| Message ID | 390B4EACA1A32748BA6BC7F859F7D71655221555@GSjpTKYDCembx31.service.hitachi.net (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
> On Sep 21, 2016, at 1:45 AM, 小口琢夫 / KOGUCHI,TAKUO <takuo.koguchi.sw@hitachi.com> wrote: > > I failed to send this mail to the mailing list. > The second workaround is the same as Kotoro's. > In addition, kernel command line option audit=0 is another workarround. > https://github.com/tailhook/vagga/issues/71 > -Takuo > > original mail to Doug > --- > Doug, > > I had the same issue. I did some search in the net and found it is not a problem of fuego itself. > As far as I know there are two workarounds; > 1) Rebuild and install libpam with --disable-audit option (in the container) or > 2) Modify docker-create-container.sh to add --pid="host" option to docker create command diff --git a/fuego-host-scripts/docker-create-container.sh b/fuego-host-scripts/docker-create-container.sh > index 2ea7961..24663d6 100755 > --- a/fuego-host-scripts/docker-create-container.sh > +++ b/fuego-host-scripts/docker-create-container.sh > @@ -7,7 +7,7 @@ while [ -h "$SOURCE" ]; do # resolve $SOURCE until the file is no longer a symli done DIR="$( cd -P "$( dirname "$SOURCE" )" && pwd )" > > -CONTAINER_ID=`sudo docker create -it -v $DIR/../userdata:/userdata --net="host" fuego` > +CONTAINER_ID=`sudo docker create -it -v $DIR/../userdata:/userdata > +--pid="host " --net="host" fuego` > CONTAINER_ID_FILE="$DIR/../last_fuego_container.id" > echo "Created Fuego container $CONTAINER_ID" > echo $CONTAINER_ID > $DIR/../last_fuego_container.id > > Actually I have not tried the first one and do not know if there is any side effects for the second. > > Best regards, > > Take Noguchi Yes, —pid=“host” was the fix. Thanks > — > >> -----Original Message----- >> From: ltsi-dev-bounces@lists.linuxfoundation.org >> [mailto:ltsi-dev-bounces@lists.linuxfoundation.org] On Behalf Of Kotaro >> HASHIMOTO >> Sent: Wednesday, September 21, 2016 2:06 PM >> To: 'Bird, Timothy'; 'Doug Crawford' >> Cc: ltsi-dev@lists.linuxfoundation.org; fuego@lists.linuxfoundation.org >> Subject: [!]Re: [LTSI-dev] Jenkins error >> >> Hi, >> >> I met same error on Ubuntu 14.04. >> Then I modified docker-create-container.sh as the below and it works on my >> environment. >> >> <<docker-create-container.sh>> >> ----- >> [[before]] >> CONTAINER_ID=`sudo docker create -it -v $DIR/../userdata:/userdata >> --net="host" fuego` [[after]] CONTAINER_ID=`sudo docker create -it -v >> $DIR/../userdata:/userdata --pid="host" --net="host" fuego` >> ----- >> >> You can refer the below link also. >> https://github.com/docker/docker/issues/5899 >> >> >> Best regards, >> Kotaro Hashimoto >> >> >> -----Original Message----- >> From: ltsi-dev-bounces@lists.linuxfoundation.org >> [mailto:ltsi-dev-bounces@lists.linuxfoundation.org] On Behalf Of Bird, Timothy >> Sent: Wednesday, September 21, 2016 10:57 AM >> To: Doug Crawford <dcrawford@zonoff.com> >> Cc: ltsi-dev@lists.linuxfoundation.org; fuego@lists.linuxfoundation.org >> Subject: Re: [LTSI-dev] Jenkins error >> >> Sorry for the slow response. I've been out of the office the last few days. >> >>> -----Original Message----- >>> From: ltsi-dev-bounces@lists.linuxfoundation.org [mailto:ltsi-dev- >> >>> On Ubuntu Trusty 14.04 on VirtualBox VM Updated Docker as per the >>> Docker web instructions, getting version 1.12.1 Install.sh and docker >>> create script ran without issue, start script had an error: >>> Server: jenkinssu: System error failed! >>> >>> ---- >>> vagrant@vagrant-ubuntu-trusty-64:/vagrant/dev/erik/jta-public/jta-host >>> - >>> scripts$ ls >>> docker-build.sh docker-create-container.sh