-
Notifications
You must be signed in to change notification settings - Fork 45
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Container based on opensuse:42.3 doesn't build because sudo errors #82
Comments
@eduardoj, I am puzzled, it only happens in leap 42.3, not in 42.2 neither in Tumbleweed... Looking for any difference at moment, but so far I couldn't see anything special in 42.3 yet. I am digging it. |
@eduardoj, finally I found the issue, apparently there is something wrong with the
No idea why it happens in Leap 42.3 and not in Leap 42.2, in both distros
So deleting the offending line in limits.conf solves the issue. I am not in favor of including such a hack in the base image definition, I will file a bug on @eduardoj could you verify that this change in Thanks -------- edit ------------- Just for reference I am including the bug number: bsc#1072826 |
Adding this line to Dockerfile.423 worked like a charm:
Thanks!! |
Great, closing the issue then |
* Prevents building error of opensuse:42.3 images du to an bug related with the configuration of pam. * More details can be found here: openSUSE/docker-containers#82
* Prevents building error of opensuse:42.3 images du to an bug related with the configuration of pam. * More details can be found here: openSUSE/docker-containers#82
I don't think this issue is resolved for leap 42.3. FROM opensuse/leap:42.3
RUN zypper --non-interactive install \
sudo
#fix bug: https://github.com/openSUSE/docker-containers/issues/82
RUN sed -i 's/.*root.*-.*nproc.*unlimited.*$//g' /etc/security/limits.conf
CMD sudo ls
|
Also of note, the default limits.conf in leap 42.3 does not have the offending line anymore:
|
I just determined that this issue is occurring on our Windows hosts running linux containers. It does not occur when running on a Linux host. |
If I read the bug report correctly, the issue seems to be that the policies specified in the container are higher than the ones the host allows. That might explain why it only fails on some hosts. |
No, sorry to bother, per my previous comment, this only happens on windows, thus, it's an issue with the LCOW layer. I've opened a new ticket with them accordingly. LCOW is known to have incomplete support for a number of things. For example, it just ignores the docker |
It might not be entirely. What's the output of |
|
Yeah, that's it - LCOW sets the nproc limit to 3766, but sudo tries to set it higher, to 16384.
|
Thanks for diagnosing! Since you understand the issue, can you see any manual workaround we can do? |
Yes, removing the limits completely: |
Works, thanks so much! |
Summary
Building a openbuildservice/frontend-base image from newly built openbuildservice/base image (that is built from opensuse:42.3 image) results in this error:
Building succesfully with a previous version of
opensuse:42.3
imageBuilding
openbuildservice/frontend-base
from the currently uploadedopenbuildservice/base
image still works.Make sure you have
docker
anddocker-compose
installed.Press Ctrl-C when all the containers are running.
The
openbuildservice/frontend-base
image should be built without any errors.Steps to reproduce the error
The
openbuildservice/frontend-base
image throw the errors pointed out above. Probably because something changed in theopensuse:42.3
image recently (between last two months).The text was updated successfully, but these errors were encountered: