(unsolved)(SOLVED) Snapcraft Looping...Executing in container: lxc --project snapcraft exec

2023-02-24 10:36:57.690 Waiting for networking to be ready...                                                                                                     
2023-02-24 10:36:57.690 Executing in container: lxc --project snapcraft exec local:snapcraft-speedify-on-amd64-for-amd64-1979341 -- env PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin SNAPCRAFT_MANAGED_MODE=1 getent hosts snapcraft.io                                                               
2023-02-24 10:37:03.061 Executing in container: lxc --project snapcraft exec local:snapcraft-speedify-on-amd64-for-amd64-1979341 -- env PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin SNAPCRAFT_MANAGED_MODE=1 getent hosts snapcraft.io                                                               
2023-02-24 10:37:08.439 Executing in container: lxc --project snapcraft exec local:snapcraft-speedify-on-amd64-for-amd64-1979341 -- env PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin SNAPCRAFT_MANAGED_MODE=1 getent hosts snapcraft.io                                                               
2023-02-24 10:37:13.804 Executing in container: lxc --project snapcraft exec local:snapcraft-speedify-on-amd64-for-amd64-1979341 -- env PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin SNAPCRAFT_MANAGED_MODE=1 getent hosts snapcraft.io                                                               
2023-02-24 10:37:19.166 Executing in container: lxc --project snapcraft exec local:snapcraft-speedify-on-amd64-for-amd64-1979341 -- env PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin SNAPCRAFT_MANAGED_MODE=1 getent hosts snapcraft.io                                                               
2023-02-24 10:37:24.541 Executing in container: lxc --project snapcraft exec local:snapcraft-speedify-on-amd64-for-amd64-1979341 -- env PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin SNAPCRAFT_MANAGED_MODE=1 getent hosts snapcraft.io                                                               
2023-02-24 10:37:29.902 Executing in container: lxc --project snapcraft exec local:snapcraft-speedify-on-amd64-for-amd64-1979341 -- env PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin SNAPCRAFT_MANAGED_MODE=1 getent hosts snapcraft.io  

Just keeps looping the last line.

disabling firewalld solved this issue.

1 Like

It’s back again… but I’ve removed Firewalld and now using nftables… whats up with snapchat and the firewall systems???

2023-02-24 15:45:19.650 Waiting for networking to be ready…
2023-02-24 15:45:19.651 Executing in container: lxc --project snapcraft exec local:snapcraft-speedify-on-amd64-for-amd64-1979341 – env PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin SNAPCRAFT_MANAGED_MODE=1 getent hosts snapcraft.io
2023-02-24 15:45:20.018 Executing in container: lxc --project snapcraft exec local:snapcraft-speedify-on-amd64-for-amd64-1979341 – env PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin SNAPCRAFT_MANAGED_MODE=1 getent hosts snapcraft.io
2023-02-24 15:45:20.381 Executing in container: lxc --project snapcraft exec local:snapcraft-speedify-on-amd64-for-amd64-1979341 – env PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin SNAPCRAFT_MANAGED_MODE=1 getent hosts snapcraft.io
2023-02-24 15:45:20.754 Executing in container: lxc --project snapcraft exec local:snapcraft-speedify-on-amd64-for-amd64-1979341 – env PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin SNAPCRAFT_MANAGED_MODE=1 getent hosts snapcraft.io

Can you share your actual firewall rules? I suspect something is blocking the lxd bridge.

The rules I used:

table inet filter { chain input { type filter hook input priority filter; policy drop; iif “lo” accept ct state established,related accept icmpv6 type { nd-router-advert, nd-neighbor-solicit, nd-neighbor-advert } accept }

chain forward {
	type filter hook forward priority filter; policy accept;
}

chain output {
	type filter hook output priority filter; policy accept;
}

}

Although lxd added its own rules on reboot…

disabling nftables didn’t fix this issue…

I’m not sure what’s going on… maybe since I was trying to build on a debian 11 system that I had a bunch of issues?? maybe builds need Ubuntu?

Anyhow… I’ll still use snap for steam and codium and other stuff… I’ll have to try and learn snap later when documents improve or people put out better information on youtube on how to build a snap.

I saw flatpaks… but I would rather stay with one thing, instead of jumping around. I’ll stay with Snap. I’m just going to wait for better documentation.

I’ve removed lxd and other things needed to build snaps for now… so the other table information is gone.

1 Like

Same issue here on an arm64… I’m on an ubuntu 22.04 on a banana pi and disabled UFW and disabled the internal firewalls of lxd with

lxc network set lxdbr0 ipv6.firewall false

lxc network set lxdbr0 ipv4.firewall false

Nothing works… Still puzzled, that it doesn’t run on default config.

Hi folks,

I just installed a default Debian 11 box, with no custom configurations whatsoever. Lxd seems to be working correctly, with the right network access.

Could you share more on what configuration changes you introduced, perhaps network adapter changes, or firewall rules?

I have a “real” hardware Dell Optiplex 390. I’m using a WiFi adapter with this driver https://github.com/morrownr/8821au-20210708

Dell Optiplex 390 SFF Desktop - Intel Core i5-2400 3.1GHz 8GB

I’m not running this in any VM, like virtualbox or VMware. It’s running on Debian 11 XFCE with luks encryption.

I need the WiFi adapter to access Internet.

I have both the Alfa wifi adapter and another generic WiFi adapter. The generic WiFi adapter works really good on the Alfa driver. https://docs.alfa.com.tw/Support/Linux/RTL8811AU/

It’s probably the WiFi adapter. I could plug into the wall, but I have to drop a 100ft Ethernet cable which isn’t good because I have a handicap person in this house that can not walk over it.

Hopefully that helps.

I was on a blank ubuntu-server 22.04 arm64 image on a banana pi M5… I just installed snapcraft which and installed lxd by default with default parameters.

@Greg @meo2k1 thanks for the explanations.

Greg, one thing that comes to mind is that not all wifi adapters can work in bridged mode. I’ve encountered this quite a few times in the past.

@meo2k1 do you also use a bridged network adapter? Could you post some logs please?

Even a Alfa wifi adapter that is used in Kali Linux for listening to WiFi signals in Monitor mode? I’ve got it set for managed mode right now.

The ALFA wifi adapter is suppose to be able to do more than the average WiFi adapter. It’s well known for penetration testing.

Is there a way to test your information on that wifi adapter?

I am not 100% sure how you can know that in advance. Maybe check the module info (modinfo), and see whether it can be configured to send frames with its own mac address in bridged mode or not - this may actually not be available in the printed info, or they might not be a parameter to change; but if it’s configured to send frames with its own mac address, you will most likely have a problem.

There are some tips on the LXD documentation, for example, if running docker you might want to take a look at https://linuxcontainers.org/lxd/docs/master/howto/network_bridge_firewalld/#prevent-issues-with-lxd-and-docker

was that running an ubuntu kernel ? if not, please run:

$ lxd.check-kernel

to see if your kernel has all required configs enabled (the output should return all green)

Looks good, except for “checkpoint restore”…

--- Namespaces ---
Namespaces: enabled
Utsname namespace: enabled
Ipc namespace: enabled
Pid namespace: enabled
User namespace: enabled
newuidmap is not installed
newgidmap is not installed
Network namespace: enabled

--- Control groups ---
Cgroups: enabled
Cgroup namespace: enabled
Cgroup v1 mount points: 
Cgroup v2 mount points: 
 - /sys/fs/cgroup
Cgroup device: enabled
Cgroup sched: enabled
Cgroup cpu account: enabled
Cgroup memory controller: enabled
Cgroup cpuset: enabled

--- Misc ---
Veth pair device: enabled, not loaded
Macvlan: enabled, not loaded
Vlan: enabled, not loaded
Bridges: enabled, loaded
Advanced netfilter: enabled, not loaded
CONFIG_NF_NAT_IPV4: enabled, not loaded
CONFIG_NF_NAT_IPV6: enabled, not loaded
CONFIG_IP_NF_TARGET_MASQUERADE: enabled, not loaded
CONFIG_IP6_NF_TARGET_MASQUERADE: enabled, not loaded
CONFIG_NETFILTER_XT_TARGET_CHECKSUM: enabled, not loaded
CONFIG_NETFILTER_XT_MATCH_COMMENT: enabled, not loaded
FUSE (for use with lxcfs): enabled, loaded

--- Checkpoint/Restore ---
checkpoint restore: missing
CONFIG_FHANDLE: enabled
CONFIG_EVENTFD: enabled
CONFIG_EPOLL: enabled
CONFIG_UNIX_DIAG: enabled
CONFIG_INET_DIAG: enabled
CONFIG_PACKET_DIAG: enabled
CONFIG_NETLINK_DIAG: enabled
File capabilities: enabled

Note : Before booting a new kernel, you can check its configuration
usage : CONFIG=/path/to/config /snap/lxd/24487/bin/lxc-checkconfig

Well, there are a lot modules marked as not loaded… especially in the network area…

Oh yes!.. I was distracted by the green color… :sweat_smile:

I’m facing the same issue and I found out with lxc list --project snapcraft that the container was not connected to any interface.

After running lxc network attach <whatever bridged interface> <the container> --project snapcraft and lxc restart <the container> --project snapcraft the issue was solved. Well… more a workaround rather than a solution

2 Likes