SECCOMP_MODE_FILTER not currently supported #691
Comments
|
This appears to be related to issue "Support seccomp filter #25", on the CRIU git. |
|
Work around, add the following to the end of your container's config file. lxc.seccomp = |
Andrew-Machen
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I have tried installing LXC and CRIU, on clean VMs of Lubuntu 14.04, 15.04 and 15.10, and in each case I have tried the standard apt-get versions, stable and daily versions of the LXC PPAs, and in all of these 'lxc-checkpoint' fails every time.
My system is:
MacBook Pro Retina running OS X 10.11 (El Capitan)
Parallels Desktop 11 for Mac Pro Edition
The log files below where produced on Ubuntu 15.10 using the current apt-get versions of LXC and CRIU.
sudo lxc-checkpoint -s -D /tmp/checkpoint -v -l DEBUG -n wily -o /tmp/checkpoint.log
checkpoint.log contents:
lxc-checkpoint 1446834342.412 WARN lxc_confile - confile.c:config_pivotdir:1801 - lxc.pivotdir is ignored. It will soon become an error.
lxc-checkpoint 1446834342.414 DEBUG lxc_commands - commands.c:lxc_cmd_get_state:579 - 'wily' is in 'RUNNING' state
dump.log contents:
(00.000018) Probing sock diag modules
(00.016553) Done probing
(00.016568) ========================================
(00.016574) Dumping processes (pid: 5225)
(00.016576) ========================================
(00.016613) Found anon-shmem device at 5
(00.016809) Reset 8257's dirty tracking
(00.016844) ... done
(00.016866) Dirty track supported on kernel
(00.016904) Found task size of 7ffffffff000
(00.016915) irmap: Searching irmap cache in work dir
(00.016924) No irmap-cache image
(00.016927) irmap: Searching irmap cache in parent
(00.016931) irmap: No irmap cache
(00.016944) cpu: fpu:1 fxsr:1 xsave:1
(00.016998) vdso: Parsing at 7ffef9116000 7ffef9118000
(00.017001) vdso: PT_LOAD p_vaddr: 0
(00.017003) vdso: DT_HASH: 0x120
(00.017004) vdso: DT_STRTAB: 0x268
(00.017006) vdso: DT_SYMTAB: 0x160
(00.017007) vdso: DT_STRSZ: 94
(00.017009) vdso: DT_SYMENT: 24
(00.017010) vdso: nbucket 3 nchain 11 bucket 0x7ffef9116128 chain 0x7ffef9116134
(00.017014) vdso: rt [vdso] 7ffef9116000-7ffef9118000 [vvar] 7ffef9114000-7ffef9116000
(00.017050) Writing image inventory (version 1)
(00.017069) Add pid ns 1 pid 8257
(00.017075) Add net ns 2 pid 8257
(00.017079) Add ipc ns 3 pid 8257
(00.017083) Add uts ns 4 pid 8257
(00.017087) Add mnt ns 5 pid 8257
(00.017090) Add user ns 6 pid 8257
(00.017093) cg: Dumping cgroups for 8257
(00.017116) cg:
- New css ID 1 (00.017119) cg:- [blkio] -> / cg:- [cpu,cpuacct] -> [/] (00.017122) cg:- [cpuset] -> / cg:- [devices] -> [/] (00.017125) cg:- [freezer] -> / cg:- [hugetlb] -> [/] (00.017128) cg:- [memory] -> / cg:- [name=systemd] -> [/] (00.017131) cg:- [net_cls,net_prio] -> / cg: `- [perf_event] -> / cg: Set 1 is criu one(00.017273) Error (proc_parse.c:827): SECCOMP_MODE_FILTER not currently supported
(00.017280) Error (proc_parse.c:840): Error parsing proc status file
(00.017298) Unfreezing tasks into 1
(00.017301) Unseizing 5225 into 1
(00.017306) Error (ptrace.c:43): Unable to detach from 5225: No such process
(00.017310) Unlock network
(00.017312) Unfreezing tasks into 1
(00.017314) Unseizing 5225 into 1
(00.017316) Error (ptrace.c:43): Unable to detach from 5225: No such process
(00.017339) Error (cr-dump.c:1617): Dumping FAILED.
The text was updated successfully, but these errors were encountered: