Devuan archive is not restored

A

al.semenenko88

Member
Dec 25, 2017
23
0
21
36
proxmox-ve: 6.3-1 (running kernel: 5.4.78-2-pve)
pve-manager: 6.3-3 (running version: 6.3-3/eee5f901)
pve-kernel-5.4: 6.3-3
pve-kernel-helper: 6.3-3
pve-kernel-5.4.78-2-pve: 5.4.78-2
pve-kernel-5.4.65-1-pve: 5.4.65-1
pve-kernel-5.4.34-1-pve: 5.4.34-2

I made lxc from devuan template:
Bash: 
# cat /etc/pve/lxc/304.conf
arch: amd64
cores: 1
hostname: t-pg-11-10-2-1-devuan
memory: 2048
net0: name=eth0,bridge=vmbr0,firewall=1,hwaddr=8A:E8:14:4C:CB:D3,ip=dhcp,tag=555,type=veth
ostype: debian
rootfs: data:subvol-304-disk-0,size=8G
swap: 512
unprivileged: 1

I backed up and restored as another lxc
Bash: 
# cat /etc/pve/lxc/108.conf
arch: amd64
cores: 1
hostname: t-pg-11-10-2-1-devuan
memory: 2048
net0: name=eth0,bridge=vmbr0,firewall=1,hwaddr=C6:F3:90:89:6B:90,ip=dhcp,tag=555,type=veth
ostype: devuan
rootfs: data:subvol-108-disk-0,size=8G
swap: 512
unprivileged: 1

In the web interface:
1613543092557.png
1613543192987.png
What's wrong?
 
pve-container in version 3.3-4 is now available on pvetest repository, can you please try that version?

Either by adding the pvetest repository and updating or manual installation:

Bash: 
wget http://download.proxmox.com/debian/pve/dists/buster/pvetest/binary-amd64/pve-container_3.3-4_all.deb
# verify checksum
sha256sum pve-container_3.3-4_all.deb
 f5bff6bde046cc8c4b77582e0548d6492ad35da3d9f087ab20283dfc73260eab  pve-container_3.3-4_all.deb
apt update
apt install ./pve-container_3.3-4_all.deb
 
t.lamprecht said:
pve-container in version 3.3-4 is now available on pvetest repository, can you please try that version?

Either by adding the pvetest repository and updating or manual installation:

Bash: 
wget http://download.proxmox.com/debian/pve/dists/buster/pvetest/binary-amd64/pve-container_3.3-4_all.deb
# verify checksum
sha256sum pve-container_3.3-4_all.deb
f5bff6bde046cc8c4b77582e0548d6492ad35da3d9f087ab20283dfc73260eab  pve-container_3.3-4_all.deb
apt update
apt install ./pve-container_3.3-4_all.deb
Click to expand...

The archive was restored, but did not start:
1613554239128.png
 
That seems unrelated to the intial issue.

Can you please post the output of the following command (please in text form, not image).

Bash: 
# container config from PVE pov:
pct config 108
# generated LXC config
cat /var/lib/lxc/108/config
# seccomp provile
cat /usr/share/lxc/config/common.seccomp
# finally a start with debug log enabled
pct start 108 --debug
 
t.lamprecht said:
That seems unrelated to the intial issue.

Can you please post the output of the following command (please in text form, not image).

Bash: 
# container config from PVE pov:
pct config 108
# generated LXC config
cat /var/lib/lxc/108/config
# seccomp provile
cat /usr/share/lxc/config/common.seccomp
# finally a start with debug log enabled
pct start 108 --debug
Click to expand...

Perhaps you need a devuan file in the directory /usr/share/lxc/config/.

Bash: 
# ls /usr/share/lxc/config/
alpine.common.conf     common.conf         fedora.userns.conf      opensuse.common.conf  plamo.userns.conf      sparclinux.common.conf    ubuntu.lucid.conf
alpine.userns.conf     common.conf.d       gentoo.common.conf      opensuse.userns.conf  pve-userns.seccomp     sparclinux.userns.conf    ubuntu.userns.conf
archlinux.common.conf  common.seccomp      gentoo.moresecure.conf  openwrt.common.conf   sabayon.common.conf    ubuntu-cloud.common.conf  userns.conf
archlinux.userns.conf  debian.common.conf  gentoo.userns.conf      oracle.common.conf    sabayon.userns.conf    ubuntu-cloud.lucid.conf   voidlinux.common.conf
centos.common.conf     debian.userns.conf  nesting.conf            oracle.userns.conf    slackware.common.conf  ubuntu-cloud.userns.conf  voidlinux.userns.conf
centos.userns.conf     fedora.common.conf  oci.common.conf         plamo.common.conf     slackware.userns.conf  ubuntu.common.conf
 
t.lamprecht said:
can you please post the command outputs I asked?
Click to expand...
Bash: 
# pct config 110
arch: amd64
cores: 1
hostname: test-devuan
memory: 512
net0: name=eth0,bridge=vmbr0,firewall=1,hwaddr=3A:2D:BC:07:D3:7C,ip=dhcp,tag=555,type=veth
ostype: debian
rootfs: data:subvol-110-disk-0,size=8G
swap: 512
unprivileged: 1

# pct config 110
arch: amd64
cores: 1
hostname: test-devuan
memory: 512
net0: name=eth0,bridge=vmbr0,firewall=1,hwaddr=3A:2D:BC:07:D3:7C,ip=dhcp,tag=555,type=veth
ostype: debian
rootfs: data:subvol-110-disk-0,size=8G
swap: 512
unprivileged: 1

# cat /var/lib/lxc/110/config
lxc.cgroup.relative = 0
lxc.cgroup.dir.monitor = lxc.monitor/110
lxc.cgroup.dir.container = lxc/110
lxc.cgroup.dir.container.inner = ns
lxc.arch = amd64
lxc.include = /usr/share/lxc/config/debian.common.conf
lxc.include = /usr/share/lxc/config/debian.userns.conf
lxc.seccomp.profile = /usr/share/lxc/config/pve-userns.seccomp
lxc.apparmor.profile = generated
lxc.apparmor.raw = deny mount -> /proc/,
lxc.apparmor.raw = deny mount -> /sys/,
lxc.mount.auto = sys:mixed
lxc.monitor.unshare = 1
lxc.idmap = u 0 100000 65536
lxc.idmap = g 0 100000 65536
lxc.tty.max = 2
lxc.environment = TERM=linux
lxc.uts.name = test-devuan
lxc.cgroup.memory.limit_in_bytes = 536870912
lxc.cgroup.memory.memsw.limit_in_bytes = 1073741824
lxc.cgroup.cpu.shares = 1024
lxc.rootfs.path = /var/lib/lxc/110/rootfs
lxc.net.0.type = veth
lxc.net.0.veth.pair = veth110i0
lxc.net.0.hwaddr = 3A:2D:BC:07:D3:7C
lxc.net.0.name = eth0
lxc.net.0.script.up = /usr/share/lxc/lxcnetaddbr
lxc.cgroup.cpuset.cpus = 8

# cat /usr/share/lxc/config/common.seccomp
2
blacklist
reject_force_umount  # comment this to allow umount -f;  not recommended
[all]
kexec_load errno 1
open_by_handle_at errno 1
init_module errno 1
finit_module errno 1
delete_module errno 1

# pct start 110 --debug
parse_config_v2: 595 Bad seccomp policy style "denylist
"
lxc_init: 833 Failed loading seccomp policy
__lxc_start: 1896 Failed to initialize container "110"
id map: type g nsid 0 hostid 100000 range 65536
INFO     lsm - lsm/lsm.c:lsm_init:29 - LSM security driver AppArmor
INFO     conf - conf.c:run_script_argv:340 - Executing script "/usr/share/lxc/hooks/lxc-pve-prestart-hook" for container "110", config section "lxc"
DEBUG    terminal - terminal.c:lxc_terminal_peer_default:655 - No such device - The process does not have a controlling terminal
ERROR    seccomp - seccomp.c:parse_config_v2:595 - Bad seccomp policy style "denylist
"
ERROR    start - start.c:lxc_init:833 - Failed loading seccomp policy
ERROR    start - start.c:__lxc_start:1896 - Failed to initialize container "110"
DEBUG    conf - conf.c:idmaptool_on_path_and_privileged:2679 - The binary "/usr/bin/newuidmap" does have the setuid bit set
DEBUG    conf - conf.c:idmaptool_on_path_and_privileged:2679 - The binary "/usr/bin/newgidmap" does have the setuid bit set
DEBUG    conf - conf.c:lxc_map_ids:2747 - Functional newuidmap and newgidmap binary found
startup for container '110' failed
 
You must log in or register to reply here.
Top Bottom