Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Error running in LXC container: **libbpf: Failed to bump RLIMIT_MEMLOCK (err = -1), you might need to do it explicitly!** #14

Closed
fv3rdugo opened this issue Nov 10, 2023 · 1 comment
Closed

Error running in LXC container: **libbpf: Failed to bump RLIMIT_MEMLOCK (err = -1), you might need to do it explicitly!** #14

fv3rdugo opened this issue Nov 10, 2023 · 1 comment

Comments

@fv3rdugo
Copy link

fv3rdugo commented Nov 10, 2023
edited
Loading

Hi, congratulations for sshlog 💯
I'm running sshlog in differents environments properly but I have a problem with sshlog when running inside a LXC container with PROXMOX. (Privileged or unprivileged, nesting or without nesting, with same error result)
I attach the logs below, It's a Debian 12. Thanks in advance and apologize me because it isn't a sshlog issue specific.

# sshlogd
Detected Plugin command_exit_code_filter with fields [{'name': 'filter_arg', 'required': True}]
Detected Plugin command_name_filter with fields [{'name': 'filter_arg', 'required': True}]
Detected Plugin command_name_regex_filter with fields [{'name': 'filter_arg', 'required': True}]
Detected Plugin command_output_contains_filter with fields [{'name': 'filter_arg', 'required': True}]
Detected Plugin command_output_contains_regex_filter with fields [{'name': 'filter_arg', 'required': True}]
Detected Plugin ignore_existing_logins_filter with fields [{'name': 'filter_arg', 'required': True}]
Detected Plugin require_tty_filter with fields [{'name': 'filter_arg', 'required': True}]
Detected Plugin username_filter with fields [{'name': 'filter_arg', 'required': True}]
Detected Plugin username_regex_filter with fields [{'name': 'filter_arg', 'required': True}]
Detected Plugin upload_file_path_filter with fields [{'name': 'filter_arg', 'required': True}]
Detected Plugin upload_file_path_regex_filter with fields [{'name': 'filter_arg', 'required': True}]
Detected Plugin webhook_action with fields [{'name': 'webhook_url', 'required': True}, {'name': 'do_get_request', 'required': False}]
Detected Plugin syslog_action with fields [{'name': 'server_address', 'required': True}, {'name': 'port', 'required': False}, {'name': 'program_name', 'required': False}, {'name': 'udp', 'required': False}, {'name': 'output_json', 'required': False}, {'name': 'facility', 'required': False}, {'name': 'severity', 'required': False}]
Detected Plugin email_action with fields [{'name': 'sender', 'required': True}, {'name': 'recipient', 'required': True}, {'name': 'subject', 'required': True}, {'name': 'body', 'required': True}, {'name': 'smtp_server', 'required': True}, {'name': 'smtp_port', 'required': True}, {'name': 'username', 'required': False}, {'name': 'password', 'required': False}]
Detected Plugin run_command_action with fields [{'name': 'command', 'required': True}, {'name': 'args', 'required': False}, {'name': 'timeout', 'required': False}]
Detected Plugin eventlogfile_action with fields [{'name': 'log_file_path', 'required': True}, {'name': 'output_json', 'required': False}, {'name': 'max_size_mb', 'required': False}, {'name': 'number_of_log_files', 'required': False}]
Detected Plugin slack_action with fields [{'name': 'slack_webhook_url', 'required': True}]
Detected Plugin statsd_action with fields [{'name': 'server_address', 'required': True}, {'name': 'port', 'required': False}, {'name': 'statsd_prefix', 'required': False}]
Detected Plugin sessionlog_action with fields [{'name': 'log_directory', 'required': True}, {'name': 'timestamp_frequency_seconds', 'required': False}]
Reading config file /etc/sshlog/sshlog.yaml
Configuration file /etc/sshlog/sshlog.yaml does not exist.  Skipping
Reading config file /etc/sshlog/conf.d/log_all_sessions.yaml
Reading config file /etc/sshlog/conf.d/log_events.yaml
Initializing event plugin stream_terminal
Initializing filter plugin ignore_existing_logins
Initializing action plugin log_all_sessions
Initialized action log_all_sessions with log directory /var/log/sshlog/sessions/
Initializing event plugin log_general_activity
Initializing filter plugin ignore_existing_logins
Initializing action plugin log_events
Initialized action log_events with log file path /var/log/sshlog/event.log
**libbpf: Failed to bump RLIMIT_MEMLOCK (err = -1), you might need to do it explicitly!**
libbpf: Error in bpf_object__probe_loading():Operation not permitted(1). Couldn't load trivial BPF program. Make sure your kernel supports BPF (CONFIG_BPF_SYSCALL=y) and/or that RLIMIT_MEMLOCK is set to big enough value.
libbpf: failed to load object 'sshtrace_bpf'
libbpf: failed to load BPF skeleton 'sshtrace_bpf': -1
Segmentation fault

~# uname -a
Linux vigor 5.15.74-1-pve #1 SMP PVE 5.15.74-1  x86_64 GNU/Linux


~# systemctl status sshlog
x sshlog.service - SSHLog Agent Service
     Loaded: loaded (/lib/systemd/system/sshlog.service; enabled; preset: enabled)
     Active: failed (Result: signal) since Fri 2023-11-10 15:01:12 UTC; 6min ago
   Duration: 402ms
    Process: 333 ExecStart=/usr/bin/sshlogd --logfile /var/log/sshlog/sshlogd.log (code=killed, signal=SEGV)
   Main PID: 333 (code=killed, signal=SEGV)
        CPU: 387ms

Nov 10 15:01:07 vigor systemd[1]: sshlog.service: Main process exited, code=killed, status=11/SEGV
Nov 10 15:01:07 vigor systemd[1]: sshlog.service: **Failed with result 'signal'.**
@fv3rdugo
Copy link
Author

Finally I reinstall the server in KVM instead a LXC container.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@fv3rdugo