Re: [systemd-devel] systemd 231 and /dev/console in a docker container Update
I also found that when i start docker run --rm -it --security-opt=seccomp:unconfined --cap-add SYS_ADMIN --cap-add MKNOD -v /sys/fs/cgroup:/sys/fs/cgroup:ro fedora-25-image bash and then run the systemd (so that it is not pid 1) /lib/systemd/systemd --system --show-status=true --log-level=debug ==> then systemd starts normally (as pid 2) and the /dev/console node is _not_ deleted and it works as expected! So still puzzled what is happening, then run this as described below. docker --version Docker version 1.12.1, build 23cf638 cat /proc/version Linux version 4.7.3-200.fc24.x86_64 (mockbu...@bkernel01.phx2.fedoraproject.org) (gcc version 6.1.1 20160621 (Red Hat 6.1.1-3) (GCC) ) #1 SMP Wed Sep 7 17:31:21 UTC 2016 Am 18.09.2016 um 14:30 schrieb bal...@email.de: > > Hello, > > i hope this is the right list to ask this, if not it would be kind if > you would point me to the right forum. Currently i have systemd > running in a docker container, which works well in version 229 > (fedora 24 image). I have configured journald there to log to > console, so that i can see the logs via a simple docker logs -f > . Everything works fine with this. > > Recently i decided to to to run systemd 231 on fedora 25 beta and > rebuild my Dockerfile for fedora 25. After starting the container it > turned out that nothing was shown in docker logs -f > and after some investigation, that journald was terribly slow with > logging. After some strace sessions in the container i found that > writing to /dev/console was failing with "EIO" (-1). So i did > another test if this was docker problem and run simply a bash shell > with the container. To my surprise this worked fine. > > With a "docker exec run -it fedora-25-image bash" i could write to > console without any problems, when i did run a 'echo "Hello world" > >/dev/console" in the container. So i came to the conclusion that the > problem lies within systemd 231 and not withing Docker, as this worked > fine for fedora-24 based systemd 229 and also the simple bash test. > > At this point i investiged what was the difference. Basically it > turned out that on bash (and also on systemd 229 on fedora 24) the is > shown when i do a > > cat /proc/1/mountinfo |grep console ( /33 varies if you run more > than one container) > > 2769 2749 0:20 /33 /dev/console rw,nosuid,noexec,relatime - devpts > devpts rw,gid=5,mode=620,ptmxmode=0 > > when i do this with a fedora 25 image, where systemd is started as > process 1 i get for > > cat /proc/1/mountinfo |grep console > 2769 2749 0:20 */33//deleted */dev/console rw,nosuid,noexec,relatime - > devpts devpts rw,gid=5,mode=620,ptmxmode=000 > > > It seems that systemd somehow has deleted the /dev/console device, and > therefore a journald which wants to log to /dev/console in the > container gets an EIO . > > > In general i have started the systemd runs with the following options > (24 or 25) > docker run --rm -it --security-opt=seccomp:unconfined --cap-add > SYS_ADMIN -v /sys/fs/cgroup:/sys/fs/cgroup:ro fedora-25-image > /lib/systemd/systemd > > > My question is now is this a bug, or is this some kind of new feature, > where i need to set a special flag in systemd 231 (which one?) > > > Hope the description was sufficient. > > > > ___ > systemd-devel mailing list > systemd-devel@lists.freedesktop.org > https://lists.freedesktop.org/mailman/listinfo/systemd-devel ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] systemd 231 and /dev/console in a docker container
Hello, i hope this is the right list to ask this, if not it would be kind if you would point me to the right forum. Currently i have systemd running in a docker container, which works well in version 229 (fedora 24 image). I have configured journald there to log to console, so that i can see the logs via a simple docker logs -f . Everything works fine with this. Recently i decided to to to run systemd 231 on fedora 25 beta and rebuild my Dockerfile for fedora 25. After starting the container it turned out that nothing was shown in docker logs -f and after some investigation, that journald was terribly slow with logging. After some strace sessions in the container i found that writing to /dev/console was failing with "EIO" (-1). So i did another test if this was docker problem and run simply a bash shell with the container. To my surprise this worked fine. With a "docker exec run -it fedora-25-image bash" i could write to console without any problems, when i did run a 'echo "Hello world" >/dev/console" in the container. So i came to the conclusion that the problem lies within systemd 231 and not withing Docker, as this worked fine for fedora-24 based systemd 229 and also the simple bash test. At this point i investiged what was the difference. Basically it turned out that on bash (and also on systemd 229 on fedora 24) the is shown when i do a cat /proc/1/mountinfo |grep console ( /33 varies if you run more than one container) 2769 2749 0:20 /33 /dev/console rw,nosuid,noexec,relatime - devpts devpts rw,gid=5,mode=620,ptmxmode=0 when i do this with a fedora 25 image, where systemd is started as process 1 i get for cat /proc/1/mountinfo |grep console 2769 2749 0:20 */33//deleted */dev/console rw,nosuid,noexec,relatime - devpts devpts rw,gid=5,mode=620,ptmxmode=000 It seems that systemd somehow has deleted the /dev/console device, and therefore a journald which wants to log to /dev/console in the container gets an EIO . In general i have started the systemd runs with the following options (24 or 25) docker run --rm -it --security-opt=seccomp:unconfined --cap-add SYS_ADMIN -v /sys/fs/cgroup:/sys/fs/cgroup:ro fedora-25-image /lib/systemd/systemd My question is now is this a bug, or is this some kind of new feature, where i need to set a special flag in systemd 231 (which one?) Hope the description was sufficient. ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] How to handle daemon which takes some minutes to terminate?
Hi all, i have a daemon (ice generator) which behaves a little bit different than normal daemons. The icegeneratord daemon, provides me with an mp3 stream. Whenever i send a kill signal (TERM/HUP) this deamon will terminate eventually, however it will terminate after it has played the last song fully. Depending on where i am this can take up to 3 minutes before the daemon goes down - this is in order not interrupt plaing songs abruptly for listeners. However this kind of behaviour seems not be well interacting with systems, it hangs for some time when i issue an stop service. and than reports the service as failed, because the daemon simply catches alls signals and ends when the current song is finished - which seems to long for systems. What should i do in such a case? Regards ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] Service should run with a certain User?
Hi all, after doing the simple examples of .service scripts, i was able to run some of my home-brewn services with fedora 15 beta. However now i tried something advanced (?) and i have to admit defeat. I have simply no idea how to proceed. I used to run with upstart a script with an ugly solution to do something like that su cruisctl -c servicescript.sh This was not pretty, however the script did run under the wanted user. Now i tried the same thing with systemd. It worked if tried the ugly solution. I found that systemd has thee User= option, so i tried to avoid the su and start the script with systemed. But the service doesn't start when i set the User= option, it always returns a 203 error. Can somebody tell me what i am doing wrong? Here is my test setup [Unit] Description=Cruise Control After=local-fs.target network.target [Service] Type=simple EnvironmentFile=/etc/sysconfig/cruisctl User=cruisctl WorkingDirectory=/var/cruisecontrol #ExecStart=/usr/bin/java $CRUISCTLOPTIONS ExecStart=/root/test.sh $CRUISCTLOPTIONS [Install] WantedBy=multi-user.target The test.sh looks like this #!/bin/sh echo Start /tmp/x echo Directory: $(pwd) /tmp/x echo Ant Home: $ANT_HOME /tmp/x echo $1 $2 $3 $4 $5 $6 /tmp/x sleep 60 Error is like that cruisctl.service - Cruise Control Loaded: loaded (/lib/systemd/system/cruisctl.service) Active: failed Process: 4313 ExecStart=/root/test.sh $CRUISCTLOPTIONS (code=exited, status=203/EXEC) CGroup: name=systemd:/system/cruisctl.service ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Service should run with a certain User?
Hi, I am embarrassed to answer myself after hitting the send button. Of course i should not have put test.sh in /root , because the user has no rights to access it... It works now - but now the stopping the service seems a problem. It always goes to failed because the java vm seems to provide a status=143 Loaded: loaded (/lib/systemd/system/cruisctl.service) Active: failed Process: 4811 ExecStart=/usr/bin/java $CRUISCTLOPTIONS (code=exited, status=143) CGroup: name=systemd:/system/cruisctl.service Regards (and hoping that the solution will also come to me when i hit the send button) Here is the working script: # # Install # in directory /lib/systemd/system [Unit] Description=Cruise Control After=local-fs.target network.target [Service] Type=simple EnvironmentFile=/etc/sysconfig/cruisctl User=cruisctl WorkingDirectory=/var/cruisecontrol ExecStart=/usr/bin/java $CRUISCTLOPTIONS #ExecStart=/tmp/test.sh $CRUISCTLOPTIONS [Install] WantedBy=multi-user.target Am 23.04.2011 10:03, schrieb Baldur: Hi all, after doing the simple examples of .service scripts, i was able to run some of my home-brewn services with fedora 15 beta. However now i tried something advanced (?) and i have to admit defeat. I have simply no idea how to proceed. I used to run with upstart a script with an ugly solution to do something like that su cruisctl -c servicescript.sh This was not pretty, however the script did run under the wanted user. Now i tried the same thing with systemd. It worked if tried the ugly solution. I found that systemd has thee User= option, so i tried to avoid the su and start the script with systemed. But the service doesn't start when i set the User= option, it always returns a 203 error. Can somebody tell me what i am doing wrong? Here is my test setup [Unit] Description=Cruise Control After=local-fs.target network.target [Service] Type=simple EnvironmentFile=/etc/sysconfig/cruisctl User=cruisctl WorkingDirectory=/var/cruisecontrol #ExecStart=/usr/bin/java $CRUISCTLOPTIONS ExecStart=/root/test.sh $CRUISCTLOPTIONS [Install] WantedBy=multi-user.target The test.sh looks like this #!/bin/sh echo Start /tmp/x echo Directory: $(pwd) /tmp/x echo Ant Home: $ANT_HOME /tmp/x echo $1 $2 $3 $4 $5 $6 /tmp/x sleep 60 Error is like that cruisctl.service - Cruise Control Loaded: loaded (/lib/systemd/system/cruisctl.service) Active: failed Process: 4313 ExecStart=/root/test.sh $CRUISCTLOPTIONS (code=exited, status=203/EXEC) CGroup: name=systemd:/system/cruisctl.service ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel Am 23.04.2011 10:03, schrieb Baldur: Hi all, after doing the simple examples of .service scripts, i was able to run some of my home-brewn services with fedora 15 beta. However now i tried something advanced (?) and i have to admit defeat. I have simply no idea how to proceed. I used to run with upstart a script with an ugly solution to do something like that su cruisctl -c servicescript.sh This was not pretty, however the script did run under the wanted user. Now i tried the same thing with systemd. It worked if tried the ugly solution. I found that systemd has thee User= option, so i tried to avoid the su and start the script with systemed. But the service doesn't start when i set the User= option, it always returns a 203 error. Can somebody tell me what i am doing wrong? Here is my test setup [Unit] Description=Cruise Control After=local-fs.target network.target [Service] Type=simple EnvironmentFile=/etc/sysconfig/cruisctl User=cruisctl WorkingDirectory=/var/cruisecontrol #ExecStart=/usr/bin/java $CRUISCTLOPTIONS ExecStart=/root/test.sh $CRUISCTLOPTIONS [Install] WantedBy=multi-user.target The test.sh looks like this #!/bin/sh echo Start /tmp/x echo Directory: $(pwd) /tmp/x echo Ant Home: $ANT_HOME /tmp/x echo $1 $2 $3 $4 $5 $6 /tmp/x sleep 60 Error is like that cruisctl.service - Cruise Control Loaded: loaded (/lib/systemd/system/cruisctl.service) Active: failed Process: 4313 ExecStart=/root/test.sh $CRUISCTLOPTIONS (code=exited, status=203/EXEC) CGroup: name=systemd:/system/cruisctl.service ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
