Info about the system.
# systemctl --version
systemd 245 (245.4-4ubuntu3.13)
+PAM +AUDIT +SELINUX +IMA +APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD +IDN2 -IDN +PCRE2 default-hierarchy=hybrid
# uname -srvmpio
Linux 5.4.0 #1 SMP Mon Mar 16 15:39:59 MSK 2020 x86_64 x86_64 x86_64 GNU/Linux
# cat /proc/cmdline
quiet
# loginctl enable-linger USERNAME
Problem
System --user daemon fails to start.
systemctl status [email protected] shows failure.
First I was getting this:
systemd[304]: Failed to create /user.slice/user-1001.slice/[email protected]/init.scope control group: Permission denied
systemd[304]: Failed to allocate manager object: Permission denied
After googling a bit I installed libpam-cgfs via apt. With it,
systemd[1]: [email protected]: Main process exited, code=exited, status=219/CGROUP
systemd[1]: [email protected]: Failed with result 'exit-code'.
systemd[1]: Failed to start User Manager for UID 1001.
Various threads in google suggests a manual workaround, setting more open permission in /sys/fs/cgroup/systemd/
So I ran these.
chmod -R o+rx /sys/fs/cgroup/systemd/
This didn't work, So it added write permission at user.slice
chmod -R o+rwx /sys/fs/cgroup/systemd/user.slice/
Now I can start [email protected] and it starts successfully.
One of the possible diagnosis I got that if cgroups are in unified mode,this problem occurs, suggestion is to put a flag in GRUB to set cgroups to legacy mode. But obviously those doesn't apply to my case as I'm inside a openvz container and there's no grub. My cgroups seems to be running in hybrid mode.
What can I do to fix the permission or anything else to fix this? I don't think running +w is a good thing every time system boots.
Edit:
Relevant threads I found googling.
- https://unix.stackexchange.com/questions/493187/systemd-under-ubuntu-18-04-1-fails-with-failed-to-create-user-slice-serv
- https://github.com/systemd/systemd/issues/3388
