[SOLVED] Non starting redis in restored container

K

kirillkr

New Member
Nov 30, 2020
6
0
1
44
Hello. Sorry for noob question. I have small home server with containers. For one of this Turnkey Nextcloud server have some error after I try install onlyoffice on this container. But some strange error set container not worked. I try fix problem but nothing. I found backup of this container. I delete it and restore from backup.
pct restore 105 media:backup/vzdump-lxc-105-2021_02_20-03_51_03.tar.zst -storage local-lvm
This container started, but nextcloud not worked. I found that after restore not worked Apache. I change owner for all files in nextcloud dir to www-data. This not help.
I try differend variant and this help me sudo sed -i -e 's,PrivateTmp=true,PrivateTmp=false\nNoNewPrivileges=yes,g' /lib/systemd/system/apache2.service
Ok this error happend with MariaDB, but solved (by search) with /etc/systemd/system/mariadb.service.d/lxc.conf

INI: 
[Service]
ProtectHome=false
ProtectSystem=false

# These settings turned out to not be necessary in my case, but YMMV
PrivateTmp=false
#PrivateNetwork=false
PrivateDevices=false

But I can't found solution for Redis. I try such for Apache2. Try reinstall with purge redis (and rdb). For now I have error (after purge redis and /var/log/redis)
Code: 
root@nextcloud .../www/nextcloud# sudo -u redis /usr/bin/redis-server /etc/redis/redis.conf

*** FATAL CONFIG FILE ERROR ***
Reading the configuration file, at line 171
>>> 'logfile /var/log/redis/redis-server.log'
Can't open the log file: Permission denied

Code: 
root@nextcloud .../www/nextcloud# namei -l /var/log/redis/redis-server.log
f: /var/log/redis/redis-server.log
drwxr-xr-x root  root  /
drwxr-xr-x root  root  var
drwxr-xr-x root  root  log
drw-rw-r-- redis redis redis
-rw-rw-rw- redis redis redis-server.log

Code: 
root@nextcloud .../www/nextcloud# stat /var/log/redis/redis-server.log
  File: /var/log/redis/redis-server.log
  Size: 0               Blocks: 0          IO Block: 4096   regular empty file
Device: fd0fh/64783d    Inode: 59          Links: 1
Access: (0666/-rw-rw-rw-)  Uid: (  107/   redis)   Gid: (  114/   redis)
Access: 2021-02-26 08:55:14.752168187 +0200
Modify: 2021-02-26 08:55:14.752168187 +0200
Change: 2021-02-26 08:58:51.815582282 +0200
 Birth: -

I try different answer for this problem, but not found worked for me.

Please help me - I don't know what I do and how fix this. Thank you
 
not too familiar with naemi output - but it seems that the directory /var/log/redis is missing it's execute bit?!
check with 'stat /var/log/redis'
change with `chmod +x /var/log/redis`

I hope this helps!
 
Thank you.. It's help. I fix one more error with can't chdir /var/lib/redis/ (writen in log).
But I return to begin error with redis:
Code: 
root@nextcloud ~# systemctl restart redis
Job for redis-server.service failed because the control process exited with error code.
See "systemctl status redis-server.service" and "journalctl -xe" for details.

Code: 
root@nextcloud ~# journalctl -xe
-- Subject: Automatic restarting of a unit has been scheduled
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- Automatic restarting of the unit redis-server.service has been scheduled, as the result for
-- the configured Restart= setting for the unit.
Feb 26 14:57:55 nextcloud systemd[1]: Stopped Advanced key-value store.
-- Subject: A stop job for unit redis-server.service has finished
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- A stop job for unit redis-server.service has finished.
--
-- The job identifier is 1588 and the job result is done.
Feb 26 14:57:55 nextcloud systemd[1]: redis-server.service: Start request repeated too quickly.
Feb 26 14:57:55 nextcloud systemd[1]: redis-server.service: Failed with result 'exit-code'.
-- Subject: Unit failed
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- The unit redis-server.service has entered the 'failed' state with result 'exit-code'.
Feb 26 14:57:55 nextcloud systemd[1]: Failed to start Advanced key-value store.
-- Subject: A start job for unit redis-server.service has failed
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- A start job for unit redis-server.service has finished with a failure.
--
-- The job identifier is 1588 and the job result is failed.
lines 2344-2372/2372 (END)
-- Subject: Automatic restarting of a unit has been scheduled
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- Automatic restarting of the unit redis-server.service has been scheduled, as the result for
-- the configured Restart= setting for the unit.
Feb 26 14:57:55 nextcloud systemd[1]: Stopped Advanced key-value store.
-- Subject: A stop job for unit redis-server.service has finished
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- A stop job for unit redis-server.service has finished.
--
-- The job identifier is 1588 and the job result is done.
Feb 26 14:57:55 nextcloud systemd[1]: redis-server.service: Start request repeated too quickly.
Feb 26 14:57:55 nextcloud systemd[1]: redis-server.service: Failed with result 'exit-code'.
-- Subject: Unit failed
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- The unit redis-server.service has entered the 'failed' state with result 'exit-code'.
Feb 26 14:57:55 nextcloud systemd[1]: Failed to start Advanced key-value store.
-- Subject: A start job for unit redis-server.service has failed
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- A start job for unit redis-server.service has finished with a failure.
--
-- The job identifier is 1588 and the job result is failed.
In log - nothing

