Error on pve8to9: CT does not support unified cgroup v2 layout

[RuiSantos]

Hello all,

I'm want up upgrade to pve on my home lab first, before applying it on production locations.
Following the guide, I ran pve8to9 --full, on which I get the following error:

FAIL: Found at least one CT (x) which does not support running in a unified cgroup v2 layout

    You must upgrade the Containers distros! Skipping further CT compat checks.

I've searched for this error description and it appears to be related to old distributions.
This case is however, a fully updated OpenSUSE Slowroll (tumbleweed like). All it's software should be fully up to date.

Here's the cfg file for the container:

~# cat /etc/pve/lxc/x.conf
arch: amd64
cores: 2
features: nesting=1
hostname: somename
memory: 2048
nameserver: someip
net0: name=eth0,bridge=somebridge,firewall=1,gw=someip,hwaddr=somemac,ip=someip_netmask,type=veth
onboot: 1
ostype: opensuse
protection: 1
rootfs: nvme:vm-x-disk-0,size=10G
searchdomain: somesearchdomain
swap: 0
unprivileged: 1

I have no idea what to do now, even to try to hunt where the actual issue lies!

Can anyone provide some advice on this matter?

Regards,
Rui

 

[sterzy]

Hi, what systemd version does the container use? And what does the command find / -name "libsystemd-shared-*.so" 2> /dev/null return in the container (ideally you could run that as root)?

 

[RuiSantos]

Hi Shannon,

Thanks for the quick reply. Here's the info you've requested:

On systemd version:

# /usr/bin/systemctl --version
systemd 257 (257.6+suse.18.g1e42ecf5a1)
+PAM +AUDIT +SELINUX +APPARMOR +IMA +IPE -SMACK +SECCOMP +GCRYPT +GNUTLS +OPENSSL +ACL +BLKID +CURL +ELFUTILS +FIDO2 +IDN2 -IDN +IPTC +KMOD +LIBCRYPTSETUP +LIBCRYPTSETUP_PLUGINS +LIBFDISK +PCRE2 +PWQUALITY +P11KIT +QRENCODE +TPM2 +BZIP2 +LZ4 +XZ +ZLIB +ZSTD +BPF_FRAMEWORK -BTF -XKBCOMMON -UTMP +SYSVINIT +LIBARCHIVE

On the find command:

# find / -name "libsystemd-shared-*.so" 2> /dev/null
/usr/lib64/systemd/libsystemd-shared-257.6-2.0.4.1.sr20250601.so

Hope it helps

Rui

 

[sterzy]

Thanks, yes it does, seems that our regex here does not pick up on this way of naming libsystemd-shared, send a patch: https://lore.proxmox.com/pve-devel/20250806134843.266183-1-s.sterz@proxmox.com/T/#u

For now, it should be safe to ignore this warning in this case specifically. Since, this container's systemd version is already 257, which is well past the 232 we check for there. Also pve-container already implements a check that should parse the version correctly, so there should not be another issue from our side as far as I can tell.

However, if you have another container that reports an issue there, you will need to take extra care to check the version yourself.

 

[RuiSantos]

Glad you caught that.
I'll wait for the update and re-check it.
Thanks Shannon!