units with credentials fail in Incus containers

[banafshehft]

Required information

• Distribution: Arch Linux
• Distribution version: linux 6.10.arch1-2
• The output of "incus info" or if that fails:
  • Kernel version: 6.9.9-arch1-1
  • Incus version: 6.3
  • Storage backend in use: btrfs

Issue description

the issue that i faced with recent updates is the same as https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/2046486 on lxd.

i have to list and delete all the credentials under usr/lib/systemd/system so my instances start working. with each systemd update these credentials will rewrite again. i didnt see any relevent ticket open for incus you will face the issue if the instances get restart

Information to attach

sudo sh -c "find /var/lib/incus/containers/*/rootfs/usr/lib/systemd/system -type f -print0 | xargs -0 grep Credential.*=" will shows all the credentials and then i have to delete all of them

please let me know if you need more info

[stgraber]

Not something we can do much about as this is ultimately a kernel restriction.

That said our own images turn off that systemd feature to avoid the problem, so this suggests that you're dealing with older images that you've upgraded rather than using a recent image.

[stgraber]

You can manually refresh your /etc/systemd/system-generators/lxc with the content of https://github.com/lxc/distrobuilder/blob/main/distrobuilder/lxc.generator to get the current logic on an older container.