docker-start-container.sh >>> vagrant@vagrant-ubuntu-trusty-64:/vagrant/dev/erik/jta-public/jta-host >>> - scripts$ sudo ./docker-create-container.sh Created JTA container >>> 6a420f901af7847f2afa3100d3fb3852b71bc65f92aecd13a9aefe0823d42b77 >>> vagrant@vagrant-ubuntu-trusty-64:/vagrant/dev/erik/jta-public/jta-host >>> - scripts$ sudo ./docker-start-container.sh Starting JTA container >>> 6a420f901af7847f2afa3100d3fb3852b71bc65f92aecd13a9aefe0823d42b77 >>> [....] Starting Jenkins Continuous Integration Server: jenkinssu: >>> System error failed! >>> [ ok ] Starting OpenBSD Secure Shell server: sshd. >>> [ ok ] Starting network benchmark server. >>> eth0 Link encap:Ethernet HWaddr 08:00:27:f2:f2:d9 >>> inet addr:10.0.2.15 Bcast:10.0.2.255 Mask:255.255.255.0 >>> inet6 addr: fe80::a00:27ff:fef2:f2d9/64 Scope:Link >>> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 >>> RX packets:1927624 errors:0 dropped:0 overruns:0 frame:0 >>> TX packets:345482 errors:0 dropped:0 overruns:0 carrier:0 >>> collisions:0 txqueuelen:1000 >>> RX bytes:2746559839 (2.5 GiB) TX bytes:23097565 (22.0 MiB) >>> >>> /var/lib/jenkins/config.xml is a symlink - everything is OK. >>> Setting up watches. >>> Watches established. >>> — >>> >>> Am I doing something wrong? >> >> Not that I can see. Can you please do the following: >> >> Start the container, using the docker-start-container.sh script (like you are doing). >> Once "inside" the container, edit /etc/init.d/jenkins and add the line: "set -x" >> somewhere near the top of the file (for example, right before the PATH=... line). >> >> Then exit the shell (terminating the container), and start it again using >> docker-start-container.sh >> >> Then please send the output to this list. The output from /etc/init.d/jenkins should >> look something like the following... >> + PATH=/bin:/usr/bin:/sbin:/usr/sbin >> + DESC='Jenkins Continuous Integration Server' >> + NAME=Jenkins >> ... >> I assume the message is coming from the $SU command inside this script (in the >> do_start function), but I'd like to verify that. >> >> If the 'su' command is having the problem, we may need to strace it to see what >> the issue is, but that will be tricky since strace is not put into the container by >> default. (But it's not hard to add stuff to the Dockerfile to add additional Debian >> packages to the container image.) >> >> I'm not sure what would be causing the system error. >> >> FWIW, I'm running fuego (jta renamed) on Ubuntu 14.04.05 (Trusty Tahr), with >> docker version 1.12.0, so the environment should be very similar. >> -- Tim >> >> >> >> >> _______________________________________________ >> LTSI-dev mailing list >> LTSI-dev@lists.linuxfoundation.org >> https://lists.linuxfoundation.org/mailman/listinfo/ltsi-dev >> >> _______________________________________________ >> LTSI-dev mailing list >> LTSI-dev@lists.linuxfoundation.org >> https://lists.linuxfoundation.org/mailman/listinfo/ltsi-dev
--- a/fuego-host-scripts/docker-create-container.sh +++ b/fuego-host-scripts/docker-create-container.sh @@ -7,7 +7,7 @@ while [ -h "$SOURCE" ]; do # resolve $SOURCE until the file is no longer a symli done DIR="$( cd -P "$( dirname "$SOURCE" )" && pwd )" -CONTAINER_ID=`sudo docker create -it -v $DIR/../userdata:/userdata --net="host" fuego` +CONTAINER_ID=`sudo docker create -it -v $DIR/../userdata:/userdata +--pid="host " --net="host" fuego` CONTAINER_ID_FILE="$DIR/../last_fuego_container.id" echo "Created Fuego container $CONTAINER_ID" echo $CONTAINER_ID > $DIR/../last_fuego_container.id Actually I have not tried the first one and do not know if there is any side effects for the second.