On Mon, Mar 03, 2014 at 03:52:01PM +0100, Dariusz Michaluk wrote: > Hi. > > Another week, another experiment ;) I was trying to run systemd user > session for non-root user, for example darek (uid=1000), operation > failed with error: > > systemd[26]: pam_unix(systemd-user:session): session opened for user > darek by (uid=0) > systemd[1]: Started Login Service. > systemd[26]: Failed to create root cgroup hierarchy: Permission denied > systemd[26]: Failed to allocate manager object: Permission denied > systemd[29]: pam_unix(systemd-user:session): session closed for user darek > > The Cgroup hierarchy for the machine looks as follows: > > ├─machine.slice > │ └─machine-lxc\x2dmycontainer.scope > │ ├─17303 /usr/libexec/libvirt_lxc --name mycontainer --console 22 > --security=selinux --handshake 25 --background > │ └─machine.slice > │ └─machine-lxc\x2dmycontainer.scope > │ ├─17306 /usr/lib/systemd/systemd > │ ├─machine.slice > │ │ └─machine-lxc\x2dmycontainer.scope That looks really bizarre. The same two directory names nested over and over again. I can't reproduce this kind of thing on my own host. Libvirt only ever creates the first two levels as expected /sys/fs/cgroup/systemd/machine.slice /sys/fs/cgroup/systemd/machine.slice/machine-lxc\x2dmycontainer.scope The fact that the libvirt_lxc process itself ends up in the right place suggest that this isn't libvirt, but rather something else is creating these extra levels and moving systemd into them. Regards, Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| _______________________________________________ libvirt-users mailing list libvirt-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvirt-users
