• ​grub2 - Arch linux : pacman does not work when chrooting - Unix & Linux Stack Exchange

  Remember to arch-chroot and not simply chroot - that way /proc will be populated and pacman will function as expected.

• ​Enabling LXC on Archlinux with systemd-networkd – Bryan's Blah Blog

  I’m on a laptop with wireless, so I can’t just create a bridge and give IPs to containers from an upstream DHCP server. I needed to do NAT and essentially simulate/replicate how docker networking works.

lxc.service

A stop job is running

• lxc.serviceを有効にしないと、ホストOSシャットダウン時にコンテナが自動シャットダウンされず90秒タイムアウト待ちが発生する
  • 

• mitty@lxc-host:~$ journalctl

  Apr 17 22:52:41 lxc-host sudo[1908]:    mitty : TTY=pts/0 ; PWD=/home/mitty ; USER=root ; COMMAND=/usr/bin/sh -c poweroff
  
  (snip)
  
  Apr 17 22:52:41 lxc-host systemd[529]: Received SIGRTMIN+24 from PID 1913 (kill).
  Apr 17 22:52:41 lxc-host systemd[1]: Stopped User Manager for UID 1000.
  Apr 17 22:52:42 lxc-host systemd[1]: Started Generate shutdown-ramfs.
  Apr 17 22:54:11 lxc-host systemd[1]: session-c1.scope: Stopping timed out. Killing.
  Apr 17 22:54:11 lxc-host systemd[1]: Stopped Session c1 of user mitty.
  

mitty@test:~$ journalctl

Apr 17 22:52:41 test systemd[1]: Received SIGHUP.
Apr 17 22:52:41 test systemd[1]: Received SIGTERM.
Apr 17 22:52:41 test systemd[1]: Reexecuting.
Apr 17 22:52:41 test systemd[1]: systemd 229 running in system mode. (+PAM -AUDIT -SELINUX -IMA -APPARMOR +SMACK -SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD +IDN)
Apr 17 22:52:41 test systemd[1]: Detected virtualization lxc.
Apr 17 22:52:41 test systemd[1]: Detected architecture x86-64.
Apr 17 22:52:41 test systemd[1]: Failed to install release agent, ignoring: No such file or directory

コンテナのシャットダウンについて

• man systemd

  SIGNALS
         SIGTERM
             Upon receiving this signal the systemd system manager serializes
             its state, reexecutes itself and deserializes the saved state
             again. This is mostly equivalent to systemctl daemon-reexec.
  
             systemd user managers will start the exit.target unit when this
             signal is received. This is mostly equivalent to systemctl --user
             start exit.target.
  
  (snip)
  
         SIGHUP
             Reloads the complete daemon configuration. This is mostly
             equivalent to systemctl daemon-reload.
  
  (snip)
  
         SIGRTMIN+4
             Powers off the machine, starts the poweroff.target unit. This is
             mostly equivalent to systemctl start poweroff.target.
  
  (snip)
  
         SIGRTMIN+14
             Immediately powers off the machine.
  

• /usr/share/lxc/config/archlinux.common.conf

  # Set the halt/stop signals
  lxc.haltsignal=SIGRTMIN+4
  lxc.stopsignal=SIGRTMIN+14
  

• ​(lxc-devel) Shutting down containers properly
• ​(Solved) LXC shutdown of archlinux containers not working (lxc-stop) / System Administration / Arch Linux Forums

• lxc-stop
  • Host

    Apr 19 22:15:54 lxc-host sudo[589]:    mitty : TTY=pts/0 ; PWD=/home/mitty ; USER=root ; COMMAND=/usr/bin/lxc-stop -n test
    

  • container

    Apr 19 22:15:54 test systemd[1]: Received SIGRTMIN+4.
    Apr 19 22:15:54 test systemd[1]: Stopping User Manager for UID 1000...
    Apr 19 22:15:54 test systemd[1]: Stopped target Multi-User System.
    

systemctl enable lxc.service

• /usr/lib/systemd/system/lxc.service

  ExecStart=/usr/lib/lxc/lxc-containers start
  ExecStop=/usr/lib/lxc/lxc-containers stop
  

• /usr/lib/lxc/lxc-containers

  # STOPOPTS are stop options.  The can be used for anything else to stop.
  #	If you want to kill containers fast, use -k
  STOPOPTS="-a -A -s"
  
  (snip)
  
  case "$1" in
  
  (snip)
  
      stop)
  
  (snip)
  
          "$bindir"/lxc-autostart $STOPOPTS $SHUTDOWNDELAY
  

• man lxc-autostart

         -s,--shutdown
                Request  a  clean  shutdown. If a [-t timeout] greater than 0 is
                given and the container has not shut down within this period, it
                will be killed as with the [-k kill] option.
  
