[lxc-users] ubuntu utopic (14.10) permission problems?

Norberto Bensa nbensa+lxcusers at gmail.com
Thu Mar 12 01:14:35 UTC 2015


Update.

# mailq
Mail queue is empty
# mailq
postqueue: warning: close: Permission denied


Same session. Less than a second between two consecutive mailq commands. So
I made this test:

# for i in {1..1000}; do mailq 2>&1 |grep Mail; done
Mail queue is empty
# for i in {1..1000}; do mailq 2>&1 |grep Mail; done
# for i in {1..1000}; do mailq 2>&1 |grep Mail; done
Mail queue is empty

Does this ring any bell? I'm using postfix as an example but I think this
is related to my kerberos/ldap/pam problem. Postfix is just easier to set
up :-)

Thanks!




2015-03-11 0:42 GMT-03:00 Norberto Bensa <nbensa+lxcusers at gmail.com>:

> Hello,
>
> I upgraded my main box to ubuntu 14.10 and now my containers are failing
> with weird permission problems. A simple test is this:
>
> $ sudo lxc-create -t ubuntu -n testing -- -r trusty
>
> In the containter install postfix (sudo apt-get install postfix). After a
> basic postfix configuration, run mailq:
>
> $ mailq
> postqueue: warning: close: Permission denied
>
> $ sudo mailq
> postqueue: warning: close: Permission denied
>
>
> Others containters are also failing with pam (?) related issues. For
> example:
>
> $ ssh dana
> Connection closed by 10.11.101.3
>
> Now this one is more interesting for me because "dana" uses kerberos and
> ldap. When I attach to the container, auth.log says:
>
> Mar 11 00:20:15 dana sshd[1503]: Authorized to zoolook, krb5 principal
> zoolook at BENSA.AR (krb5_kuserok)
> Mar 11 00:20:15 dana sshd[1503]: fatal: Access denied for user zoolook by
> PAM account configuration [preauth]
>
> This container was working with ubuntu trusty on the host BUT it also
> failed when I tried utopic kernels on the host
> (linux-image-generic-lts-utopic).
>
> Does anyone have any idea what it's going on?
>
> Thanks in advance,
> Norberto
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20150311/34ef4561/attachment.html>


More information about the lxc-users mailing list