.583 ERROR    cgfsng - cgroups/cgfsng.c:cg_legacy_set_data:2712 - No such file or directory - Failed to setup limits for the "devices" controller. The controller seems to be unused by "cgfsng" cgroup driver or not enabled on the cgroup hierarchy
lxc-start chobodeb 20230502043156.583 ERROR    cgfsng - cgroups/cgfsng.c:cgfsng_setup_limits_legacy:2761 - No such file or directory - Failed to set "devices.allow" to "c 116:* rwm"
lxc-start chobodeb 20230502043156.583 ERROR    start - start.c:lxc_spawn:1881 - Failed to setup legacy device cgroup controller limits
lxc-start chobodeb 20230502043156.584 DEBUG    network - network.c:lxc_delete_network:4185 - Deleted network devices
lxc-start chobodeb 20230502043156.584 ERROR    lxccontainer - lxccontainer.c:wait_on_daemonized_start:869 - Received container state "ABORTING" instead of "RUNNING"
lxc-start chobodeb 20230502043156.584 ERROR    lxc_start - tools/lxc_start.c:main:308 - The container failed to start
lxc-start chobodeb 20230502043156.584 ERROR    lxc_start - tools/lxc_start.c:main:311 - To get more details, run the container in foreground mode
lxc-start chobodeb 20230502043156.584 ERROR    lxc_start - tools/lxc_start.c:main:314 - Additional information can be obtained by setting the --logfile and --logpriority options
lxc-start chobodeb 20230502043156.585 ERROR    start - start.c:__lxc_start:2053 - Failed to spawn container "chobodeb"
lxc-start chobodeb 20230502043156.585 WARN     start - start.c:lxc_abort:1051 - No such process - Failed to send SIGKILL via pidfd 22 for process 25934
#4

Jen nasměrování - koukněte sem:

zkuste použít : lxc.cgroup2.devices.allow = c 116:* rwm

moje problémy to sice nevyřešilo, ale na něco to lidem pomohlo …

#5

Ó děkuji převelice. Kontejner startuje a zařízení v /dev/snd jsou vidět.
V cíli sice ještě úplně nejsem, ale i tohle je značný pokrok.
aplay v kontejneru se chová poněkud nedeterministicky, zhruba ve 3/4 případů skončí na následující chybě

ALSA lib pcm_direct.c:1284:(snd1_pcm_direct_initialize_slave) unable to install hw params
ALSA lib pcm_dmix.c:1087:(snd_pcm_dmix_open) unable to initialize slave
aplay: main:830: audio open error: Broken pipe

a nevím, zda něco přehrává ve zbylých případech (ještě jsem neměl možnost fysicky otestovat).

#6

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.