Code: 
root@nextcloud ~# cat /var/log/redis/redis-server.log
root@nextcloud ~#
 
INI: 
root@nextcloud ~# cat /lib/systemd/system/redis-server.service
[Unit]
Description=Advanced key-value store
After=network.target
Documentation=http://redis.io/documentation, man:redis-server(1)

[Service]
Type=forking
ExecStart=/usr/bin/redis-server /etc/redis/redis.conf
ExecStop=/bin/kill -s TERM $MAINPID
PIDFile=/run/redis/redis-server.pid
TimeoutStopSec=0
Restart=always
User=redis
Group=redis
RuntimeDirectory=redis
RuntimeDirectoryMode=2755

UMask=007
PrivateTmp=yes
LimitNOFILE=65535
PrivateDevices=yes
ProtectHome=yes
ReadOnlyDirectories=/
ReadWriteDirectories=-/var/lib/redis
ReadWriteDirectories=-/var/log/redis
ReadWriteDirectories=-/var/run/redis

NoNewPrivileges=true
CapabilityBoundingSet=CAP_SETGID CAP_SETUID CAP_SYS_RESOURCE
MemoryDenyWriteExecute=true
ProtectKernelModules=true
ProtectKernelTunables=true
ProtectControlGroups=true
RestrictRealtime=true
RestrictNamespaces=true
RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX

# redis-server can write to its own config file when in cluster mode so we
# permit writing there by default. If you are not using this feature, it is
# recommended that you replace the following lines with "ProtectSystem=full".
ProtectSystem=true
ReadWriteDirectories=-/etc/redis

[Install]
WantedBy=multi-user.target
Alias=redis.service

Code: 
root@pve:~# cat /etc/pve/lxc/105.conf
arch: amd64
cores: 2
hostname: nextcloud
memory: 1024
mp0: /mnt/pve/media/data/media,mp=/mnt/media,acl=1
nameserver: 10.10.2.1
net0: name=eth0,bridge=vmbr0,firewall=1,hwaddr=E2:04:EB:92:F6:D0,ip=dhcp,type=veth
onboot: 1
ostype: debian
rootfs: local-lvm:vm-105-disk-0,size=8G
swap: 1024
root@pve:~#
 
I found error in syslog

Code: 
Feb 26 16:51:36 nextcloud systemd[1723]: redis-server.service: Failed to set up mount namespacing: Permission denied
Feb 26 16:51:36 nextcloud systemd[1723]: redis-server.service: Failed at step NAMESPACE spawning /usr/bin/redis-server: Permission denied
Feb 26 16:51:36 nextcloud kernel: [32564.865242] audit: type=1400 audit(1614351096.692:179): apparmor="DENIED" operation="mount" info="failed flags match" error=-13 profile="lxc-105_</var/lib/lxc>" name="/run/systemd/unit-root/" pid=21995 comm="(s-server)" srcname="/" flags="rw, rbind"
Feb 26 16:51:36 nextcloud systemd[1]: redis-server.service: Control process exited, code=exited, status=226/NAMESPACE
Feb 26 16:51:36 nextcloud systemd[1]: redis-server.service: Failed with result 'exit-code'.
 
This topic can be closed. I restore again with web ui access, and now it restored correctly.
 
grin said:
Except there is no solution listed. Does the same here and works without bloody damned systemd.
Click to expand...
Solution from another topic:
try running pct set CTID -features nesting=1 && pct reboot CTID and see if it works
Click to expand...
Shouldn't be a problem with new containers though, but if you encounter namespacing problem like me...
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back