[Bug 1098120] New: Unable to buid an run an image using sshd.

Thursday, 15 May 2014

https://bugzilla.redhat.com/show_bug.cgi?id=1098120

            Bug ID: 1098120
           Summary: Unable to buid an run an image using sshd.
           Product: Fedora
           Version: 20
         Component: docker-io
          Assignee: lsm5(a)redhat.com
          Reporter: pantinor(a)redhat.com
        QA Contact: extras-qa(a)fedoraproject.org
                CC: admiller(a)redhat.com, golang(a)lists.fedoraproject.org,
                    lsm5(a)redhat.com, mattdm(a)redhat.com,
                    mgoldman(a)redhat.com, s(a)shk.io, vbatts(a)redhat.com

Description of problem:

Unable to succesfully build and run a fairly simple image that used to work.

Version-Release number of selected component (if applicable):

$ docker -v
Docker version 0.11.1, build fb99f99/0.11.1

How reproducible:

Always

Steps to Reproduce:

mkdir docker_test
cd docker_test
wget  http://pastebin.com/raw.php?i=ie8BRcC4 -O Dockerfile
docker build -t sshd --no-cache  

Actual results:

$ docker build -t sshd --no-cache  .
Uploading context  2.56 kB
Uploading context 
Step 0 : FROM centos
 ---> 539c0211cd76
Step 1 : RUN yum install -y openssh-server
 ---> Running in 65f28c081323
Loaded plugins: fastestmirror
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package openssh-server.x86_64 0:5.3p1-94.el6 will be installed
--> Processing Dependency: openssh = 5.3p1-94.el6 for package:
openssh-server-5.3p1-94.el6.x86_64
--> Processing Dependency: libcrypto.so.10(libcrypto.so.10)(64bit) for package:
openssh-server-5.3p1-94.el6.x86_64
--> Processing Dependency: libcrypto.so.10(OPENSSL_1.0.1)(64bit) for package:
openssh-server-5.3p1-94.el6.x86_64
--> Processing Dependency: libwrap.so.0()(64bit) for package:
openssh-server-5.3p1-94.el6.x86_64
--> Processing Dependency: libfipscheck.so.1()(64bit) for package:
openssh-server-5.3p1-94.el6.x86_64
--> Running transaction check
---> Package fipscheck-lib.x86_64 0:1.2.0-7.el6 will be installed
--> Processing Dependency: /usr/bin/fipscheck for package:
fipscheck-lib-1.2.0-7.el6.x86_64
---> Package openssh.x86_64 0:5.3p1-94.el6 will be installed
---> Package openssl.x86_64 0:1.0.0-27.el6_4.2 will be updated
---> Package openssl.x86_64 0:1.0.1e-16.el6_5.7 will be an update
--> Processing Dependency: make for package: openssl-1.0.1e-16.el6_5.7.x86_64
---> Package tcp_wrappers-libs.x86_64 0:7.6-57.el6 will be installed
--> Running transaction check
---> Package fipscheck.x86_64 0:1.2.0-7.el6 will be installed
---> Package make.x86_64 1:3.81-20.el6 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

================================================================================
 Package                Arch        Version                  Repository    Size
================================================================================
Installing:
 openssh-server         x86_64      5.3p1-94.el6             base         311 k
Installing for dependencies:
 fipscheck              x86_64      1.2.0-7.el6              base          14 k
 fipscheck-lib          x86_64      1.2.0-7.el6              base         8.3 k
 make                   x86_64      1:3.81-20.el6            base         389 k
 openssh                x86_64      5.3p1-94.el6             base         258 k
 tcp_wrappers-libs      x86_64      7.6-57.el6               base          62 k
Updating for dependencies:
 openssl                x86_64      1.0.1e-16.el6_5.7        updates      1.5 M

Transaction Summary
================================================================================
Install       6 Package(s)
Upgrade       1 Package(s)

