BUG: machine-id (/etc/machine-id) not unique in lxc containers

C

crucerio

New Member
May 23, 2021
2
1
1
36
bug:
  • the id in /etc/machine-id is the same across multiple lxc containers with the same image

affected services:
  • systemd-network-d with slaac assisted dhcpv6
  • other services relying on machine-id to generate different types of identifiers

expected behaviour:
  • upon creation of new lxc containers, the init script should create a new machine-id.
workaround:
  • I'm manually changing the machine-id to be able to generate a duid for dhcpv6
 
Hi,

thanks for your report, but please report such issues or enhancement requests in our bug and feature tracker over at https://bugzilla.proxmox.com/

machine-id is a concept from the systemd world, not all distros support that, and additionally the existence of a preconfigured ID depends on what template is used, so it would be good to include what distro is running in your CTs and from which image they were created. The /etc/hostid is a related concept.

For operating system images which are created once and used on multiple machines,
for example for containers or in the cloud, /etc/machine-id should be either
missing or an empty file in the generic file system image (the difference between
the two options is described under "First Boot Semantics" below). An ID will be
generated during boot and saved to this file if possible. Having an empty file in
place is useful because it allows a temporary file to be bind-mounted over the real
file, in case the image is used read-only.

...

FIRST BOOT SEMANTICS
/etc/machine-id is used to decide whether a boot is the first one. The rules are as
follows:

1. If /etc/machine-id does not exist, this is a first boot. During early boot,
systemd will write "uninitialized\n" to this file and overmount a temporary
file which contains the actual machine ID. Later (after
first-boot-complete.target has been reached), the real machine ID will be
written to disk.

2. If /etc/machine-id contains the string "uninitialized", a boot is also
considered the first boot. The same mechanism as above applies.

3. If /etc/machine-id exists and is empty, a boot is not considered the first
boot. systemd will still bind-mount a file containing the actual machine-id
over it and later try to commit it to disk (if /etc/ is writable).

4. If /etc/machine-id already contains a valid machine-id, this is not a first
boot.

If by any of the above rules, a first boot is detected, units with
ConditionFirstBoot=yes will be run.
Click to expand...
-- man machine-id

So we actually want to remove the /etc/machine-id on initial image extraction on container create, and truncate it to an empty file on CT clone if it existed, as a cloned container, which parent was already booted once (else the file would not exist), cannot have a second first boot.

The hostid should be feshly generated on create, clone and on restore of a backup if the unique parameter is set.

crucerio said:
workaround:
  • I'm manually changing the machine-id to be able to generate a duid for dhcpv6
Click to expand...
Another work-around may be to remove the /etc/machine-id from the used template archive.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back