  (snip)
  
         -a,--all
                Ignore lxc.group and select all auto-started containers.
  
         -A,--ignore-auto
                Ignore  the  lxc.start.auto  flag. Combined with -a, will select
                all containers on the system.
  

• mitty@lxc-host:~$ sudo systemctl enable --now lxc.service

  Created symlink from /etc/systemd/system/multi-user.target.wants/lxc.service to /usr/lib/systemd/system/lxc.service.
  

• mitty@lxc-host:~$ journalctl

  Apr 19 23:22:34 lxc-host sudo[573]:    mitty : TTY=pts/0 ; PWD=/home/mitty ; USER=root ; COMMAND=/usr/bin/sh -c poweroff
  
  (snip)
  
  Apr 19 23:22:34 lxc-host systemd[1]: Stopped LXC Container Initialization and Autoboot Code.
  

• mitty@test:~$ journalctl

  Apr 19 23:22:34 test systemd[1]: Received SIGTERM.
  Apr 19 23:22:34 test systemd[1]: Reexecuting.
  Apr 19 23:22:34 test systemd[1]: systemd 229 running in system mode. (+PAM -AUDIT -SELINUX -IMA -APPARMOR +SMACK -SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD +IDN)
  Apr 19 23:22:34 test systemd[1]: Detected virtualization lxc.
  Apr 19 23:22:34 test systemd[1]: Detected architecture x86-64.
  Apr 19 23:22:34 test systemd[1]: Failed to install release agent, ignoring: No such file or directory
  Apr 19 23:22:34 test systemd[1]: Received SIGHUP.
  Apr 19 23:22:34 test systemd[1]: Received SIGRTMIN+4.
  Apr 19 23:22:34 test systemd[1]: Reloading.
  Apr 19 23:22:34 test systemd[1]: Stopped target Multi-User System.
  
  (snip)
  
  Apr 19 23:22:34 test systemd[1]: Shutting down.
  Apr 19 23:22:34 test systemd-journald[13]: Journal stopped
  

dhcpcd.service

no valid interfaces found

• Arch Linux 4.4.5-1
• lxc 1:1.1.5-4
• dhcpcd 6.10.1-1

• # dhcpcd

  dev: loaded udev
  no valid interfaces found
  no interfaces have a carrier
  forked to background, child pid 65
  

• # dhcpcd eth0

  DUID 00:01:00:01:1e:8a:6a:5e:ba:4a:37:94:4a:9d
  eth0: IAID 16:b6:47:44
  eth0: rebinding lease of 192.168.0.185
  eth0: NAK: address in use from 192.168.0.1
  eth0: message: address in use
  eth0: soliciting a DHCP lease
  eth0: soliciting an IPv6 router
  eth0: offered 192.168.0.172 from 192.168.0.1
  eth0: probing address 192.168.0.172/24
  eth0: leased 192.168.0.172 for 86400 seconds
  eth0: adding route to 192.168.0.0/24
  eth0: adding default route via 192.168.0.1
  forked to background, child pid 123
  

• LXCコンテナ内で、udevdが起動しないことが原因の模様
• strace -f dhcpcd
  • コンテナホスト(検証はKVMゲストで行った)

    access("/run/udev/control", F_OK) = 0
    
    open("/sys/devices/virtual/net/lo/uevent", O_RDONLY|O_CLOEXEC) = 9
    fstat(9, {st_mode=S_IFREG|0644, st_size=4096, ...}) = 0
    fstat(9, {st_mode=S_IFREG|0644, st_size=4096, ...}) = 0
    read(9, "INTERFACE=lo\nIFINDEX=1\n", 4096) = 23
    read(9, "", 4096)                 = 0
    read(9, "", 4096)                 = 0
    close(9)                          = 0
    open("/run/udev/data/n1", O_RDONLY|O_CLOEXEC) = 9
    
    open("/sys/devices/pci0000:00/0000:00:03.0/virtio0/net/ens3/uevent", O_RDONLY|O_CLOEXEC) = 9
    fstat(9, {st_mode=S_IFREG|0644, st_size=4096, ...}) = 0
    fstat(9, {st_mode=S_IFREG|0644, st_size=4096, ...}) = 0
    read(9, "INTERFACE=ens3\nIFINDEX=2\n", 4096) = 25
    read(9, "", 4096)                 = 0
    read(9, "", 4096)                 = 0
    close(9)                          = 0
    open("/run/udev/data/n2", O_RDONLY|O_CLOEXEC) = 9
    

