search

nestybox / sysbox

An open-source, next-generation "runc" that empowers rootless containers to run workloads such as Systemd, Docker, Kubernetes, just like VMs.
Apache License 2.0
2.7k stars 151 forks source link

Libseccomp removal caused failure in runc in Makefile in rpm builds #748

Open arcivanov opened 9 months ago

arcivanov commented 9 months ago

Full logs are available here: https://download.copr.fedorainfracloud.org/results/karellen/karellen-sysbox/fedora-38-x86_64/06680595-karellen-sysbox/builder-live.log.gz

Do I need to depend on the system's libseccomp[-devel] now?

make[1]: Leaving directory '/builddir/build/BUILD/karellen-sysbox-0.6.2.30/sysbox/sysbox-ipc'
make[1]: Entering directory '/builddir/build/BUILD/karellen-sysbox-0.6.2.30/sysbox/sysbox-runc'
fatal: not a git repository (or any of the parent directories): .git
/bin/sh: line 1: lsmod: command not found
/bin/sh: line 1: lsmod: command not found
CGO_ENABLED=1  go build -buildvcs=false -trimpath  -tags "seccomp apparmor idmapped_mnt netgo osusergo" -ldflags "-extldflags -static -X 'main.edition=Community Edition (CE)' -X main.version=0.6.2 -X main.commitId= -X 'main.builtAt=Wed Nov 22 17:39:46 UTC 2023' -X 'main.builtBy='" -o build/amd64/sysbox-runc .
go: downloading github.com/checkpoint-restore/go-criu/v4 v4.1.0
go: downloading github.com/containerd/console v1.0.1
go: downloading github.com/coreos/go-systemd/v22 v22.1.0
go: downloading github.com/docker/go-units v0.4.0
go: downloading github.com/opencontainers/runtime-spec v1.1.1-0.20230823135140-4fec88fd00a4
go: downloading github.com/opencontainers/selinux v1.8.0
go: downloading github.com/pkg/errors v0.9.1
go: downloading github.com/pkg/profile v1.5.0
go: downloading github.com/sirupsen/logrus v1.9.0
go: downloading github.com/urfave/cli v1.22.1
go: downloading golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f
go: downloading github.com/docker/docker v20.10.2+incompatible
go: downloading github.com/Masterminds/semver v1.5.0
go: downloading github.com/cyphar/filepath-securejoin v0.2.2
go: downloading github.com/golang/protobuf v1.4.3
go: downloading github.com/moby/sys/mountinfo v0.4.0
go: downloading github.com/mrunalp/fileutils v0.5.0
go: downloading github.com/vishvananda/netlink v1.1.0
go: downloading github.com/godbus/dbus/v5 v5.0.3
go: downloading github.com/willf/bitset v1.1.11
go: downloading github.com/deckarep/golang-set/v2 v2.3.1
go: downloading github.com/deckarep/golang-set v1.7.1
go: downloading github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d
go: downloading google.golang.org/protobuf v1.25.0
go: downloading github.com/joshlf/go-acl v0.0.0-20200411065538-eae00ae38531
go: downloading github.com/karrick/godirwalk v1.16.1
go: downloading github.com/seccomp/libseccomp-golang v0.10.0
go: downloading github.com/vishvananda/netns v0.0.0-20191106174202-0a2b9b5464df
go: downloading google.golang.org/grpc v1.34.1
go: downloading github.com/spf13/afero v1.4.1
go: downloading github.com/russross/blackfriday/v2 v2.0.1
go: downloading github.com/docker/go-connections v0.4.0
go: downloading github.com/opencontainers/image-spec v1.0.1
go: downloading github.com/containerd/containerd v1.4.12
go: downloading github.com/docker/distribution v2.7.1+incompatible
go: downloading github.com/opencontainers/go-digest v1.0.0
go: downloading github.com/cilium/ebpf v0.3.0
go: downloading golang.org/x/net v0.0.0-20220722155237-a158d28d115b
go: downloading google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013
go: downloading golang.org/x/text v0.3.8
go: downloading github.com/shurcooL/sanitized_anchor_name v1.0.0
go: downloading github.com/gogo/protobuf v1.3.2
# pkg-config --cflags  -- libseccomp
Package libseccomp was not found in the pkg-config search path.
Perhaps you should add the directory containing `libseccomp.pc'
to the PKG_CONFIG_PATH environment variable
Package 'libseccomp', required by 'virtual:world', not found
pkg-config: exit status 1
make[1]: Leaving directory '/builddir/build/BUILD/karellen-sysbox-0.6.2.30/sysbox/sysbox-runc'
make[1]: *** [Makefile:169: static] Error 2
make: *** [Makefile:232: sysbox-runc-static] Error 2
error: Bad exit status from /var/tmp/rpm-tmp.BawSC8 (%build)
arcivanov commented 9 months ago

Managed to switch to make sysbox-local with Requires: libseccomp and BuidRequires: libseccomp-devel. The sysbox-static-local stopped building on CentOS/RHEL due to there not being static versions, i.e. libseccomp-static.

ctalledo commented 9 months ago

Hi @arcivanov, apologies for breaking that; I develop Sysbox on a Ubuntu host, so did not see the problem you report.

Do I need to depend on the system's libseccomp[-devel] now?

I am not sure, but probably yes, because you need the C libraries for libseccomp, so libseccomp-golang can reference them.

In general the switch I did is beneficial, because it makes Sysbox use upstream libseccomp & libseccomp-golang, rather than a forked version that we created a couple of years ago as libseccomp did not yet implement the functionality we needed.

If you have any further info on how to overcome the problem, please share it. Even better, if you can add the fixes on the appropriate Dockerfile here, that would be great.

Thanks!

arcivanov commented 9 months ago

Will do.

gadiener commented 7 months ago

Hey @arcivanov did you find a workaround? I have the same issue on AL2 using make sysbox-static although I see libseccomp-devel included in the Dockerfile here.

I get during the go build:

# github.com/nestybox/sysbox-runc
/usr/local/go/pkg/tool/linux_amd64/link: running gcc failed: exit status 1
/usr/bin/ld: cannot find -lseccomp
/usr/bin/ld: cannot find -lseccomp
collect2: error: ld returned 1 exit status
gadiener commented 7 months ago

Just opened a pull request here. Adding libseccomp-static in the Dockerfile seems to be the solution.