search

dock0 / arch

Minimal base Arch image
MIT License
30 stars 11 forks source link

Build fails on Ubuntu 16.04 with Docker 1.12.0 #12

Closed fusion809 closed 7 years ago

fusion809 commented 8 years ago

Hi,

I noticed that building dock0/arch gave (where $ denotes what I ran and the remaining lines are the corresponding output:

$ git clone https://github.com/dock0/arch
Cloning into 'arch'...
remote: Counting objects: 944, done.
remote: Total 944 (delta 0), reused 0 (delta 0), pack-reused 944
Receiving objects: 100% (944/944), 6.54 MiB | 1.07 MiB/s, done.
Resolving deltas: 100% (477/477), done.
Checking connectivity... done.
$ cd arch
$ make
docker build -t arch meta
Sending build context to Docker daemon 3.072 kB
Step 1 : FROM dock0/build
latest: Pulling from dock0/build
9993a8534113: Pull complete 
0dc32daba4ff: Pull complete 
fd01d58690fd: Pull complete 
40d87ce20218: Pull complete 
fee76c1fa5e3: Pull complete 
3c77e53268f8: Pull complete 
62236b75e6f2: Pull complete 
b2f0378c2ce6: Pull complete 
b8209c01d241: Pull complete 
Digest: sha256:749eab75ede40831da708f3b9356ec1fc0e65e5c1d313e2236d990aee11f95c0
Status: Downloaded newer image for dock0/build:latest
 ---> 2a62e5c01b2f
Step 2 : MAINTAINER akerl <me@lesaker.org>
 ---> Running in 0d7dd3b9d360
 ---> 9138851fbd49
Removing intermediate container 0d7dd3b9d360
Step 3 : RUN pacman -Syu --needed --noconfirm mkinitcpio arch-install-scripts go
 ---> Running in 8e756137f06e
:: Synchronizing package databases...
 core is up to date
downloading extra.db...
downloading extra.db...
downloading extra.db...
downloading extra.db...
downloading extra.db...
downloading community.db...
downloading community.db...
downloading community.db...
downloading community.db...
downloading community.db...
downloading amylum.db...
downloading amylum.db.sig...
:: Starting full system upgrade...
resolving dependencies...
looking for conflicting packages...

Packages (12) dbus-1.10.8-1  hwids-20160421-1  kbd-2.0.3-1  kmod-23-1  libdbus-1.10.8-1  libelf-0.166-1  libseccomp-2.3.1-1  mkinitcpio-busybox-1.24.2-1  systemd-231-1  arch-install-scripts-17-1  go-2:1.7-1  mkinitcpio-20-1

