Closed nminchow closed 5 months ago
@nminchow I am not able to test this in GCP, are you willing to open a PR for this to test it? I suspect you only will need to change this: https://github.com/thijsvanloef/palworld-server-docker/blob/aaf8ef5231f0fed920a332417bdac5d64fee2a8e/scripts/start.sh#L3C1-L3C30
Thanks for the quick response!
I'm glad you had me try. When I tell it to go through the interpreter by swapping the start command, it pushes the problem further down:
./PalServer.sh: line 5: /palworld/Pal/Binaries/Linux/PalServer-Linux-Test: Permission denied
And I believe that file is going to get overwritten ever time the container starts.
I'm a bit surprised as I've never run into issues of this variety in the past and I've run several images on this host OS without issue, including game servers that look to have a similar structure: ex1, ex2
@nminchow Have you made any new discoveries on this topic?
Nothing beyond my previous comment, I'm afraid.
I did some tests on Google Cloud. I can reproduce the errors @nminchow gets, if I define the docker image in the creation of the image as described above.
Success! App '2394010' fully installed.
*****CHECKING FOR EXISTING CONFIG*****
*****GENERATING CONFIG*****
timeout: failed to run command './PalServer.sh': Permission denied
cp: cannot create regular file '/palworld/Pal/Saved/Config/LinuxServer/PalWorldSettings.ini': No such file or directory
RCON_ENABLED=true
sed: can't read /palworld/Pal/Saved/Config/LinuxServer/PalWorldSettings.ini: No such file or directory
RCON_PORT=25575
sed: can't read /palworld/Pal/Saved/Config/LinuxServer/PalWorldSettings.ini: No such file or directory
BACKUP_ENABLED=true
*****STARTING SERVER*****
./PalServer.sh -queryport=27015
./start.sh: line 319: ./PalServer.sh: Permission denied
time="2024-01-31T22:21:04Z" level=info msg="read crontab: /home/steam/server/crontab"
To see if Palworld runs without docker (on a VM with a predefined Container), I also tried to run it directly with /home/palworld $ sh ./PalServer.sh
which gave me the error:
chmod: changing permissions of '/home/palworld/Pal/Binaries/Linux/PalServer-Linux-Test': Operation not permitted
./PalServer.sh: line 5: /home/palworld/Pal/Binaries/Linux/PalServer-Linux-Test: Permission denied
if I try to run the binary directly with bash or sh with the command sudo bash ./Pal/Binaries/Linux/PalServer-Linux-Test Pal "$@"
I get:
./Pal/Binaries/Linux/PalServer-Linux-Test: ./Pal/Binaries/Linux/PalServer-Linux-Test: cannot execute binary file
If found this on Stackoverflow, talking about this issue, but the suggested workaround, which was also mentioned in this thread doesn't seem to work.
If I do the following, it works:
sudo apt install docker docker-compose
sudo usermod -aG <your username> docker
+ logout and login againdocker run -p 8211:8211/udp -p 27015:27015/udp -v /home/palworld:/palworld/ thijsvanloef/palworld-server-docker:latest
Success! App '2394010' fully installed.
*****CHECKING FOR EXISTING CONFIG*****
*****GENERATING CONFIG*****
[S_API] SteamAPI_Init(): Loaded local 'steamclient.so' OK.
CAppInfoCacheReadFromDiskThread took 3 milliseconds to initialize
Setting breakpad minidump AppID = 2394010
[S_API FAIL] Tried to access Steam interface SteamUser021 before SteamAPI_Init succeeded.
[S_API FAIL] Tried to access Steam interface SteamFriends017 before SteamAPI_Init succeeded.
[S_API FAIL] Tried to access Steam interface STEAMAPPS_INTERFACE_VERSION008 before SteamAPI_Init succeeded.
[S_API FAIL] Tried to access Steam interface SteamNetworkingUtils004 before SteamAPI_Init succeeded.
RCON_ENABLED=true
RCON_PORT=25575
BACKUP_ENABLED=true
*****STARTING SERVER*****
./PalServer.sh -queryport=27015
time="2024-01-31T22:11:13Z" level=info msg="read crontab: /home/steam/server/crontab"
Shutdown handler: initalize.
Increasing per-process limit of core file size to infinity.
- Existing per-process limit (soft=18446744073709551615, hard=18446744073709551615) is enough for us (need only 18446744073709551615)
[S_API] SteamAPI_Init(): Loaded local 'steamclient.so' OK.
Setting breakpad minidump AppID = 2394010
[S_API FAIL] Tried to access Steam interface SteamUser021 before SteamAPI_Init succeeded.
[S_API FAIL] Tried to access Steam interface SteamFriends017 before SteamAPI_Init succeeded.
CAppInfoCacheReadFromDiskThread took 31 milliseconds to initialize
[S_API FAIL] Tried to access Steam interface STEAMAPPS_INTERFACE_VERSION008 before SteamAPI_Init succeeded.
[S_API FAIL] Tried to access Steam interface SteamNetworkingUtils004 before SteamAPI_Init succeeded.
