I am trying to build an Docker base image using livemedia-creator on CentOS 7.5 with latest patches installed is failing. Below is the error I am getting.
# livemedia-creator --make-tar --no-virt --iso=CentOS-6.10-x86_64-netinstall.iso --ks=centos-6.ks --image-name=centos-root.tar.xz
Starting package installation process
The installation was stopped due to incomplete spokes detected while running in non-interactive cmdline mode. Since there cannot be any questions in cmdline mode, edit your kickstart file and retry installation.
The exact error message is:
CmdlineError: Missing package: firewalld.
The installer will now terminate.
The kickstart file which I am using is as below
url --url="http://mirrors.kernel.org/centos/6.9/os/x86_64/"
install
keyboard us
lang en_US.UTF-8
rootpw --lock --iscrypted locked
authconfig --enableshadow --passalgo=sha512
timezone --isUtc Etc/UTC
selinux --enforcing
#firewall --disabled
firewall --disable
network --bootproto=dhcp --device=eth0 --activate --onboot=on
reboot
bootloader --location=none
# Repositories to use
repo --name="CentOS" --baseurl=http://mirror.centos.org/centos/6.9/os/x86_64/ --cost=100
repo --name="Updates" --baseurl=http://mirror.centos.org/centos/6.9/updates/x86_64/ --cost=100
# Disk setup
zerombr
clearpart --all
part / --size 3000 --fstype ext4
%packages --excludedocs --nobase --nocore
vim-minimal
yum
bash
bind-utils
centos-release
shadow-utils
findutils
iputils
iproute
grub
-*-firmware
passwd
rootfiles
util-linux-ng
yum-plugin-ovl
%end
%post --log=/tmp/anaconda-post.log
# Post configure tasks for Docker
# remove stuff we don't need that anaconda insists on
# kernel needs to be removed by rpm, because of grubby
rpm -e kernel
yum -y remove dhclient dhcp-libs dracut grubby kmod grub2 centos-logos \
hwdata os-prober gettext* bind-license freetype kmod-libs dracut
yum -y remove dbus-glib dbus-python ebtables \
gobject-introspection libselinux-python pygobject3-base \
python-decorator python-slip python-slip-dbus kpartx kernel-firmware \
device-mapper* e2fsprogs-libs sysvinit-tools kbd-misc libss upstart
#clean up unused directories
rm -rf /boot
rm -rf /etc/firewalld
# Randomize root's password and lock
dd if=/dev/urandom count=50 | md5sum | passwd --stdin root
passwd -l root
#LANG="en_US"
#echo "%_install_lang $LANG" > /etc/rpm/macros.image-language-conf
awk '(NF==0&&!done){print "override_install_langs='$LANG'\ntsflags=nodocs";done=1}{print}' \
< /etc/yum.conf > /etc/yum.conf.new
mv /etc/yum.conf.new /etc/yum.conf
echo 'container' > /etc/yum/vars/infra
rm -f /usr/lib/locale/locale-archive
#Setup locale properly
localedef -v -c -i en_US -f UTF-8 en_US.UTF-8
#disable services
for serv in `/sbin/chkconfig|cut -f1`; do /sbin/chkconfig "$serv" off; done;
mv /etc/rc1.d/S26udev-post /etc/rc1.d/K26udev-post
rm -rf /var/cache/yum/*
rm -f /tmp/ks-script*
rm -rf /etc/sysconfig/network-scripts/ifcfg-*
#Generate installtime file record
/bin/date +%Y%m%d_%H%M > /etc/BUILDTIME
%end
I am not able to figure out from where firewalld is being picked. Any thought how to fix this issue.
Related
I have a docker container built from the following image : FROM debian:9.11-slim
I try to install rust using the following line in my Dockerfile and it works fine until the last line. I get a permission denied error whenever I try to run /rust/cargo. However, if I connect to the container and run it from there via the command line it works. However, I need to be able to run rust/cargo commands from the docker file. Any help?
ENV RUSTUP_HOME=/rust/rustup
ENV CARGO_HOME=/rust/cargo
RUN set -eux; \
url="https://raw.githubusercontent.com/rust-lang/rustup/1.22.1/rustup-init.sh"; \
wget -O rustup-init.sh "$url"; \
echo "b273275cf4d83cb6b991c1090baeca54 rustup-init.sh" | md5sum -c -; \
echo "8928261388c8fae83bfd79b08d9030dfe21d17a8b59e9dcabda779213f6a3d14 rustup- init.sh" | sha256sum -c -; \
bash ./rustup-init.sh --profile=minimal -y -t thumbv7em-none-eabihf; \
rm rustup-init.sh; \
chmod -R go+rwX /rust; \
/rust/cargo --version
The problem is chmod -R go+rwX
How to reproduce:
We have file:
#!/bin/bash
echo good
~ $ ls -l file
total 0
-rw-r--r-- 1 user staff 0 Jun 30 11:49 file
~ $ ./file
-bash: ./file: Permission denied
~ $ chmod go+rwX file
~ $ ls -l file
-rw-rw-rw- 1 user staff 23 Jun 30 11:50 file
~ $ ./file
-bash: ./file: Permission denied
As you can see -rw-rw-rw- permissions don't allow to execute file
Solution is to use something of below:
chmod -R ug+rwx /rust (add all permissions to user and group)
chmod -R ugo+rwx /rust (add all permissions to all users)
chmod -R 777 /rust (add all permissions to all users (same as ugo+rwx))
chmod -R 755 /rust (add execution permissions to all users)
chmod 755 /rust/cargo (add execution permissions to all users only for execution file)
[if permissions already correct] don't set permissions at all (remove chmod -R go+rwX /rust) ← Best way
I faced a similar issue but in a slightly different situation. I was using docker-compose pipeline in GitHub actions on EC2 Self-Hosted Runner, based on the native GitHub pipeline. I didn't remove the Rust toolchain installation, which caused reinstallation of cargo in every build on EC2 instance changing permissions and sourcing binaries from cargo source ~/.cargo/env, hence the permission error on the default system user.
In my case, the solution was simply removing the installation of Rust from the workflow.yml and sourcing the system rust source ~/.bashrc.
I have set up a docker image and install ubuntu on it. Can you please tell me how can I install Openmodelica inside ubuntu to that docker image?
for example, if I want to install node.js on this docker image I could use this code:
apt install nodejs
so I need some codes like that to install open Modelica on my docker image.
p.s: my docker image is an ubuntu image.
I happened to create a Docker image for OpenModelica to debug something, so I might add it here as well. We got this questions in the OpenModelica forum as well.
While the answer of #sjoelund.se will stay up to date this one is a bit more explaining.
Dockerfile
FROM ubuntu:18.04
# Export DISPLAY, so a XServer can display OMEdit
ARG DEBIAN_FRONTEND=noninteractive
ENV DISPLAY=host.docker.internal:0.0
# Install wget, gnupg, lsb-release
RUN apt-get update \
&& apt install -y wget gnupg lsb-release
# Get the OpenModelica stable version
RUN for deb in deb deb-src; do echo "$deb http://build.openmodelica.org/apt `lsb_release -cs` stable"; done | tee /etc/apt/sources.list.d/openmodelica.list
RUN wget -q http://build.openmodelica.org/apt/openmodelica.asc -O- | apt-key add -
# Install OpenModelica
RUN apt-get update \
&& apt install -y openmodelica
# Install OpenModelica libraries (like all of them)
RUN for PKG in `apt-cache search "omlib-.*" | cut -d" " -f1`; do apt-get install -y "$PKG"; done
# Add non-root user for security
RUN useradd -m -s /bin/bash openmodelicausers
USER openmodelicausers
ENV HOME /home/openmodelicausers
ENV USER openmodelicausers
WORKDIR $HOME
# Return omc version
CMD ["omc", "--version"]
Let's build and tag it:
docker build --tag openmodelica:ubuntubionic .
How to use omc from the docker image
Let's create a small helloWorld.mo Modelica model:
model helloWorld
Real x(start=1.0, fixed=true);
equations
der(x) = 2.5*x;
end helloWorld;
and a MOS script which will simulate it, called runHelloWorld.mos
loadFile("helloWorld.mo"); getErrorString();
simulate(helloWorld); getErrorString();
Now we can make our files accessible to the docker container with the -v flag and run our small example with:
docker run \
--rm \
-v $(pwd):/home/openmodelicausers \
openmodelica:ubuntubionic \
omc runHelloWorld.mos
Note that -v needs an absolute path. I added --rm to clean up.
Using OMEdit with a GUI
I'm using Windows + Docker with WSL2. So in order to get OMEdit running I need to have a XServer installed on my Windows host system. They are not trivial to set up, but I'm using VcXsrv and so far it is working for me. On Linux this is of course much simpler.
I'm using this config to start XLaunch:
<?xml version="1.0" encoding="UTF-8"?>
<XLaunch WindowMode="MultiWindow" ClientMode="NoClient" LocalClient="False" Display="-1" LocalProgram="xcalc" RemoteProgram="xterm" RemotePassword="" PrivateKey="" RemoteHost="" RemoteUser="" XDMCPHost="" XDMCPBroadcast="False" XDMCPIndirect="False" Clipboard="True" ClipboardPrimary="True" ExtraParams="" Wgl="True" DisableAC="True" XDMCPTerminate="False"/>
But when the XServer is running you can use OMEdit in nearly the same fashion you would from a Linux OS, just mount some directory with your files and that's it:
docker run \
--rm \
-v $(pwd):/home/openmodelicausers \
openmodelica:ubuntubionic \
OMEdit
You could get some inspiration from the Dockerfiles that are used to generate the OpenModelica docker images. For example: https://github.com/OpenModelica/OpenModelicaDockerImages/tree/v1.16.2
I want to isolate a testing environment in docker, I did that on CentOS 6 How to let syslog workable in docker?
