Tag Archives: LXC

error: unpacking of archive failed on file /usr/sbin/suexec;5e440e82: cpio: cap_set_file

Leave a reply

Running transaction
Installing : httpd-2.4.6-90.el7.centos.x86_64 1/1
Error unpacking rpm package httpd-2.4.6-90.el7.centos.x86_64
error: unpacking of archive failed on file /usr/sbin/suexec;5e440e82: cpio: cap_set_file
Verifying : httpd-2.4.6-90.el7.centos.x86_64 1/1

Failed:
httpd.x86_64 0:2.4.6-90.el7.centos

/var/lib/lxc/new.server.lt/config
lxc.cap.drop =
lxc.cap.drop = mac_admin mac_override setpcap
lxc.cap.drop = sys_module sys_nice sys_pacct
lxc.cap.drop = sys_rawio sys_time

echo “%_netsharedpath /sys:/proc” >> /etc/rpm/macros.dist

Transaction test succeeded
Running transaction
Installing : httpd-2.4.6-90.el7.centos.x86_64

lxc Error creating container test

Leave a reply

sudo lxc-create -t download -n test
Error creating container test

sudo lxc-create -t download -n test -o aaa.log
lxc-create: test: confile.c: set_config_net: 258 lxc.net must not have a value
lxc-create: test: parse.c: lxc_file_for_each_line_mmap: 103 Failed to parse config: lxc.network.type = veth

vi /etc/lxc/default.conf
#lxc.network.type = veth
lxc.net.0.type = vet

#lxc.network.link = virbr0
lxc.net.0.link = virbr0

lxc.net.0.flags = up
lxc.net.0.hwaddr = 00:16:3e:xx:xx:xx

lxc-start: lxccontainer.c: wait_on_daemonized_start: 754 Received container state “STOPPING” instead of “RUNNING”

Leave a reply

It could be cause by this libvirt error: libvirtd[18329]: Failed to open file ‘/sys/class/net/vethSUT3FA/operstate’: No such file or directory

Fix:
brctl show
bridge name bridge id STP enabled interfaces
virbr0 8000.525400a97813 yes virbr0-nic

vim /var/lib/lxc/my_server/config
lxc.network.link = virbr0

lxc-start -n my_server -d

LXC container on Centos

1 Reply

LXC isn’t a real Virtualization technique, but is more like a chroot environment, but on “steroids”. Its similar to OpenVZ virtualization, but can use your native kernel version. In some cases its very important.

mkdir /var/lib/libvirt/lxc/centos-6-x86_64/etc/yum.repos.d/ -p  
cat /etc/yum.repos.d/CentOS-Base.repo |sed s/'$releasever'/6/g > /var/lib/libvirt/lxc/centos-6-x86_64/etc/yum.repos.d/CentOS-Base.repo
yum groupinstall core --installroot=/var/lib/libvirt/lxc/centos-6-x86_64/ --nogpgcheck -y
yum install plymouth libselinux-python --installroot=/var/lib/libvirt/lxc/centos-6-x86_64/ --nogpgcheck -y

You should crate selinux rule:

module lxc 1.0;

require {
type hald_t;
type virtd_lxc_t;
class dbus send_msg;
}

#============= hald_t ==============
allow hald_t virtd_lxc_t:dbus send_msg;

You should create manually your selinux rule to allow virtd_lxc_t to use dbus daemon. How crate custom selinux rules, you can check in other my article there.

chroot /var/lib/libvirt/lxc/centos-6-x86_64/ 

echo your_password_there |passwd root --stdin

#Fix root login on console

echo "pts/0" >>/etc/securetty

sed -i s/"session    required     pam_selinux.so close"/"#session    required     pam_selinux.so close"/g /etc/pam.d/login

sed -i s/"session    required     pam_selinux.so open"/"#session    required     pam_selinux.so open"/g /etc/pam.d/login

sed -i s/"session    required     pam_loginuid.so"/"#session    required     pam_loginuid.so"/g /etc/pam.d/login

#Configuring basic networking

cat > /etc/sysconfig/network << EOF

NETWORKING=yes

HOSTNAME=lxc.linux4you.tk

EOF

cat > /etc/sysconfig/network-scripts/ifcfg-eth0 << EOF

DEVICE=eth0

BOOTPROTO=dhcp

ONBOOT=yes

EOF

#Enabling sshd

chkconfig sshd on

# Fixing root login for sshd

sed -i s/"session    required     pam_selinux.so close"/"#session    required     pam_selinux.so close"/g /etc/pam.d/sshd

sed -i s/"session    required     pam_loginuid.so"/"#session    required     pam_loginuid.so"/g /etc/pam.d/sshd

sed -i s/"session    required     pam_selinux.so open env_params"/"#session    required     pam_selinux.so open env_params"/g /etc/pam.d/sshd

# Leaving the chroot'ed filesystem

exit
virt-install --connect lxc:/// --name test --ram 512 --vcpu 1 --filesystem /var/lib/libvirt/lxc/centos-6-x86_64/,/ --noautoconsole