[lxc-users] Lower Version ??

CDR venefax at gmail.com
Sun May 4 04:57:52 UTC 2014


Dear Friends
I am switching my distribution to Ubuntu server. What would ne the
right command for a "make rpm" equivalent?
I think Fedora dropped the ball on the community. The LXC
implementation by Ubuntu is way ahead, because it includes NAT
networking.
Does everybody agree?
Yours
Philip

On Fri, May 2, 2014 at 1:14 PM, CDR <venefax at gmail.com> wrote:
> great information
> many thanks
>
> On Fri, May 2, 2014 at 11:21 AM, Michael H. Warfield <mhw at wittsend.com> wrote:
>> On Fri, 2014-05-02 at 11:14 -0400, CDR wrote:
>>> I don´t use Selinux since until I can make this work perfectly, it
>>> adds complexity to a complex picture.
>>> I changed the permissions on the file to 777 and nothing changed.
>>> Let me erase the lxc.service file and reinstall the RPMs, and try again
>>
>> Let me emphasize this fully.  Do NOT change permissions on a file to
>> 777.  Lots of security related applications and applications which run
>> as root will spot that as a writable file and refuse to run it as if it
>> had "Permission Denied" although they generally choose a better message.
>> I don't know if systemd does this but, if it doesn't, it should.  It
>> should NEVER run a file that is world writable.  Some applications (ssh)
>> will even bitch and refuse to use files that are group writable.  Safest
>> mode is 555 (read and execute) like should have been set in the rpm.
>>
>> Regards,
>> Mike
>>
>>> On Fri, May 2, 2014 at 10:57 AM, Michael H. Warfield <mhw at wittsend.com> wrote:
>>> > On Fri, 2014-05-02 at 10:24 -0400, CDR wrote:
>>> >> It works fine if I change the systemd service file and replace the two lines.
>>> >> I suggest that the patch also changes these two lines, or nobody else
>>> >> is going to make this work.
>>> >
>>> > No.  Dwight and I have been discussing this, some on-list and some
>>> > off-list, and he's correct that there's a timing issue if you need
>>> > libvirt up and the libvirt bridge.  I've confirmed this in some of my
>>> > tests where not all of my containers get started properly (early ones
>>> > failing and later ones starting).
>>> >
>>> > It looks like it works but there's an indeterminency in there that may
>>> > not be immediately be apparent.  I suggested it but I see where it may
>>> > work in may of my cases but there are too many corner cases where it
>>> > won't work properly.
>>> >
>>> > I think he asked you what the permissions where on the file.  I'm
>>> > curious if we're dealing with some sort of selinux gotcha and wondering
>>> > if your running with selinux enabled or disabled.
>>> >
>>> > Regards,
>>> > Mike
>>> >
>>> >> > /usr/lib/systemd/system/lxc.service
>>> >> >
>>> >> > Change these lines:
>>> >> >
>>> >> > ExecStart=/usr/libexec/lxc/lxc-startup start
>>> >> > ExecStop=/usr/libexec/lxc/lxc-startup stop
>>> >> >
>>> >> > To this:
>>> >> >
>>> >> ExecStart=/usr/bin/lxc-autostart -a
>>> >> ExecStop=/usr/bin/lxc-autostart -s
>>> >>
>>> >> On Fri, May 2, 2014 at 9:40 AM, Dwight Engen <dwight.engen at oracle.com> wrote:
>>> >> > On Thu, 1 May 2014 22:07:44 -0400
>>> >> > CDR <venefax at gmail.com> wrote:
>>> >> >
>>> >> >> After installng the RPMs with the patch
>>> >> >>
>>> >> >> systemctl start lxc
>>> >> >> Job for lxc.service failed. See 'systemctl status lxc.service' and
>>> >> >> 'journalctl -xn' for details.
>>> >> >> [root at hyperv ~]# journalctl -xn -l
>>> >> >> -- Logs begin at Tue 2014-03-25 10:13:43 EDT, end at Thu 2014-05-01
>>> >> >> 10:04:10 EDT. --
>>> >> >> May 01 10:04:04 hyperv systemd[1]: Reloading.
>>> >> >> May 01 10:04:06 hyperv PackageKit[1531]: daemon quit
>>> >> >> May 01 10:04:10 hyperv systemd[1]: Starting LXC Container
>>> >> >> Initialization and Autoboot Code...
>>> >> >> -- Subject: Unit lxc.service has begun with start-up
>>> >> >> -- Defined-By: systemd
>>> >> >> -- Support:
>>> >> >> http://lists.freedesktop.org/mailman/listinfo/systemd-devel --
>>> >> >> -- Unit lxc.service has begun starting up.
>>> >> >> May 01 10:04:10 hyperv lxc-devsetup[1817]: Creating /dev/.lxc
>>> >> >> May 01 10:04:10 hyperv lxc-devsetup[1817]: /dev is devtmpfs
>>> >> >> May 01 10:04:10 hyperv lxc-devsetup[1817]: Creating /dev/.lxc/user
>>> >> >> May 01 10:04:10 hyperv systemd[1825]: Failed at step EXEC spawning
>>> >> >> /usr/libexec/lxc/lxc-startup: Permission denied
>>> >> >
>>> >> > Can you check the permissions on /usr/libexec/lxc/lxc-startup? The rpm
>>> >> > spec file installs it 0555. Not sure why systemd can't exec it.
>>> >> >
>>> >> >> -- Subject: Process /usr/libexec/lxc/lxc-startup could not be executed
>>> >> >> -- Defined-By: systemd
>>> >> >> -- Support:
>>> >> >> http://lists.freedesktop.org/mailman/listinfo/systemd-devel --
>>> >> >> -- The process /usr/libexec/lxc/lxc-startup could not be executed and
>>> >> >> failed. --
>>> >> >> -- The error number returned while executing this process is 13.
>>> >> >> May 01 10:04:10 hyperv systemd[1]: lxc.service: main process exited,
>>> >> >> code=exited, status=203/EXEC
>>> >> >> May 01 10:04:10 hyperv systemd[1]: Failed to start LXC Container
>>> >> >> Initialization and Autoboot Code.
>>> >> >> -- Subject: Unit lxc.service has failed
>>> >> >>
>>> >> >> On Thu, May 1, 2014 at 9:16 PM, CDR <venefax at gmail.com> wrote:
>>> >> >> > When I apply the patch over the git version, I keep getting
>>> >> >> >  git am ../lxc.patch
>>> >> >> > Patch does not have a valid e-mail address
>>> >> >> >
>>> >> >> > How should I approach this? Sorry I am not  an expert.
>>> >> >> > Philip
>>> >> >> >
>>> >> >> > On Thu, May 1, 2014 at 9:08 PM, Dwight Engen
>>> >> >> > <dwight.engen at oracle.com> wrote:
>>> >> >> >> On Thu, 1 May 2014 20:28:44 -0400
>>> >> >> >> CDR <venefax at gmail.com> wrote:
>>> >> >> >>
>>> >> >> >>> Dear Friends
>>> >> >> >>>
>>> >> >> >>> I followed this instructions
>>> >> >> >>>
>>> >> >> >>> git clone git://github.com/lxc/lxc
>>> >> >> >>> cd lxc
>>> >> >> >>> git am /path/to/0001-have-systemd-
>>> >> >> >>> service-call-lxc-autostart-via-script.patch
>>> >> >> >>> ./autogen.sh
>>> >> >> >>> ./configure
>>> >> >> >>> make rpm
>>> >> >> >>> yum reinstall ~/rpmbuild/RPMS/x86_64/lxc*
>>> >> >> >>>
>>> >> >> >>> but the RPMs genrated are of a lower version of what I had,
>>> >> >> >>> compiled from code
>>> >> >> >>>
>>> >> >> >>> I get now
>>> >> >> >>> /root/rpmbuild/RPMS/x86_64/lxc-1.0.0-1.fc20.x86_64.rpm
>>> >> >> >>> /root/rpmbuild/RPMS/x86_64/lxc-devel-1.0.0-1.fc20.x86_64.rpm
>>> >> >> >>> /root/rpmbuild/RPMS/x86_64/lxc-debuginfo-1.0.0-1.fc20.x86_64.rpm
>>> >> >> >>> /root/rpmbuild/RPMS/x86_64/lxc-libs-1.0.0-1.fc20.x86_64.rpm
>>> >> >> >>>
>>> >> >> >>> but I have installed
>>> >> >> >>>
>>> >> >> >>> rpm -qa | grep lxc
>>> >> >> >>> lxc-devel-1.0.3-1.fc20.x86_64
>>> >> >> >>> libvirt-daemon-driver-lxc-1.1.3.4-4.fc20.x86_64
>>> >> >> >>> lxc-libs-1.0.3-1.fc20.x86_64
>>> >> >> >>> lxc-debuginfo-1.0.3-1.fc20.x86_64
>>> >> >> >>> lxc-1.0.3-1.fc20.x86_64
>>> >> >> >>>
>>> >> >> >>>
>>> >> >> >>> Did I missed something?
