search

nestybox / sysbox

An open-source, next-generation "runc" that empowers rootless containers to run workloads such as Systemd, Docker, Kubernetes, just like VMs.
Apache License 2.0
2.78k stars 152 forks source link

Sysbox unable to build in GCP's ubuntu VMs due to missing libseccomp.h #125

Closed rodnymolina closed 3 years ago

rodnymolina commented 3 years ago

I'm able to consistently reproduce this one in GCP's Ubuntu-Bionic and Ubuntu-Focal VMs:

$ make sysbox
...
** Building sysbox **

docker run --privileged --rm --hostname sysbox-build --name sysbox-build -v /home/rodny/wsp/11-17-2020/sysbox:/root/nestybox/sysbox -v /pkg/mod:/go/pkg/mod -v /lib/modules/5.4.0-1021-gcp:/lib/modules/5.4.0-1021-gcp:ro -v /usr/include/linux/seccomp.h:/usr/include/linux/seccomp.h:ro -v /usr/src/linux-headers-5.4.0-1021-gcp:/usr/src/linux-headers-5.4.0-1021-gcp:ro -v /usr/src/linux-gcp-5.4-headers-5.4.0-1021:/usr/src/linux-gcp-5.4-headers-5.4.0-1021:ro sysbox-test /bin/bash -c "buildContainerInit sysbox-local"
docker: Error response from daemon: OCI runtime create failed: container_linux.go:349: starting container process caused "process_linux.go:449: container init caused \"rootfs_linux.go:58: mounting \\\"/usr/include/linux/seccomp.h\\\" to rootfs \\\"/var/lib/docker/overlay2/2f75d4b5e4395f0b4d3c4ad7b48867464892568de36c30112abf4287976ae8d6/merged\\\" at \\\"/var/lib/docker/overlay2/2f75d4b5e4395f0b4d3c4ad7b48867464892568de36c30112abf4287976ae8d6/merged/usr/include/linux/seccomp.h\\\" caused \\\"not a directory\\\"\"": unknown: Are you trying to mount a directory onto a file (or vice-versa)? Check if the specified host path exists and is the expected type.
Makefile:127: recipe for target 'sysbox' failed
make: *** [sysbox] Error 125

There seems to be two separated issues to fix here:

1) Installer should add libseccomp-dev as a package dependency as only then we can guarantee that /usr/include/libseccom.h will be present. This may not be the proper header to utilize as we may need the seccomp.h that comes with the current kernel-headers.

2) There seems to be a misalignment in regards to the Sysbox's expected libseccomp.h path (i.e. /usr/include/linux/libseccomp.h) and the one where Ubuntu install this header (i.e. /usr/include/libseccomp.h).

rodnymolina commented 3 years ago

See this for more context.

ctalledo commented 3 years ago

Installer should add libseccomp-dev as a package dependency as only then we can guarantee that /usr/include/libseccom.h will be present. This may not be the proper header to utilize as we may need the seccomp.h that comes with the current kernel-headers.

We are looking for the libc linux headers, so the package we want is linux-libc-dev on ubuntu.

There seems to be a misalignment in regards to the Sysbox's expected libseccomp.h path (i.e. /usr/include/linux/libseccomp.h) and the one where Ubuntu install this header (i.e. /usr/include/libseccomp.h).

The libc linux headers are installed at /usr/include/linux.

ctalledo commented 3 years ago

Problem was fixed via PR #137. Refer to the description of that PR for the problem cause and fix.

Closing!