[systemd-devel] Container restart issue: Failed to attach 1 to compat systemd cgroup

Lennart Poettering lennart at poettering.net
Tue Jan 10 14:48:25 UTC 2023


On Di, 10.01.23 13:18, Lewis Gaul (lewis.gaul at gmail.com) wrote:

> Following 'setenforce 0' I still see the same issue (I was also suspecting
> SELinux!).
>
> A few additional data points:
> - this was not seen when using systemd v230 inside the container
> - this is also seen on CentOS 8.4
> - this is seen under docker even if the container's cgroup driver is
> changed from 'cgroupfs' to 'systemd'

docker is garbage. They are hostile towards running systemd inside
containers.

podman upstream is a lot friendly, and apparently what everyone in OCI
is going towards these days.

I have not much experience with podman though, and in particular not
old versions. Next step would probably be to look at what precisely
causes the permission issue, via strace.

but did you make sure your container actually gets write access to the
cgroup trees?

anyway, i'd recommend asking the podman community for help about this.

Lennart

--
Lennart Poettering, Berlin


More information about the systemd-devel mailing list