ERGURNT: s6-overlay failed to start service on docker-1.10.3 #158
Comments
|
downgrade to docker 1.9.1, then it's OK |
|
@pubyun can you provide an example Dockerfile and run script? |
|
FROM docker.pubyun.com/pubyun/centos ENV S6_OVERLAY_VERSION v1.18.1.0 ADD file/ / ADD https://github.com/just-containers/s6-overlay/releases/download/v1.11.0.1/s6-overlay-amd64.tar.gz /tmp/ EXPOSE 22 ENTRYPOINT ["/init"] |
|
$ cat file/etc/services.d/sshd/run /usr/sbin/sshd -D |
|
type error in Dockfile, i have update to latest s6-overlay, same error: |
|
I can't pull from docker.pubyun.com/pubyun/centos, but here's a something to try out. I think you're doing a lot to work around a known issue: https://github.com/just-containers/s6-overlay#bin-and-sbin-are-symlinks - try just splitting up your tar extraction into two steps I made this Dockerfile: I was able to build and run it just fine on docker 1.11.2 |
|
i am runing docker on CentOS 7.2, which have many patches from RedHat. maybe this patch trigger the problem. it will merge into docker 1.12, but have patched for docker 1.10.3 of redhat: https://github.com/projectatomic/docker.git i add one line to Dockerfile, it works now. VOLUME ["/run"] can you test it on Docker 1.12? |
|
It sounds like your problem might be with the CentOS version of Docker? I'm unable to replicate your issue so I'm not sure if there's anything I can do. |
|
i test package from docker.com, version 1.11 and 1.12, it's OK. it fails when i use official package from centos: the "/run" directory was locked, and any files can't be executed under it. i add one line to Dockerfile, then it works: VOLUME ["/run"] |
|
i find the reason, there is noexec flag on /run: sudo docker run --rm=true -ti centos:s6 /bin/bash -c 'mount | grep run' /dev/mapper/vg0-var on /run/secrets type xfs (rw,relatime,attr2,inode64,noquota) |
|
@pubyun is this something centos+s6 related? Or just your custom docker image which overrides the |
|
@glerchundi when use without |
|
@glerchundi this is centos7 + s6 related. the script can't run for the noexec flag of /run |
|
I'm having this issue as well on CentOS 7.2 with Docker 1.10.3. It seems to be resolved after updating to Docker 1.12.1 with the directions in the Docker docs. I also forced recreation of the images after updating docker, which may have had some effect on SELinux flags ( |
|
ping |
|
if we rename /init script to other name, then all is OK. |
|
i fix the issue: ADD https://github.com/just-containers/s6-overlay/releases/download/v1.18.1.1/s6-overlay-amd64.tar.gz ENTRYPOINT ["/init.rhel"] |
|
I have the same issue using Docker packages in Fedora 25. You have most of the info above, but just to put my understanding of it together:
While the patch adding hooks hasn't yet been accepted upstream in docker, there is on-going discussion. As mentioned, changing the name from init to something else would 'fix' this. The workaround VOLUME ["/run"] works for me, as does running docker run -v /run ... There aren't offical docker packages for Fedora 25 yet (I haven't tried using the Fedora 24 repo in 25). |
|
Look I'll be real, if this is still an issue and somebody has a fix, open a PR. I'm not going to fix it. |
|
I just tested this via Note that |
after we upgrade docker 1.9.1 to docker-1.10.3 on centos 7, all docker container failed to start service:
s6-supervise (child): fatal: unable to exec run: Permission denied
s6-supervise (child): fatal: unable to exec run: Permission denied
s6-supervise supervisord: warning: unable to spawn ./run - waiting 10 seconds
s6-supervise sshd: warning: unable to spawn ./run - waiting 10 seconds
s6-supervise (child): fatal: unable to exec run: Permission denied
s6-supervise cron: warning: unable to spawn ./run - waiting 10 seconds
The text was updated successfully, but these errors were encountered: