On Sun, 2014-05-04 at 00:57 -0400, CDR wrote: > Dear Friends > I am switching my distribution to Ubuntu server. What would ne the > right command for a "make rpm" equivalent? > I think Fedora dropped the ball on the community. The LXC > implementation by Ubuntu is way ahead, because it includes NAT > networking.
> Does everybody agree? What? I most emphatically don't agree. I'm on Fedora 20 and have no problem at all with this. I've been working with LXC since Fedora 14 and have been instrumental in getting LXC to work with systemd. Fedora has libvirt and nat and I have no idea what so ever about what your are talking about. I don't generally use nat, since I've got a huge public IP address space and I generally work over IPv6 which doesn't require NAT but my test containers are typically a mix of bridged native and NAT bridge. What you're say seems to be nonsense in my experience. > Yours > Philip Regards, Mike > On Fri, May 2, 2014 at 1:14 PM, CDR <vene...@gmail.com> wrote: > > great information > > many thanks > > > > On Fri, May 2, 2014 at 11:21 AM, Michael H. Warfield <m...@wittsend.com> > > wrote: > >> On Fri, 2014-05-02 at 11:14 -0400, CDR wrote: > >>> I don´t use Selinux since until I can make this work perfectly, it > >>> adds complexity to a complex picture. > >>> I changed the permissions on the file to 777 and nothing changed. > >>> Let me erase the lxc.service file and reinstall the RPMs, and try again > >> > >> Let me emphasize this fully. Do NOT change permissions on a file to > >> 777. Lots of security related applications and applications which run > >> as root will spot that as a writable file and refuse to run it as if it > >> had "Permission Denied" although they generally choose a better message. > >> I don't know if systemd does this but, if it doesn't, it should. It > >> should NEVER run a file that is world writable. Some applications (ssh) > >> will even bitch and refuse to use files that are group writable. Safest > >> mode is 555 (read and execute) like should have been set in the rpm. > >> > >> Regards, > >> Mike > >> > >>> On Fri, May 2, 2014 at 10:57 AM, Michael H. Warfield <m...@wittsend.com> > >>> wrote: > >>> > On Fri, 2014-05-02 at 10:24 -0400, CDR wrote: > >>> >> It works fine if I change the systemd service file and replace the two > >>> >> lines. > >>> >> I suggest that the patch also changes these two lines, or nobody else > >>> >> is going to make this work. > >>> > > >>> > No. Dwight and I have been discussing this, some on-list and some > >>> > off-list, and he's correct that there's a timing issue if you need > >>> > libvirt up and the libvirt bridge. I've confirmed this in some of my > >>> > tests where not all of my containers get started properly (early ones > >>> > failing and later ones starting). > >>> > > >>> > It looks like it works but there's an indeterminency in there that may > >>> > not be immediately be apparent. I suggested it but I see where it may > >>> > work in may of my cases but there are too many corner cases where it > >>> > won't work properly. > >>> > > >>> > I think he asked you what the permissions where on the file. I'm > >>> > curious if we're dealing with some sort of selinux gotcha and wondering > >>> > if your running with selinux enabled or disabled. > >>> > > >>> > Regards, > >>> > Mike > >>> > > >>> >> > /usr/lib/systemd/system/lxc.service > >>> >> > > >>> >> > Change these lines: > >>> >> > > >>> >> > ExecStart=/usr/libexec/lxc/lxc-startup start > >>> >> > ExecStop=/usr/libexec/lxc/lxc-startup stop > >>> >> > > >>> >> > To this: > >>> >> > > >>> >> ExecStart=/usr/bin/lxc-autostart -a > >>> >> ExecStop=/usr/bin/lxc-autostart -s > >>> >> > >>> >> On Fri, May 2, 2014 at 9:40 AM, Dwight Engen <dwight.en...@oracle.com> > >>> >> wrote: > >>> >> > On Thu, 1 May 2014 22:07:44 -0400 > >>> >> > CDR <vene...@gmail.com> wrote: > >>> >> > > >>> >> >> After installng the RPMs with the patch > >>> >> >> > >>> >> >> systemctl start lxc > >>> >> >> Job for lxc.service failed. See 'systemctl status lxc.service' and > >>> >> >> 'journalctl -xn' for details. > >>> >> >> [root@hyperv ~]# journalctl -xn -l > >>> >> >> -- Logs begin at Tue 2014-03-25 10:13:43 EDT, end at Thu 2014-05-01 > >>> >> >> 10:04:10 EDT. -- > >>> >> >> May 01 10:04:04 hyperv systemd[1]: Reloading. > >>> >> >> May 01 10:04:06 hyperv PackageKit[1531]: daemon quit > >>> >> >> May 01 10:04:10 hyperv systemd[1]: Starting LXC Container > >>> >> >> Initialization and Autoboot Code... > >>> >> >> -- Subject: Unit lxc.service has begun with start-up > >>> >> >> -- Defined-By: systemd > >>> >> >> -- Support: > >>> >> >> http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- > >>> >> >> -- Unit lxc.service has begun starting up. > >>> >> >> May 01 10:04:10 hyperv lxc-devsetup[1817]: Creating /dev/.lxc > >>> >> >> May 01 10:04:10 hyperv lxc-devsetup[1817]: /dev is devtmpfs > >>> >> >> May 01 10:04:10 hyperv lxc-devsetup[1817]: Creating /dev/.lxc/user > >>> >> >> May 01 10:04:10 hyperv systemd[1825]: Failed at step EXEC spawning > >>> >> >> /usr/libexec/lxc/lxc-startup: Permission denied > >>> >> > > >>> >> > Can you check the permissions on /usr/libexec/lxc/lxc-startup? The > >>> >> > rpm > >>> >> > spec file installs it 0555. Not sure why systemd can't exec it. > >>> >> > > >>> >> >> -- Subject: Process /usr/libexec/lxc/lxc-startup could not be > >>> >> >> executed > >>> >> >> -- Defined-By: systemd > >>> >> >> -- Support: > >>> >> >> http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- > >>> >> >> -- The process /usr/libexec/lxc/lxc-startup could not be executed > >>> >> >> and > >>> >> >> failed. -- > >>> >> >> -- The error number returned while executing this process is 13. > >>> >> >> May 01 10:04:10 hyperv systemd[1]: lxc.service: main process exited, > >>> >> >> code=exited, status=203/EXEC > >>> >> >> May 01 10:04:10 hyperv systemd[1]: Failed to start LXC Container > >>> >> >> Initialization and Autoboot Code. > >>> >> >> -- Subject: Unit lxc.service has failed > >>> >> >> > >>> >> >> On Thu, May 1, 2014 at 9:16 PM, CDR <vene...@gmail.com> wrote: > >>> >> >> > When I apply the patch over the git version, I keep getting > >>> >> >> > git am ../lxc.patch > >>> >> >> > Patch does not have a valid e-mail address > >>> >> >> > > >>> >> >> > How should I approach this? Sorry I am not an expert. > >>> >> >> > Philip > >>> >> >> > > >>> >> >> > On Thu, May 1, 2014 at 9:08 PM, Dwight Engen > >>> >> >> > <dwight.en...@oracle.com> wrote: > >>> >> >> >> On Thu, 1 May 2014 20:28:44 -0400 > >>> >> >> >> CDR <vene...@gmail.com> wrote: > >>> >> >> >> > >>> >> >> >>> Dear Friends > >>> >> >> >>> > >>> >> >> >>> I followed this instructions > >>> >> >> >>> > >>> >> >> >>> git clone git://github.com/lxc/lxc > >>> >> >> >>> cd lxc > >>> >> >> >>> git am /path/to/0001-have-systemd- > >>> >> >> >>> service-call-lxc-autostart-via-script.patch > >>> >> >> >>> ./autogen.sh > >>> >> >> >>> ./configure > >>> >> >> >>> make rpm > >>> >> >> >>> yum reinstall ~/rpmbuild/RPMS/x86_64/lxc* > >>> >> >> >>> > >>> >> >> >>> but the RPMs genrated are of a lower version of what I had, > >>> >> >> >>> compiled from code > >>> >> >> >>> > >>> >> >> >>> I get now > >>> >> >> >>> /root/rpmbuild/RPMS/x86_64/lxc-1.0.0-1.fc20.x86_64.rpm > >>> >> >> >>> /root/rpmbuild/RPMS/x86_64/lxc-devel-1.0.0-1.fc20.x86_64.rpm > >>> >> >> >>> /root/rpmbuild/RPMS/x86_64/lxc-debuginfo-1.0.0-1.fc20.x86_64.rpm > >>> >> >> >>> /root/rpmbuild/RPMS/x86_64/lxc-libs-1.0.0-1.fc20.x86_64.rpm > >>> >> >> >>> > >>> >> >> >>> but I have installed > >>> >> >> >>> > >>> >> >> >>> rpm -qa | grep lxc > >>> >> >> >>> lxc-devel-1.0.3-1.fc20.x86_64 > >>> >> >> >>> libvirt-daemon-driver-lxc-1.1.3.4-4.fc20.x86_64 > >>> >> >> >>> lxc-libs-1.0.3-1.fc20.x86_64 > >>> >> >> >>> lxc-debuginfo-1.0.3-1.fc20.x86_64 > >>> >> >> >>> lxc-1.0.3-1.fc20.x86_64 > >>> >> >> >>> > >>> >> >> >>> > >>> >> >> >>> Did I missed something? > >>> >> >> >> > >>> >> >> >> This is because you are building against git master, 1.0.3 is the > >>> >> >> >> stable branch. Stéphane, I wonder if we should set > >>> >> >> >> lxc_version_micro in master's configure.ac to x or git or > >>> >> >> >> something to make it clear that it isn't the tagged 1.0.0? Of > >>> >> >> >> course I don't know if .x is considered "newer" than .3 for an > >>> >> >> >> rpm > >>> >> >> >> upgrade but it would be less confusing for people building their > >>> >> >> >> own rpm. > >>> >> >> >> > >>> >> >> >>> Thanks for your continued assistance. > >>> >> >> >> > >>> >> >> >> Philip, you can uninstall your current packages with rpm -e > >>> >> >> >> lxc-devel lxc-debuginfo lxc-libs lxc and then install the ones > >>> >> >> >> you > >>> >> >> >> built. > >>> >> >> >> > >>> >> >> >>> Philip > >>> >> >> >>> _______________________________________________ > >>> >> >> >>> lxc-users mailing list > >>> >> >> >>> lxc-users@lists.linuxcontainers.org > >>> >> >> >>> http://lists.linuxcontainers.org/listinfo/lxc-users > >>> >> >> >> _______________________________________________ > >>> >> >> >> lxc-users mailing list > >>> >> >> >> lxc-users@lists.linuxcontainers.org > >>> >> >> >> http://lists.linuxcontainers.org/listinfo/lxc-users > >>> >> >> _______________________________________________ > >>> >> >> lxc-users mailing list > >>> >> >> lxc-users@lists.linuxcontainers.org > >>> >> >> http://lists.linuxcontainers.org/listinfo/lxc-users > >>> >> > _______________________________________________ > >>> >> > lxc-users mailing list > >>> >> > lxc-users@lists.linuxcontainers.org > >>> >> > http://lists.linuxcontainers.org/listinfo/lxc-users > >>> >> _______________________________________________ > >>> >> lxc-users mailing list > >>> >> lxc-users@lists.linuxcontainers.org > >>> >> http://lists.linuxcontainers.org/listinfo/lxc-users > >>> > > >>> > -- > >>> > Michael H. Warfield (AI4NB) | (770) 978-7061 | m...@wittsend.com > >>> > /\/\|=mhw=|\/\/ | (678) 463-0932 | > >>> > http://www.wittsend.com/mhw/ > >>> > NIC whois: MHW9 | An optimist believes we live in the best > >>> > of all > >>> > PGP Key: 0x674627FF | possible worlds. A pessimist is sure of > >>> > it! > >>> > > >>> > > >>> > _______________________________________________ > >>> > lxc-users mailing list > >>> > lxc-users@lists.linuxcontainers.org > >>> > http://lists.linuxcontainers.org/listinfo/lxc-users > >>> _______________________________________________ > >>> lxc-users mailing list > >>> lxc-users@lists.linuxcontainers.org > >>> http://lists.linuxcontainers.org/listinfo/lxc-users > >> > >> -- > >> Michael H. Warfield (AI4NB) | (770) 978-7061 | m...@wittsend.com > >> /\/\|=mhw=|\/\/ | (678) 463-0932 | > >> http://www.wittsend.com/mhw/ > >> NIC whois: MHW9 | An optimist believes we live in the best of > >> all > >> PGP Key: 0x674627FF | possible worlds. A pessimist is sure of it! > >> > >> > >> _______________________________________________ > >> lxc-users mailing list > >> lxc-users@lists.linuxcontainers.org > >> http://lists.linuxcontainers.org/listinfo/lxc-users > _______________________________________________ > lxc-users mailing list > lxc-users@lists.linuxcontainers.org > http://lists.linuxcontainers.org/listinfo/lxc-users -- Michael H. Warfield (AI4NB) | (770) 978-7061 | m...@wittsend.com /\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0x674627FF | possible worlds. A pessimist is sure of it!
signature.asc
Description: This is a digitally signed message part
_______________________________________________ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users
