https://bugzilla.redhat.com/show_bug.cgi?id=1098120
Bug ID: 1098120
Summary: Unable to buid an run an image using sshd.
Product: Fedora
Version: 20
Component: docker-io
Assignee: lsm5(a)redhat.com
Reporter: pantinor(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: admiller(a)redhat.com, golang(a)lists.fedoraproject.org,
lsm5(a)redhat.com, mattdm(a)redhat.com,
mgoldman(a)redhat.com, s(a)shk.io, vbatts(a)redhat.com
Description of problem:
Unable to succesfully build and run a fairly simple image that used to work.
Version-Release number of selected component (if applicable):
$ docker -v
Docker version 0.11.1, build fb99f99/0.11.1
How reproducible:
Always
Steps to Reproduce:
mkdir docker_test
cd docker_test
wget
http://pastebin.com/raw.php?i=ie8BRcC4 -O Dockerfile
docker build -t sshd --no-cache
Actual results:
$ docker build -t sshd --no-cache .
Uploading context 2.56 kB
Uploading context
Step 0 : FROM centos
---> 539c0211cd76
Step 1 : RUN yum install -y openssh-server
---> Running in 65f28c081323
Loaded plugins: fastestmirror
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package openssh-server.x86_64 0:5.3p1-94.el6 will be installed
--> Processing Dependency: openssh = 5.3p1-94.el6 for package:
openssh-server-5.3p1-94.el6.x86_64
--> Processing Dependency: libcrypto.so.10(libcrypto.so.10)(64bit) for package:
openssh-server-5.3p1-94.el6.x86_64
--> Processing Dependency: libcrypto.so.10(OPENSSL_1.0.1)(64bit) for package:
openssh-server-5.3p1-94.el6.x86_64
--> Processing Dependency: libwrap.so.0()(64bit) for package:
openssh-server-5.3p1-94.el6.x86_64
--> Processing Dependency: libfipscheck.so.1()(64bit) for package:
openssh-server-5.3p1-94.el6.x86_64
--> Running transaction check
---> Package fipscheck-lib.x86_64 0:1.2.0-7.el6 will be installed
--> Processing Dependency: /usr/bin/fipscheck for package:
fipscheck-lib-1.2.0-7.el6.x86_64
---> Package openssh.x86_64 0:5.3p1-94.el6 will be installed
---> Package openssl.x86_64 0:1.0.0-27.el6_4.2 will be updated
---> Package openssl.x86_64 0:1.0.1e-16.el6_5.7 will be an update
--> Processing Dependency: make for package: openssl-1.0.1e-16.el6_5.7.x86_64
---> Package tcp_wrappers-libs.x86_64 0:7.6-57.el6 will be installed
--> Running transaction check
---> Package fipscheck.x86_64 0:1.2.0-7.el6 will be installed
---> Package make.x86_64 1:3.81-20.el6 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
openssh-server x86_64 5.3p1-94.el6 base 311 k
Installing for dependencies:
fipscheck x86_64 1.2.0-7.el6 base 14 k
fipscheck-lib x86_64 1.2.0-7.el6 base 8.3 k
make x86_64 1:3.81-20.el6 base 389 k
openssh x86_64 5.3p1-94.el6 base 258 k
tcp_wrappers-libs x86_64 7.6-57.el6 base 62 k
Updating for dependencies:
openssl x86_64 1.0.1e-16.el6_5.7 updates 1.5 M
Transaction Summary
================================================================================
Install 6 Package(s)
Upgrade 1 Package(s)
Total download size: 2.5 M
Downloading Packages:
--------------------------------------------------------------------------------
Total 569 kB/s | 2.5 MB 00:04
warning: rpmts_HdrFromFdno: Header V3 RSA/SHA1 Signature, key ID c105b9de:
NOKEY
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
Importing GPG key 0xC105B9DE:
Userid : CentOS-6 Key (CentOS 6 Official Signing Key)
<centos-6-key(a)centos.org>
Package: centos-release-6-4.el6.centos.10.x86_64 (@febootstrap/$releasever)
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : tcp_wrappers-libs-7.6-57.el6.x86_64 1/8
Installing : 1:make-3.81-20.el6.x86_64 2/8
Updating : openssl-1.0.1e-16.el6_5.7.x86_64 3/8
Installing : fipscheck-lib-1.2.0-7.el6.x86_64 4/8
Installing : fipscheck-1.2.0-7.el6.x86_64 5/8
Installing : openssh-5.3p1-94.el6.x86_64 6/8
Installing : openssh-server-5.3p1-94.el6.x86_64 7/8
groupadd: failure while writing changes to /etc/group
Cleanup : openssl-1.0.0-27.el6_4.2.x86_64 8/8
Verifying : 1:make-3.81-20.el6.x86_64 1/8
Verifying : tcp_wrappers-libs-7.6-57.el6.x86_64 2/8
Verifying : fipscheck-1.2.0-7.el6.x86_64 3/8
Verifying : openssl-1.0.1e-16.el6_5.7.x86_64 4/8
Verifying : openssh-5.3p1-94.el6.x86_64 5/8
Verifying : openssh-server-5.3p1-94.el6.x86_64 6/8
Verifying : fipscheck-lib-1.2.0-7.el6.x86_64 7/8
Verifying : openssl-1.0.0-27.el6_4.2.x86_64 8/8
Installed:
openssh-server.x86_64 0:5.3p1-94.el6
Dependency Installed:
fipscheck.x86_64 0:1.2.0-7.el6 fipscheck-lib.x86_64 0:1.2.0-7.el6
make.x86_64 1:3.81-20.el6 openssh.x86_64 0:5.3p1-94.el6
tcp_wrappers-libs.x86_64 0:7.6-57.el6
Dependency Updated:
openssl.x86_64 0:1.0.1e-16.el6_5.7
Complete!
---> e869dfd88b15
Removing intermediate container 65f28c081323
Step 2 : RUN sed -i 's/#PermitEmptyPasswords no/PermitEmptyPasswords
yes/;s/#UseDNS yes/UseDNS no/' /etc/ssh/sshd_config
---> Running in 8673e7861c41
sed: warning: failed to set default file creation context to
system_u:object_r:file_t:s0: Read-only file system ---> f49ebe0bc026
Removing intermediate container 8673e7861c41
Step 3 : CMD service sshd start ; bash
---> Running in b4db6af6261e
---> b9d7e3852943
Removing intermediate container b4db6af6261e
Successfully built b9d7e3852943
Expected results:
A build and run with no errors.
Everything works as expected when run for instance in a boot2docker vm:
https://github.com/boot2docker/boot2docker/releases/download/v0.9.1/boot2...
Additional info:
$ getenforce
Permissive
The error is recent. I am not sure if the problem is Docker, selinux, or Centos
base files, but the full operation used to succed without any problem in past.
Note sed warning:
sed: warning: failed to set default file creation context to
system_u:object_r:file_t:s0: Read-only file system ---> f49ebe0bc026
When running a container from that image, the ssh fails:
$ docker run -t -i sshd
Generating SSH1 RSA host key: No such file or directory
[ OK ]
Generating SSH2 RSA host key: No such file or directory
[ OK ]
Generating SSH2 DSA host key: No such file or directory
[ OK ]
Starting sshd: Privilege separation user sshd does not exist
[FAILED]
bash-4.1# exit
--
You are receiving this mail because:
You are on the CC list for the bug.