[lxc-users] Username/Password for LXC container in fedora-20
Ajith Adapa
ajith.adapa at gmail.com
Fri Jun 6 03:37:26 UTC 2014
Hi Michael,
I have updated Fedora-20 to latest kernel version.
# uname -a
Linux localhost.localdomain 3.14.4-200.fc20.x86_64 #1 SMP Tue May 13
13:51:08 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
and commented out the line in /etc/pam.d/sshd file
# cat /etc/pam.d/sshd
#%PAM-1.0
auth required pam_sepermit.so
auth substack password-auth
auth include postlogin
account required pam_nologin.so
account include password-auth
password include password-auth
# pam_selinux.so close should be the first session rule
session required pam_selinux.so close
#session required pam_loginuid.so
# pam_selinux.so open should only be followed by sessions to be
executed in the user context
session required pam_selinux.so open env_params
session optional pam_keyinit.so force revoke
session include password-auth
session include postlogin
But still face the same problem when I create and start a new LXC container.
@Fajar
I tried again creating new lxc container but havent seen any password
in output log
# lxc-create -n test -t fedora
lxc-create: No config file specified, using the default config
/etc/lxc/default.
conf
Host CPE ID from /etc/os-release: cpe:/o:fedoraproject:fedora:20
Checking cache download in /var/cache/lxc/fedora/x86_64/20/rootfs ...
Cache found. Updating...
Loaded plugins: langpacks, refresh-packagekit
Could not get metalink
https://mirrors.fedoraproject.org/metalink?repo=updates-r
eleased-f20&arch=x86_64 error was
14: curl#6 - "Could not resolve host: mirrors.fedoraproject.org"
No packages marked for update
Update finished
Copy /var/cache/lxc/fedora/x86_64/20/rootfs to /var/lib/lxc/test/rootfs ...
Copying rootfs to /var/lib/lxc/test/rootfs ...setting root passwd to root
installing fedora-release package
Package fedora-release-20-3.noarch already installed and latest version
Nothing to do
unlink: cannot unlink
â/var/lib/lxc/test/rootfs/etc/systemd/system/default.targe
tâ: No such file or directory
container rootfs and config created
'fedora' template installed
'test' created
# lxc-start -n test
systemd 208 running in system mode. (+PAM +LIBWRAP +AUDIT +SELINUX
+IMA +SYSVINI T
+LIBCRYPTSETUP +GCRYPT +ACL +XZ)
Detected virtualization 'lxc'.
Welcome to Fedora 20 (Heisenbug)!
Set hostname to <test.localdomain>.
Initializing machine ID from KVM UUID.
[ OK ] Reached target Remote File Systems.
[ OK ] Created slice Root Slice.
[ OK ] Created slice User and Session Slice.
[ OK ] Created slice System Slice.
[ OK ] Reached target Slices.
[ OK ] Created slice system-getty.slice.
[ OK ] Listening on /dev/initctl Compatibility Named Pipe.
[ OK ] Listening on Delayed Shutdown Socket.
Failed to open /dev/autofs: No such file or directory
Failed to initialize automounter: No such file or directory
[FAILED] Failed to set up automount Arbitrary Executable File...utomount Point.
See 'systemctl status proc-sys-fs-binfmt_misc.automount' for details.
Unit proc-sys-fs-binfmt_misc.automount entered failed state.
[ OK ] Listening on udev Kernel Socket.
[ OK ] Listening on udev Control Socket.
[ OK ] Reached target Encrypted Volumes.
[ OK ] Listening on Journal Socket.
Starting Apply Kernel Variables...
Mounting Debug File System...
Starting udev Coldplug all Devices...
Mounting Huge Pages File System...
Mounting POSIX Message Queue File System...
Starting Create static device nodes in /dev...
Mounting Configuration File System...
Starting Journal Service...
[ OK ] Started Journal Service.
[ OK ] Reached target Paths.
[ OK ] Reached target Swap.
Starting Remount Root and Kernel File Systems...
Mounting Temporary Directory...