>>> >> >> >>
>>> >> >> >> This is because you are building against git master, 1.0.3 is the
>>> >> >> >> stable branch. Stéphane, I wonder if we should set
>>> >> >> >> lxc_version_micro in master's configure.ac to x or git or
>>> >> >> >> something to make it clear that it isn't the tagged 1.0.0? Of
>>> >> >> >> course I don't know if .x is considered "newer" than .3 for an rpm
>>> >> >> >> upgrade but it would be less confusing for people building their
>>> >> >> >> own rpm.
>>> >> >> >>
>>> >> >> >>> Thanks for your continued assistance.
>>> >> >> >>
>>> >> >> >> Philip, you can uninstall your current packages with rpm -e
>>> >> >> >> lxc-devel lxc-debuginfo lxc-libs lxc and then install the ones you
>>> >> >> >> built.
>>> >> >> >>
>>> >> >> >>> Philip
>>> >> >> >>> _______________________________________________
>>> >> >> >>> lxc-users mailing list
>>> >> >> >>> lxc-users at lists.linuxcontainers.org
>>> >> >> >>> http://lists.linuxcontainers.org/listinfo/lxc-users
>>> >> >> >> _______________________________________________
>>> >> >> >> lxc-users mailing list
>>> >> >> >> lxc-users at lists.linuxcontainers.org
>>> >> >> >> http://lists.linuxcontainers.org/listinfo/lxc-users
>>> >> >> _______________________________________________
>>> >> >> lxc-users mailing list
>>> >> >> lxc-users at lists.linuxcontainers.org
>>> >> >> http://lists.linuxcontainers.org/listinfo/lxc-users
>>> >> > _______________________________________________
>>> >> > lxc-users mailing list
>>> >> > lxc-users at lists.linuxcontainers.org
>>> >> > http://lists.linuxcontainers.org/listinfo/lxc-users
>>> >> _______________________________________________
>>> >> lxc-users mailing list
>>> >> lxc-users at lists.linuxcontainers.org
>>> >> http://lists.linuxcontainers.org/listinfo/lxc-users
>>> >
>>> > --
>>> > Michael H. Warfield (AI4NB) | (770) 978-7061 |  mhw at WittsEnd.com
>>> >    /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
>>> >    NIC whois: MHW9          | An optimist believes we live in the best of all
>>> >  PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!
>>> >
>>> >
>>> > _______________________________________________
>>> > lxc-users mailing list
>>> > lxc-users at lists.linuxcontainers.org
>>> > http://lists.linuxcontainers.org/listinfo/lxc-users
>>> _______________________________________________
>>> lxc-users mailing list
>>> lxc-users at lists.linuxcontainers.org
>>> http://lists.linuxcontainers.org/listinfo/lxc-users
>>
>> --
>> Michael H. Warfield (AI4NB) | (770) 978-7061 |  mhw at WittsEnd.com
>>    /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
>>    NIC whois: MHW9          | An optimist believes we live in the best of all
>>  PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!
>>
>>
>> _______________________________________________
>> lxc-users mailing list
>> lxc-users at lists.linuxcontainers.org
>> http://lists.linuxcontainers.org/listinfo/lxc-users


More information about the lxc-users mailing list