  • LXCコンテナ

    access("/run/udev/control", F_OK) = -1 ENOENT (No such file or directory)
    
    open("/sys/devices/virtual/net/lo/uevent", O_RDONLY|O_CLOEXEC) = 9
    fstat(9, {st_mode=S_IFREG|0644, st_size=4096, ...}) = 0
    fstat(9, {st_mode=S_IFREG|0644, st_size=4096, ...}) = 0
    read(9, "INTERFACE=lo\nIFINDEX=1\n", 4096) = 23
    read(9, "", 4096)                 = 0
    read(9, "", 4096)                 = 0
    close(9)                          = 0
    open("/run/udev/data/n1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
    
    open("/sys/devices/virtual/net/eth0/uevent", O_RDONLY|O_CLOEXEC) = 9
    fstat(9, {st_mode=S_IFREG|0644, st_size=4096, ...}) = 0
    fstat(9, {st_mode=S_IFREG|0644, st_size=4096, ...}) = 0
    read(9, "INTERFACE=eth0\nIFINDEX=6\n", 4096) = 25
    read(9, "", 4096)                 = 0
    read(9, "", 4096)                 = 0
    close(9)                          = 0
    open("/run/udev/data/n6", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
    write(2, "no valid interfaces found", 25) = 25
    write(2, "\n", 1)                 = 1
    
    write(1, "no interfaces have a carrier\n", 29) = 29
    

    • [root@test /]# systemctl status systemd-udevd

      ● systemd-udevd.service - udev Kernel Device Manager
         Loaded: loaded (/usr/lib/systemd/system/systemd-udevd.service; static; vendor preset: disabled)
         Active: inactive (dead)
      Condition: start condition failed at Sat 2016-04-02 08:30:59 UTC; 5h 9min ago
                 ConditionPathIsReadWrite=/sys was not met
           Docs: man:systemd-udevd.service(8)
                 man:udev(7)
      

• ​arch:Linux_Containers#Systemd_considerations_.28required.29
  • 上記を参考にsystemdの設定を行ったが効果なし

• ​arch:dhcpcd#dhcpcd_and_systemd_network_interfaces

  dhcpcd.service can be ​Enabled without specifying an interface. This may, however, create a race condition at boot with systemd-udevd trying to apply a predictable network interface name:

  error changing net interface name wlan0 to wlp4s0: Device or resource busy" 
  

  To avoid it, enable dhcpcd per interface it should bind to as described in ​dhcpcd#Running. The downside of the template unit is, however, that it does not support hot-plugging of a wired connection and will fail if the network cable is not connected. To work-around the failure, see ​dhcpcd#Timeout_delay.

  とのことなので、いずれにせよdhcpcd.serviceを使用しないのがよさそう

• 古い情報
  • ​Odd Bits dhcpcd[492]: eth0: if_init: Read-only file system

Dependency failed for dhcpcd on eth0.

• # systemctl start dhcpcd@eth0

  A dependency job for dhcpcd@eth0.service failed. See 'journalctl -xe' for details.
  

• # journalctl -xe

  Apr 10 20:00:56 test3 systemd[1]: Starting of sys-subsystem-net-devices-eth0.device not supported.
  -- Subject: Unit sys-subsystem-net-devices-eth0.device has failed
  -- Defined-By: systemd
  -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
  --
  -- Unit sys-subsystem-net-devices-eth0.device has failed.
  --
  -- The result is unsupported.
  Apr 10 20:00:56 test3 systemd[1]: Dependency failed for dhcpcd on eth0.
  -- Subject: Unit dhcpcd@eth0.service has failed
  -- Defined-By: systemd
  -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
  --
  -- Unit dhcpcd@eth0.service has failed.
  --
  -- The result is dependency.
  Apr 10 20:00:56 test3 systemd[1]: dhcpcd@eth0.service: Job dhcpcd@eth0.service/start failed with result 'dependency'.
  

• /usr/lib/systemd/system/dhcpcd@.service

  [Unit]
  Description=dhcpcd on %I
  Wants=network.target
  Before=network.target
  BindsTo=sys-subsystem-net-devices-%i.device
  After=sys-subsystem-net-devices-%i.device
  
  [Service]
  Type=forking
  PIDFile=/run/dhcpcd-%I.pid
  ExecStart=/usr/bin/dhcpcd -q -w %I
  ExecStop=/usr/bin/dhcpcd -x %I
  
  [Install]
  WantedBy=multi-user.target
  

  • BindsTo=, After=の行を削除することで対応可能

• see also
  • ​Netctl doesn't work in LXC (Linux containers) due to udev dependency / Networking, Server, and Protection / Arch Linux Forums
  • ​FS#35715 : (netctl) fails to start network inside Linux Container