[ OK ] Started Create static device nodes in /dev.
Starting udev Kernel Device Manager...
[ OK ] Mounted POSIX Message Queue File System.
[ OK ] Mounted Configuration File System.
<30>systemd-udevd[20]: starting version 208
[ OK ] Mounted Huge Pages File System.
[ OK ] Mounted Debug File System.
[ OK ] Mounted Temporary Directory.
[ OK ] Started udev Coldplug all Devices.
[ OK ] Started udev Kernel Device Manager.
[ OK ] Started Remount Root and Kernel File Systems.
[ OK ] Started Apply Kernel Variables.
Starting Load/Save Random Seed...
[ OK ] Reached target Local File Systems (Pre).
Starting Configure read-only root support...
[ OK ] Started Load/Save Random Seed.
[ OK ] Reached target Sound Card.
[ OK ] Started Configure read-only root support.
[ OK ] Reached target Local File Systems.
Starting Trigger Flushing of Journal to Persistent Storage...
Starting Mark the need to relabel after reboot...
Starting Create Volatile Files and Directories...
[ OK ] Started Create Volatile Files and Directories.
Starting Update UTMP about System Reboot/Shutdown...
[ OK ] Started Mark the need to relabel after reboot.
[ OK ] Started Update UTMP about System Reboot/Shutdown.
[ OK ] Reached target System Initialization.
[ OK ] Reached target Timers.
[ OK ] Listening on D-Bus System Message Bus Socket.
[ OK ] Reached target Sockets.
[ OK ] Reached target Basic System.
Starting System Logging Service...
Starting Login Service...
Starting D-Bus System Message Bus...
[ OK ] Started D-Bus System Message Bus.
<46>systemd-journald[17]: Received request to flush runtime journal from PID 1
[ OK ] Started Trigger Flushing of Journal to Persistent Storage.
Starting Permit User Sessions...
[ OK ] Started Login Service.
[ OK ] Started System Logging Service.
[ OK ] Started Permit User Sessions.
Starting Getty on tty3...
[ OK ] Started Getty on tty3.
Starting Getty on tty4...
[ OK ] Started Getty on tty4.
Starting Getty on tty2...
[ OK ] Started Getty on tty2.
Starting Getty on tty1...
[ OK ] Started Getty on tty1.
Starting Console Getty...
[ OK ] Started Console Getty.
[ OK ] Reached target Login Prompts.
[ OK ] Reached target Multi-User System.
Fedora release 20 (Heisenbug)
Kernel 3.14.4-200.fc20.x86_64 on an x86_64 (console)
test login:
Regards,
Ajith
On Fri, Jun 6, 2014 at 6:18 AM, Ajith Adapa <ajith.adapa at gmail.com> wrote:
> Hi guys,
>
> Thanks for the replies. I will try to upgrade my Fedora-20 with latest
> kernel and try the same.
>
>
>
> On Thu, Jun 5, 2014 at 7:51 PM, Michael H. Warfield <mhw at wittsend.com>
> wrote:
>>
>> On Thu, 2014-06-05 at 17:56 +0530, Ajith Adapa wrote:
>> > Hi,
>> >
>> > I have created an lxc container in feodra-20 with default config file
>> > and default fedora template.
>> >
>> > lxc-create -n root -t fedora
>> >
>> > When i try to start the container i am greeted with username and
>> > password prompt.What is the default username/password for
>> > lxc-container in fedora-20 ?
>> >
>> >
>> > Kernel Version
>> > ============
>>
>> > Linux localhost.localdomain 3.11.10-301.fc20.x86_64 #1 SMP Thu Dec 5
>> > 14:01:17 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux
>>
>> >
>> > LXC-version
>> > =============
>> > [root at localhost ~]# lxc-version
>> > lxc version: 0.9.0
>>
>> Ok... Stop right there. Seems to suddenly be a lot of people running
>> into this problem all of a sudden. You're running on a combination of
>> old kernel and old version of LXC that do not play nice together and,
>> yes, that the early F20 kernel with the distro distributed version of
>> LXC. We've been having an active discussion about this bug in several
>> forums.
>>
>> https://bugzilla.redhat.com/show_bug.cgi?id=1002914
>>
>> Please note comments #6 & #7
>>
>> -- 6
>> I've noticed that this issue should be fixed in v3.13-rc1
>>
>> As mentioned in commit
>>
>>
>> http://o.cs.uvic.ca:20810/perl/cid.pl?cid=83fa6bbe4c4541ae748b550b4ec391f8a0acfe94
>>
>> CONFIG_AUDIT_LOGINUID_IMMUTABLE=y was removed. Could you please retest it
>> on the latest Fedora?
>> --
>>
>> -- 7
>> Hi,
>> I have tried with the latest upgrades of F20 and the problem has been
>> fixed.
>> Thank you very much for the support!
>>
>> Regards,
>> Enrique
>> --
>>
>> So, you have 2 choices.
>>
>> 1) Update your F20 system to the latest kernel. My development server
>> is currently running 3.14.4-200.fc20.x86_64 from Fedora Updates.
>>
>> 2) Go through the files in ${root_fs}/etc/pam.d and make the following
>> changes:
>>
>> - session required pam_loginuid.so
>> + # session required pam_loginuid.so
>>
>> Either of those will enable you to log in once again. If you don't to
>> either, there is no combination of user name or password that will work,
>> due to the error being generated out of pam_loginuid.so.
>> >
>> >
>> > [root at localhost ~]# lxc-start -n root
>> > systemd 208 running in system mode. (+PAM +LIBWRAP +AUDIT +SELINUX
>> > +IMA +SYSVINIT +LIBCRYPTSETUP +GCRYPT +ACL +XZ)
>> > Detected virtualization 'lxc'.
>> >
>> > Welcome to Fedora 20 (Heisenbug)!
>> >
>> > Set hostname to <root.localdomain>.
>> > [ OK ] Reached target Remote File Systems.
>> > [ OK ] Created slice Root Slice.
>> > [ OK ] Created slice User and Session Slice.
>> > [ OK ] Created slice System Slice.
>> > [ OK ] Reached target Slices.
>> > [ OK ] Created slice system-getty.slice.
>> > [ OK ] Listening on /dev/initctl Compatibility Named Pipe.
>> > [ OK ] Listening on Delayed Shutdown Socket.
>> > Failed to open /dev/autofs: No such file or directory
>> > Failed to initialize automounter: No such file or directory
>> > [FAILED] Failed to set up automount Arbitrary Executable
>> > File...utomount Point.
>> > See 'systemctl status proc-sys-fs-binfmt_misc.automount' for details.
>> > Unit proc-sys-fs-binfmt_misc.automount entered failed state.
>> > [ OK ] Listening on udev Kernel Socket.
>> > [ OK ] Listening on udev Control Socket.
>> > [ OK ] Reached target Encrypted Volumes.
>> > [ OK ] Listening on Journal Socket.
>> > Starting Apply Kernel Variables...
>> > Mounting Debug File System...
>> > Starting udev Coldplug all Devices...
>> > Mounting Huge Pages File System...
>> > Mounting POSIX Message Queue File System...
>> > Mounting FUSE Control File System...
>> > Starting Create static device nodes in /dev...
>> > Mounting Configuration File System...
>> > Starting Journal Service...
>> > [ OK ] Started Journal Service.
>> > [ OK ] Reached target Paths.
>> > [ OK ] Reached target Swap.
>> > Starting Remount Root and Kernel File Systems...
>> > Mounting Temporary Directory...
>> > [ OK ] Started Apply Kernel Variables.
>> > [ OK ] Mounted Debug File System.
>> > [ OK ] Mounted Huge Pages File System.
>> > [ OK ] Mounted POSIX Message Queue File System.
>> > [ OK ] Mounted FUSE Control File System.
>> > [ OK ] Started Create static device nodes in /dev.
>> > [ OK ] Mounted Configuration File System.
>> > [ OK ] Started Remount Root and Kernel File Systems.
>> > [ OK ] Mounted Temporary Directory.
>> > Starting Load/Save Random Seed...
>> > Starting Configure read-only root support...
>> > Starting udev Kernel Device Manager...
>> > [ OK ] Reached target Local File Systems (Pre).
>> > <30>systemd-udevd[24]: starting version 208
>> > [ OK ] Started Load/Save Random Seed.
>> > [ OK ] Started udev Kernel Device Manager.
>> > [ OK ] Started Configure read-only root support.
>> > [ OK ] Reached target Local File Systems.
>> > Starting Trigger Flushing of Journal to Persistent Storage...
>> > Starting Create Volatile Files and Directories...
>> > [ OK ] Started udev Coldplug all Devices.
>> > [ OK ] Started Create Volatile Files and Directories.
>> > Starting Update UTMP about System Reboot/Shutdown...
>> > <46>systemd-journald[18]: Received request to flush runtime journal
>> > from PID 1
>> > [ OK ] Started Trigger Flushing of Journal to Persistent Storage.
>> > [ OK ] Started Update UTMP about System Reboot/Shutdown.
>> > [ OK ] Reached target System Initialization.
>> > [ OK ] Reached target Timers.
>> > [ OK ] Listening on D-Bus System Message Bus Socket.
>> > [ OK ] Reached target Sockets.
>> > [ OK ] Reached target Basic System.
>> > Starting System Logging Service...
>> > Starting Permit User Sessions...
>> > Starting Login Service...
>> > Starting D-Bus System Message Bus...
>> > [ OK ] Started D-Bus System Message Bus.
>> > [ OK ] Started Permit User Sessions.
>> > Starting Getty on tty3...
>> > [ OK ] Started Getty on tty3.
>> > Starting Getty on tty4...
>> > [ OK ] Started Getty on tty4.
>> > Starting Getty on tty2...
>> > [ OK ] Started Getty on tty2.
>> > Starting Getty on tty1...
>> > [ OK ] Started Getty on tty1.
>> > Starting Console Getty...
>> > [ OK ] Started Console Getty.
>> > [ OK ] Reached target Login Prompts.
>> > Starting Cleanup of Temporary Directories...
>> > [ OK ] Started System Logging Service.
>> > [ OK ] Started Cleanup of Temporary Directories.
>> > [ OK ] Reached target Sound Card.
>> > [ OK ] Started Login Service.
>> > [ OK ] Reached target Multi-User System.
>> >
>> > Fedora release 20 (Heisenbug)
>> > Kernel 3.11.10-301.fc20.x86_64 on an x86_64 (console)
>> >
>> > root login: root
>> > Password:
>> > Last failed login: Thu Jun 5 08:37:20 UTC 2014 on console
>> > There were 3 failed login attempts since the last successful login.
>> >
>> > Cannot make/remove an entry for the specified session
>> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>>
>> This is the smoking gun. This indicates precisely and exactly that you
>> are running into the pam_loginuid.so conflict bug.
>>
>> > Fedora release 20 (Heisenbug)
>> > Kernel 3.11.10-301.fc20.x86_64 on an x86_64 (console)
>> >
>> > root login:
>> >
>> >
>> >
>> > Regards,
>> > Ajith
>>
>> Regards,
>> Mike
>> --
>> Michael H. Warfield (AI4NB) | (770) 978-7061 | mhw at WittsEnd.com
>> /\/\|=mhw=|\/\/ | (678) 463-0932 |
>> http://www.wittsend.com/mhw/
>> NIC whois: MHW9 | An optimist believes we live in the best of
>> all
>> PGP Key: 0x674627FF | possible worlds. A pessimist is sure of it!
>>
>>
>> _______________________________________________
>> lxc-users mailing list
>> lxc-users at lists.linuxcontainers.org
>> http://lists.linuxcontainers.org/listinfo/lxc-users
>
>
More information about the lxc-users
mailing list