On 12/30/2019 08:24 AM, Dmitry Konstantinov wrote: > Hi there, > > I've got a container based on a not too outdated gentoo (half a year > old). It starts/works OK on this: > > server1# uname -r; rpm -qa | grep vzctl > 3.10.0-957.12.2.vz7.86.2 > vzctl-7.0.201-1.vz7.x86_64 > libvzctl-7.0.515.1-1.vz7.x86_64 > > however today a new one created from the same cache won't start on this: > server2# uname -r; rpm -qa | grep vzctl > 3.10.0-1062.4.2.vz7.116.7 > libvzctl-7.0.542-2.vz7.x86_64 > vzctl-7.0.209-1.vz7.x86_64 > > container was copied to the server1 manually and has no problems > starting there. > > vzctl gives exitcode 3. > > vzctl.log has the following: > === > vzctl : CT 22 : Running the script: > /usr/libexec/libvzctl/dists/scripts/gentoo-add_ip.sh > flags=262144 > vzctl : CT 22 : Lock /var/lock/vzctl/22-enter.lck fd=7 > vzctl : CT 22 : flock lock > vzctl : CT 22 : * Wait on status > vzctl : CT 22 : Reset loginuid > vzctl : CT 22 : * Attach by pid 429792 > vzctl : CT 22 : Write /sys/fs/cgroup/cpu,cpuacct/machine.slice/22/tasks > <429919> > vzctl : CT 22 : Write /sys/fs/cgroup/cpuset/machine.slice/22/tasks <429919> > vzctl : CT 22 : Write /sys/fs/cgroup/net_cls,net_prio/machine.slice/22/tasks > <429919> > vzctl : CT 22 : Write /sys/fs/cgroup/memory/machine.slice/22/tasks <429919> > vzctl : CT 22 : Write /sys/fs/cgroup/devices/machine.slice/22/tasks <429919> > vzctl : CT 22 : Write /sys/fs/cgroup/blkio/machine.slice/22/tasks <429919> > vzctl : CT 22 : Write /sys/fs/cgroup/freezer/machine.slice/22/tasks <429919> > vzctl : CT 22 : Write /sys/fs/cgroup/beancounter/22/tasks <429919> > vzctl : CT 22 : Write /sys/fs/cgroup/ve/22/tasks <429919> > vzctl : CT 22 : Write /sys/fs/cgroup/perf_event/machine.slice/22/tasks > <429919> > vzctl : CT 22 : Write /sys/fs/cgroup/hugetlb/machine.slice/22/tasks <429919> > vzctl : CT 22 : Write /sys/fs/cgroup/pids/machine.slice/22/tasks <429919> > vzctl : CT 22 : Write /sys/fs/cgroup/systemd/22/tasks <429919> > 2019-12-29T22:15:50-0600 > vzctl : CT 22 : * attach to net > vzctl : CT 22 : * attach to uts > vzctl : CT 22 : * attach to ipc > vzctl : CT 22 : * attach to pid > vzctl : CT 22 : * attach to pid_for_children > vzctl : CT 22 : * attach to user > vzctl : CT 22 : * attach to mnt > vzctl : CT 22 : * Wait done ret=0 > vzctl : CT 22 : running: /usr/libexec/libvzctl/scripts/vz-net_del > vzctl : CT 22 : Deleting ip address(es): 192.168.10.11 > vzctl : CT 22 : Write /sys/fs/cgroup/ve/22/ve.ip_deny <192.168.10.11> > vzctl : CT 22 : * Failed to configure [3] > vzctl : CT 22 : Cancel init execution > vzeventd : Run: /etc/vz/vzevent.d/ve-stop id=22 > === > > the gentoo-add_ip.sh script is called but it doesn't look it is really > executed. 'echo "test"' or 'echo "test" >> /tmp/testfile', if added to > the script, do nothing. The files inside the container it is supposed > to modify remain empty/untouched. > > Any ideas how to fix this?
Any complains in dmesg? In particular i suspect something like: + WARN_ONCE(1, "The process %s from VE0 tried to execute untrusted file " + "%s from VEX\n", + current->comm, name->name); -- Best regards, Konstantin Khorenko, Virtuozzo Linux Kernel Team _______________________________________________ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