In CentOS 7, the syslog-ng's configuration is different, when I run
/usr/sbin/syslog-ng -F -p /var/run/syslogd.pid
It appears the following error message, but there is no proc/kmsg in config files.
syslog-ng: Error setting capabilities, capability management disabled; error='Operation not permitted'
Error opening file for reading; filename='/proc/kmsg', error='Operation not permitted (1)'
The Dockerfile
FROM centos
RUN yum update --exclude=systemd -y \
&& yum install -y yum-plugin-ovl \
&& yum install -y epel-release
RUN yum install -y syslog-ng syslog-ng-libdbi
The test process:
docker build -t t1 .
docker run --rm -i -t t1 /bin/bash
In container, run following commands
# check config, no keyword like proc/kmsg
cd /etc/syslog-ng
grep -r -E 'proc|kmsg'
/usr/sbin/syslog-ng -F -p /var/run/syslogd.pid
Change /etc/syslog-ng/syslog-ng.conf from
source s_sys {
system();
internal();
};
to
source s_sys {
unix-stream("/dev/log");
internal();
};
It still show error message, but running instead of exit
syslog-ng: Error setting capabilities, capability management disabled; error='Operation not permitted'
To solve this, just run with --no-caps option
/usr/sbin/syslog-ng --no-caps -F -p /var/run/syslogd.pid
I'm trying to setup Vagrant with docker as a provider but when running
vagrant up --provider=docker --debug
I get this error:
"rsync" was not detected as installed in your guest machine. This
is required for rsync synced folders to work. In addition to this,
Vagrant doesn't know how to automatically install rsync for your
machine, so you must do this manually.
Full log here:
http://pastebin.com/zCTSqibM
Vagrantfile
require 'yaml'
Vagrant.configure("2") do |config|
user_config = YAML.load_file 'user_config.yml'
config.vm.provider "docker" do |d|
d.build_dir = "."
d.has_ssh = true
d.ports = user_config['port_mapping']
d.create_args = ["--dns=127.0.0.1","--dns=8.8.8.8", "--dns=8.8.4.4"]
d.build_args = ['--no-cache=true'] end
config.vm.hostname = "dev"
config.ssh.username = "it" config.ssh.port = 22 config.ssh.private_key_path = ["./initial_ssh_key", user_config['ssh_private_key_path']] config.ssh.forward_agent = true
end
Dockerfile
FROM debian:jessie MAINTAINER IT <it#email.com>
RUN echo 'exit 0' > /usr/sbin/policy-rc.d
RUN echo 'debconf debconf/frontend select Noninteractive' | debconf-set-selections
RUN apt-get update RUN apt-get upgrade -y RUN apt-get install sudo apt-utils -y
RUN apt-get -y install sysvinit-core sysvinit sysvinit-utils RUN cp /usr/share/sysvinit/inittab /etc/inittab RUN apt-get remove -y --purge
--auto-remove systemd libpam-systemd systemd-sysv
RUN apt-get install ssh -y
RUN addgroup --system it RUN adduser --system --disabled-password
--uid 1000 --shell /bin/bash --home /home/it it RUN adduser it it RUN adduser it sudo
RUN echo "it ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
ADD initial_ssh_key.pub /home/it/.ssh/authorized_keys RUN chown it:it /home/it/ -R RUN echo "Host * \n\tStrictHostKeyChecking no" >> /etc/ssh/ssh_config
CMD exec /sbin/init
Note:
I'm on Mac OS X 10.12 and I've installed vagrant, virtualbox and docker I have rsync installed and added to my PATH in the host machine.
Also, the same vagrant and docker configs works perfectly on a ubuntu host.
How do I install rsync in the guest machine? Or is something else wrong with my config? Any ideas?
You may want to give the alternative boot2docker box a try: https://github.com/dduportal/boot2docker-vagrant-box
as it contains rsync while the hashicorp/boot2docker, which is used by default, seems to lack this!
If doing so, you must add the follwong line to your docker provider config (of course adopted to your system):
d.vagrant_vagrantfile = "../path/to/Vagrantfile"
This is because you're changing the docker provider host vm as described in the vagrant docker provider documentation.
Try adding rsync to your Docker file, somewhere in one of your apt-get lines. Linux hosts use NFS by default, that's why it works on your Ubuntu.
Normally Vagrant tries to install rsync on a guest machine, if that fails - it notifies you with that error message. More info on vagrant website (3rd paragraph in "Prerequisites" chapter)
I've got the following kickstart file (ks.cfg) for a raw centos installation. I'm trying to implement a "%post" process that will allow the installation to be modified, using you functions (install, groupremove, etc). The whole ks file is at the end of the issue.
I'm not sure why, but the following kickstart is not running the yum install mysql, yum install mysql-server in the post process.
After the install, entering "service mysql start" results in the err msg saying mysql is not found. I am, however, able to run the yum install cmds after installation, and mysql gets installed.
I know I'm missing something subtle, but not sure what it is.
%post
yum install mysql -y <<<<<<<<<<<<<<NOT WORKING!!!!!
yum install mysql-server -y <<<<<<<<<<<<<<NOT WORKING!!!!!
%end
Thanks
ks.cfg
[root#localhost ~]# cat /root/anaconda-ks.cfg
# Kickstart file automatically generated by anaconda.
#version=DEVEL
install
cdrom
lang en_US.UTF-8
keyboard us
network --onboot yes --device eth0 --bootproto dhcp
rootpw --iscrypted $1$JCZKA/by$sVSHffsPr3ZDUp6m7c5gt1
# Reboot after installation
reboot
firewall --service=ssh
authconfig --useshadow --enablemd5
selinux --enforcing
timezone --utc America/Los_Angeles
bootloader --location=mbr --driveorder=sda --append=" rhgb crashkernel=auto quiet"
# The following is the partition information you requested
# Note that any partitions you deleted are not expressed
# here so unless you clear all partitions first, this is
# not guaranteed to work
#clearpart --all --initlabel
#part /boot --fstype=ext4 --size=200
#part / --fstype=ext4 --grow --size=3000
#part swap --grow --maxsize=4064 --size=2032
repo --name="CentOS" --baseurl=cdrom:sr1 --cost=100
%packages
#Base
#Core
#Desktop
#Fonts
#General Purpose Desktop
#Internet Browser
#X Window System
binutils
gcc
kernel-devel
make
patch
python
%end
%post
cp /boot/grub/menu.lst /boot/grub/grub.conf.bak
sed -i 's/ rhgb//' /boot/grub/grub.conf
cp /etc/rc.d/rc.local /etc/rc.local.backup
cat >>/etc/rc.d/rc.local <<EOF
echo
echo "Installing VMware Tools, please wait..."
if [ -x /usr/sbin/getenforce ]; then oldenforce=\$(/usr/sbin/getenforce); /usr/sbin/setenforce permissive || true; fi
mkdir -p /tmp/vmware-toolsmnt0
for i in hda sr0 scd0; do mount -t iso9660 /dev/\$i /tmp/vmware-toolsmnt0 && break; done
cp -a /tmp/vmware-toolsmnt0 /opt/vmware-tools-installer
chmod 755 /opt/vmware-tools-installer
cd /opt/vmware-tools-installer
mv upgra32 vmware-tools-upgrader-32
mv upgra64 vmware-tools-upgrader-64
mv upgrade.sh run_upgrader.sh
chmod +x /opt/vmware-tools-installer/*upgr*
umount /tmp/vmware-toolsmnt0
rmdir /tmp/vmware-toolsmnt0
if [ -x /usr/bin/rhgb-client ]; then /usr/bin/rhgb-client --quit; fi
cd /opt/vmware-tools-installer
./run_upgrader.sh
mv /etc/rc.local.backup /etc/rc.d/rc.local
rm -rf /opt/vmware-tools-installer
sed -i 's/3:initdefault/5:initdefault/' /etc/inittab
mv /boot/grub/grub.conf.bak /boot/grub/grub.conf
if [ -x /usr/sbin/getenforce ]; then /usr/sbin/setenforce \$oldenforce || true; fi
if [ -x /bin/systemd ]; then systemctl restart prefdm.service; else telinit 5; fi
EOF
/usr/sbin/adduser test
/usr/sbin/usermod -p '$1$QcRcMih7$VG3upQam.lF4BFzVtaYU5.' test
/usr/sbin/adduser test1
/usr/sbin/usermod -p '$1$LMyHixbC$4.aATdKUb2eH8cCXtgFNM0' test1
/usr/bin/chfn -f 'ruser' root
%end
%post
yum install mysql -y <<<<<<<<<<<<<<NOT WORKING!!!!!
yum install mysql-server -y <<<<<<<<<<<<<<NOT WORKING!!!!!
%end
It was caused by line-ending when I faced same problem as you. Try to check line-ending of ks.cfg. It should be LF not CR+LF or CR.
It will be help you if you;
Try system-config-kickstart tool.
Find generated /root/anaconda-ks.cfg though there may be no %post section.
Cheers.
You should just put mysql and mysql-server into the %packages section, no need to do this in %post.