Total Download Size:    36.79 MiB
Total Installed Size:  175.05 MiB

:: Proceed with installation? [Y/n] 
:: Retrieving packages...
downloading mkinitcpio-busybox-1.24.2-1-x86_64.pkg.tar.xz...
downloading kmod-23-1-x86_64.pkg.tar.xz...
downloading kmod-23-1-x86_64.pkg.tar.xz...
downloading kmod-23-1-x86_64.pkg.tar.xz...
downloading kmod-23-1-x86_64.pkg.tar.xz...
downloading kmod-23-1-x86_64.pkg.tar.xz...
downloading libdbus-1.10.8-1-x86_64.pkg.tar.xz...
downloading libdbus-1.10.8-1-x86_64.pkg.tar.xz...
downloading libdbus-1.10.8-1-x86_64.pkg.tar.xz...
downloading libdbus-1.10.8-1-x86_64.pkg.tar.xz...
downloading libdbus-1.10.8-1-x86_64.pkg.tar.xz...
downloading dbus-1.10.8-1-x86_64.pkg.tar.xz...
downloading dbus-1.10.8-1-x86_64.pkg.tar.xz...
downloading dbus-1.10.8-1-x86_64.pkg.tar.xz...
downloading dbus-1.10.8-1-x86_64.pkg.tar.xz...
downloading dbus-1.10.8-1-x86_64.pkg.tar.xz...
downloading kbd-2.0.3-1-x86_64.pkg.tar.xz...
downloading kbd-2.0.3-1-x86_64.pkg.tar.xz...
downloading kbd-2.0.3-1-x86_64.pkg.tar.xz...
downloading kbd-2.0.3-1-x86_64.pkg.tar.xz...
downloading kbd-2.0.3-1-x86_64.pkg.tar.xz...
downloading hwids-20160421-1-any.pkg.tar.xz...
downloading hwids-20160421-1-any.pkg.tar.xz...
downloading hwids-20160421-1-any.pkg.tar.xz...
downloading hwids-20160421-1-any.pkg.tar.xz...
downloading hwids-20160421-1-any.pkg.tar.xz...
downloading libelf-0.166-1-x86_64.pkg.tar.xz...
downloading libelf-0.166-1-x86_64.pkg.tar.xz...
downloading libelf-0.166-1-x86_64.pkg.tar.xz...
downloading libelf-0.166-1-x86_64.pkg.tar.xz...
downloading libelf-0.166-1-x86_64.pkg.tar.xz...
downloading libseccomp-2.3.1-1-x86_64.pkg.tar.xz...
downloading libseccomp-2.3.1-1-x86_64.pkg.tar.xz...
downloading libseccomp-2.3.1-1-x86_64.pkg.tar.xz...
downloading libseccomp-2.3.1-1-x86_64.pkg.tar.xz...
downloading libseccomp-2.3.1-1-x86_64.pkg.tar.xz...
downloading systemd-231-1-x86_64.pkg.tar.xz...
downloading systemd-231-1-x86_64.pkg.tar.xz...
downloading systemd-231-1-x86_64.pkg.tar.xz...
downloading systemd-231-1-x86_64.pkg.tar.xz...
downloading systemd-231-1-x86_64.pkg.tar.xz...
downloading mkinitcpio-20-1-any.pkg.tar.xz...
downloading mkinitcpio-20-1-any.pkg.tar.xz...
downloading mkinitcpio-20-1-any.pkg.tar.xz...
downloading mkinitcpio-20-1-any.pkg.tar.xz...
downloading mkinitcpio-20-1-any.pkg.tar.xz...
downloading arch-install-scripts-17-1-any.pkg.tar.xz...
downloading arch-install-scripts-17-1-any.pkg.tar.xz...
downloading arch-install-scripts-17-1-any.pkg.tar.xz...
downloading arch-install-scripts-17-1-any.pkg.tar.xz...
downloading arch-install-scripts-17-1-any.pkg.tar.xz...
downloading go-2:1.7-1-x86_64.pkg.tar.xz...
downloading go-2:1.7-1-x86_64.pkg.tar.xz...
downloading go-2:1.7-1-x86_64.pkg.tar.xz...
downloading go-2:1.7-1-x86_64.pkg.tar.xz...
downloading go-2:1.7-1-x86_64.pkg.tar.xz...
checking keyring...
checking package integrity...
loading package files...
checking for file conflicts...
:: Processing package changes...
installing mkinitcpio-busybox...
installing kmod...
installing libdbus...
installing dbus...
Optional dependencies for dbus
    libx11: dbus-launch support
installing kbd...
installing hwids...
installing libelf...
installing libseccomp...
installing systemd...
Initializing machine ID from random generator.
Creating group systemd-journal-upload with gid 998.
Creating user systemd-journal-upload (systemd Journal Upload) with uid 998 and gid 998.
Creating group systemd-coredump with gid 997.
Creating user systemd-coredump (systemd Core Dumper) with uid 997 and gid 997.
Creating group systemd-journal-remote with gid 996.
Creating user systemd-journal-remote (systemd Journal Remote) with uid 996 and gid 996.
Failed to write files: Operation not permitted
Created symlink /etc/systemd/system/getty.target.wants/getty@tty1.service → /usr/lib/systemd/system/getty@.service.
Created symlink /etc/systemd/system/multi-user.target.wants/remote-fs.target → /usr/lib/systemd/system/remote-fs.target.
:: Append 'init=/usr/lib/systemd/systemd' to your kernel command line in your
   bootloader to replace sysvinit with systemd, or install systemd-sysvcompat
chgrp: invalid group: 'systemd-journal-remote'
error: command failed to execute correctly
Optional dependencies for systemd
    cryptsetup: required for encrypted block devices
    libmicrohttpd: remote journald capabilities
    quota-tools: kernel-level quota management
    systemd-sysvcompat: symlink package to provide sysvinit binaries
    polkit: allow administration as unprivileged user
installing mkinitcpio...
Optional dependencies for mkinitcpio
    xz: Use lzma or xz compression for the initramfs image [installed]
    bzip2: Use bzip2 compression for the initramfs image [installed]
    lzop: Use lzo compression for the initramfs image
    lz4: Use lz4 compression for the initramfs image [installed]
    mkinitcpio-nfs-utils: Support for root filesystem on NFS
installing arch-install-scripts...
installing go...

The "liteide" package provides an IDE for editing and building Go projects.

Example use of the "go" tool:

    mkdir ~/go
    export GOPATH=~/go
    export PATH=$PATH:~/go/bin
    go get golang.org/x/tour/gotour

Optional dependencies for go
    mercurial: for fetching sources from mercurial repositories
    git: for fetching sources from git repositories [installed]
    bzr: for fetching sources from bazaar repositories
    subversion: for fetching sources from subversion repositories
    go-tools: doc, goimports, gorename, and other tools.
:: Running post-transaction hooks...
(1/1) Updating udev Hardware Database...
 ---> a77a7fcfc9f1
Removing intermediate container 8e756137f06e
Successfully built a77a7fcfc9f1
./meta/launch
pacstrap -c -d -G /build-pbpk $(cat packages)
==> Creating install root at /build-pbpk
mount: mount /build-pbpk on /build-pbpk failed: Permission denied
==> ERROR: failed to setup chroot /build-pbpk

Usage:
 umount [-hV]
 umount -a [options]
 umount [options] <source> | <directory>

Unmount filesystems.

Options:
 -a, --all               unmount all filesystems
 -A, --all-targets       unmount all mountpoints for the given device in the
                           current namespace
 -c, --no-canonicalize   don't canonicalize paths
 -d, --detach-loop       if mounted loop device, also free this loop device
     --fake              dry run; skip the umount(2) syscall
 -f, --force             force unmount (in case of an unreachable NFS system)
 -i, --internal-only     don't call the umount.<type> helpers
 -n, --no-mtab           don't write to /etc/mtab
 -l, --lazy              detach the filesystem now, clean up things later
 -O, --test-opts <list>  limit the set of filesystems (use with -a)
 -R, --recursive         recursively unmount a target with all its children
 -r, --read-only         in case unmounting fails, try to remount read-only
 -t, --types <list>      limit the set of filesystem types
 -v, --verbose           say what is being done

 -h, --help     display this help and exit
 -V, --version  output version information and exit

For more details see umount(8).
make: *** [Makefile:18: build] Error 1
Makefile:14: recipe for target 'container' failed
make: *** [container] Error 2

Thanks for your time, Brenton

akerl commented 8 years ago

Interesting. It appears to be failing inside pacstrap's code, where it tries to set up the build env.

Can you share some more details of your docker environment? Is it possible that your containers aren't being granted mount privileges, or are being otherwise restricted (thinking libseccomp or similar).

I've just confirmed that I'm able to build this still. I'm on docker 1.11 still on that build system, but will test out docker 1.12 tonight.

fusion809 commented 8 years ago

Will the output of docker version suffice as a description of my docker environment? If so here it is:

$ docker version
Client:
 Version:      1.12.0
 API version:  1.24
 Go version:   go1.6.3
 Git commit:   8eab29e
 Built:        Thu Jul 28 22:11:10 2016
 OS/Arch:      linux/amd64

as for the mount privileges well how would I test if they aren't? Sorry I'm not an advanced Docker user, I only use Docker occasionally mostly for building Linux packages.

akerl commented 8 years ago

The best bet might be to docker run -ti dock0/arch /bin/bash and try to use mount or pacstrap yourself, similar to how the makefile is running it. If it fails, that suggests that your configuration is blocking the docker process from mounting filesystems like it needs to

akerl commented 8 years ago

To add to that: the container is being launched by the build process w/ an additional capability:

❯ cat meta/launch
#!/usr/bin/env bash

docker run \
    --rm -t -i \
    --cap-add=SYS_ADMIN \
    -v $SSH_AUTH_SOCK:/auth.sock \
    -e SSH_AUTH_SOCK=/auth.sock \
    -v $(pwd):/opt/build \
    -v ~/.gitconfig:/etc/gitconfig \
    arch $1

SYS_ADMIN includes the ability to mount things needed by pacstrap. If that isn't working or has changed in 1.12, that would impact this.