Total download size: 2.5 M
Downloading Packages:
--------------------------------------------------------------------------------
Total                                           569 kB/s | 2.5 MB     00:04     
warning: rpmts_HdrFromFdno: Header V3 RSA/SHA1 Signature, key ID c105b9de:
NOKEY
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
Importing GPG key 0xC105B9DE:
 Userid : CentOS-6 Key (CentOS 6 Official Signing Key)
<centos-6-key(a)centos.org&gt;
 Package: centos-release-6-4.el6.centos.10.x86_64 (@febootstrap/$releasever)
 From   : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing : tcp_wrappers-libs-7.6-57.el6.x86_64                          1/8 
  Installing : 1:make-3.81-20.el6.x86_64                                    2/8 
  Updating   : openssl-1.0.1e-16.el6_5.7.x86_64                             3/8 
  Installing : fipscheck-lib-1.2.0-7.el6.x86_64                             4/8 
  Installing : fipscheck-1.2.0-7.el6.x86_64                                 5/8 
  Installing : openssh-5.3p1-94.el6.x86_64                                  6/8 
  Installing : openssh-server-5.3p1-94.el6.x86_64                           7/8 
groupadd: failure while writing changes to /etc/group
  Cleanup    : openssl-1.0.0-27.el6_4.2.x86_64                              8/8 
  Verifying  : 1:make-3.81-20.el6.x86_64                                    1/8 
  Verifying  : tcp_wrappers-libs-7.6-57.el6.x86_64                          2/8 
  Verifying  : fipscheck-1.2.0-7.el6.x86_64                                 3/8 
  Verifying  : openssl-1.0.1e-16.el6_5.7.x86_64                             4/8 
  Verifying  : openssh-5.3p1-94.el6.x86_64                                  5/8 
  Verifying  : openssh-server-5.3p1-94.el6.x86_64                           6/8 
  Verifying  : fipscheck-lib-1.2.0-7.el6.x86_64                             7/8 
  Verifying  : openssl-1.0.0-27.el6_4.2.x86_64                              8/8 

Installed:
  openssh-server.x86_64 0:5.3p1-94.el6                                          

Dependency Installed:
  fipscheck.x86_64 0:1.2.0-7.el6           fipscheck-lib.x86_64 0:1.2.0-7.el6   
  make.x86_64 1:3.81-20.el6                openssh.x86_64 0:5.3p1-94.el6        
  tcp_wrappers-libs.x86_64 0:7.6-57.el6   

Dependency Updated:
  openssl.x86_64 0:1.0.1e-16.el6_5.7                                            

Complete!
 ---> e869dfd88b15
Removing intermediate container 65f28c081323
Step 2 : RUN sed -i 's/#PermitEmptyPasswords no/PermitEmptyPasswords
yes/;s/#UseDNS yes/UseDNS no/' /etc/ssh/sshd_config
 ---> Running in 8673e7861c41
sed: warning: failed to set default file creation context to
system_u:object_r:file_t:s0: Read-only file system ---> f49ebe0bc026
Removing intermediate container 8673e7861c41
Step 3 : CMD service sshd start ; bash
 ---> Running in b4db6af6261e
 ---> b9d7e3852943
Removing intermediate container b4db6af6261e
Successfully built b9d7e3852943

Expected results:

A build and run with no errors.
Everything works as expected when run for instance in a boot2docker vm:

https://github.com/boot2docker/boot2docker/releases/download/v0.9.1/boot2...

Additional info:

$ getenforce 
Permissive

The error is recent. I am not sure if the problem is Docker, selinux, or Centos
base files, but the full operation used to succed without any problem in past.

Note sed warning:
sed: warning: failed to set default file creation context to
system_u:object_r:file_t:s0: Read-only file system ---> f49ebe0bc026

When running a container from that image, the ssh fails:

$ docker run -t -i sshd
Generating SSH1 RSA host key: No such file or directory
                                                           [  OK  ]
Generating SSH2 RSA host key: No such file or directory
                                                           [  OK  ]
Generating SSH2 DSA host key: No such file or directory
                                                           [  OK  ]
Starting sshd: Privilege separation user sshd does not exist
                                                           [FAILED]
bash-4.1# exit

-- 
You are receiving this mail because:
You are on the CC list for the bug.

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

[Bug 1098120] New: Unable to buid an run an image using sshd.