If you create a VM with a docker container the home partition is mounted with noexec. If you install docker yourself it is not the case:
without docker container in VM creation
instance-1:~$ mount | grep noexec
sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime)
proc on /proc type proc (rw,nosuid,nodev,noexec,relatime)
devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000)
tmpfs on /run type tmpfs (rw,nosuid,nodev,noexec,relatime,size=402304k,mode=755,inode64)
securityfs on /sys/kernel/security type securityfs (rw,nosuid,nodev,noexec,relatime)
tmpfs on /run/lock type tmpfs (rw,nosuid,nodev,noexec,relatime,size=5120k,inode64)
cgroup2 on /sys/fs/cgroup type cgroup2 (rw,nosuid,nodev,noexec,relatime,nsdelegate,memory_recursiveprot)
pstore on /sys/fs/pstore type pstore (rw,nosuid,nodev,noexec,relatime)
efivarfs on /sys/firmware/efi/efivars type efivarfs (rw,nosuid,nodev,noexec,relatime)
bpf on /sys/fs/bpf type bpf (rw,nosuid,nodev,noexec,relatime,mode=700)
mqueue on /dev/mqueue type mqueue (rw,nosuid,nodev,noexec,relatime)
debugfs on /sys/kernel/debug type debugfs (rw,nosuid,nodev,noexec,relatime)
tracefs on /sys/kernel/tracing type tracefs (rw,nosuid,nodev,noexec,relatime)
fusectl on /sys/fs/fuse/connections type fusectl (rw,nosuid,nodev,noexec,relatime)
configfs on /sys/kernel/config type configfs (rw,nosuid,nodev,noexec,relatime)
ramfs on /run/credentials/systemd-sysctl.service type ramfs (ro,nosuid,nodev,noexec,relatime,mode=700)
ramfs on /run/credentials/systemd-sysusers.service type ramfs (ro,nosuid,nodev,noexec,relatime,mode=700)
ramfs on /run/credentials/systemd-tmpfiles-setup-dev.service type ramfs (ro,nosuid,nodev,noexec,relatime,mode=700)
ramfs on /run/credentials/systemd-tmpfiles-setup.service type ramfs (ro,nosuid,nodev,noexec,relatime,mode=700)
binfmt_misc on /proc/sys/fs/binfmt_misc type binfmt_misc (rw,nosuid,nodev,noexec,relatime)
with docker container in VM creation
instance-2 ~ $ mount | grep noexec
devtmpfs on /dev type devtmpfs (rw,nosuid,noexec,relatime,size=2006260k,nr_inodes=501565,mode=755)
proc on /proc type proc (rw,nosuid,nodev,noexec,relatime)
sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime)
securityfs on /sys/kernel/security type securityfs (rw,nosuid,nodev,noexec,relatime)
tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev,noexec)
devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000)
cgroup2 on /sys/fs/cgroup type cgroup2 (rw,nosuid,nodev,noexec,relatime,nsdelegate,memory_recursiveprot)
pstore on /sys/fs/pstore type pstore (rw,nosuid,nodev,noexec,relatime)
bpf on /sys/fs/bpf type bpf (rw,nosuid,nodev,noexec,relatime,mode=700)
mqueue on /dev/mqueue type mqueue (rw,nosuid,nodev,noexec,relatime)
debugfs on /sys/kernel/debug type debugfs (rw,nosuid,nodev,noexec,relatime,gid=605,mode=750)
tracefs on /sys/kernel/tracing type tracefs (rw,nosuid,nodev,noexec,relatime)
tmpfs on /tmp type tmpfs (rw,nosuid,nodev,noexec)
fusectl on /sys/fs/fuse/connections type fusectl (rw,nosuid,nodev,noexec,relatime)
configfs on /sys/kernel/config type configfs (rw,nosuid,nodev,noexec,relatime)
ramfs on /run/credentials/systemd-sysctl.service type ramfs (ro,nosuid,nodev,noexec,relatime,mode=700)
ramfs on /run/credentials/systemd-tmpfiles-setup-dev.service type ramfs (ro,nosuid,nodev,noexec,relatime,mode=700)
/dev/sda8 on /usr/share/oem type ext4 (ro,nosuid,nodev,noexec,relatime)
/dev/sda1 on /mnt/stateful_partition type ext4 (rw,nosuid,nodev,noexec,relatime,commit=30)
/dev/sda1 on /home type ext4 (rw,nosuid,nodev,noexec,relatime,commit=30)
/dev/sda1 on /var type ext4 (rw,nosuid,nodev,noexec,relatime,commit=30)
ramfs on /run/credentials/systemd-tmpfiles-setup.service type ramfs (ro,nosuid,nodev,noexec,relatime,mode=700)
ramfs on /run/credentials/systemd-resolved.service type ramfs (ro,nosuid,nodev,noexec,relatime,mode=700)
I hope this helps. Maybe someone with more experience in Google Cloud can help with this issue.
This issue has not been updated in a while. Marking this won't fix, as I have no plans to work on a fix.
Describe the bug
When the server attempts to start on a linux host where the supplied volume is on a
noexec
mounted filesystem, the server does not start.To Reproduce
thijsvanloef/palworld-server-docker
container image/home/palworld
on the host to/palworld
for simplicity)Expected behavior
The server starts 😄
Env
docker-compose.yml contents
not using compose
Container/Host Logs
Additional context
The volume mounts and installs fine, and all permissions look correct. If I go in and manually create the
Saved/Config/LinuxServer
path, the settings file does get made, but thesh: 1: ./PalServer.sh: Permission denied
error persists.In COS, most mounts are "noexec", and I suspect that is the culprit here. If an interpreter can be used to start the server, I believe this will work:
bash ./PalServer.sh
.I have manually created and stuck the volume on a non-noexec mount and I can start it successfully. However, this isn't easily sustainable as one needs to reconfigure the instance after every boot.