agris | please help me, OpenRC is stuck on sysinit runlevel indefinately | 05:41 |
---|---|---|
agris | on a fresh install | 05:41 |
xrogaan | I don't think I use openrc | 05:51 |
gnarface | agris: you installed all from the devuan repos right? | 05:53 |
gnarface | agris: everyone runs into a problem the first time, i think it's the same one every time too | 05:53 |
agris | yes | 05:53 |
gnarface | maybe missing package | 05:54 |
agris | how can I check? | 05:54 |
gnarface | maybe a unruly startup script | 05:54 |
gnarface | i wish i knew | 05:54 |
gnarface | one of these days i'll have to install it to try out | 05:54 |
agris | root@test2:/# rc-status | 05:54 |
agris | * Caching service dependencies ... [ ok ] | 05:54 |
agris | Runlevel: sysinit | 05:54 |
agris | mountkernfs.sh [ stopped ] | 05:54 |
gnarface | hmmm | 05:54 |
gnarface | and then it just hangs there? | 05:55 |
agris | stay's like that indefinitely until i type 'openrc' | 05:55 |
agris | until next reboot | 05:55 |
gnarface | wait, you type openrc then what? | 05:55 |
agris | then it says starting servers, entering runlevel 3, etc | 05:55 |
gnarface | hmmm | 05:56 |
gnarface | weird | 05:56 |
gnarface | how did you know to type openrc? | 05:56 |
gnarface | does it work if you type something else? | 05:56 |
agris | actually i take that back | 05:58 |
agris | it doesn't enter another runlevel | 05:58 |
agris | it just makes all the services in sysinit say started | 05:58 |
drawkula | what is /sbin/init? not openrc? | 05:59 |
gnarface | i think this has been discussed on the forums | 05:59 |
gnarface | if you changed to openrc from sysvinit in an existing install, there is some extra steps you have to take i just don't know what they are | 05:59 |
agris | I don't know what /sbin/init is | 06:00 |
agris | if it's openrc or not | 06:00 |
gnarface | if you chose openrc at installation time though, it is a different issue | 06:00 |
agris | I bootstrapped with openrc | 06:00 |
agris | gnarface, http://0x0.st/zfkh.mkv | 06:00 |
gnarface | uh, what's that? | 06:01 |
gnarface | i'm sorry not clicking on it, too paranoid | 06:01 |
agris | a video | 06:01 |
gnarface | ascii or beowulf? | 06:02 |
drawkula | $ dpkg --search /sbin/init # ? | 06:03 |
gnarface | might require sysvinit-core and sysvinit-utils | 06:05 |
gnarface | or something like that | 06:05 |
gnarface | even though it is openr | 06:05 |
gnarface | openrc* | 06:05 |
drawkula | https://dev1galaxy.org/viewtopic.php?id=2788 <<< openrc in forum | 06:05 |
agris | ascii | 06:08 |
agris | root@test2:/# dpkg --search /sbin/init | 06:08 |
agris | sysvinit-core: /sbin/init | 06:08 |
drawkula | https://dev1galaxy.org/viewtopic.php?pid=15542#p15542 <<< beowulf | 06:11 |
drawkula | that's a lot tinkering... stuff which should be done by sime install scrips... | 06:12 |
drawkula | maybe someone has fresher infos than shown there? | 06:13 |
agris | hmm | 06:13 |
agris | i edited /etc/init.d/rcS and now it's loading openrc, but it's still stuck in sysinit runlevel | 06:13 |
agris | hmm | 06:13 |
agris | yes, I really wish OpenRC was better supported | 06:14 |
drawkula | http://forums.debian.net/viewtopic.php?f=16&t=134915 <<< from debian9 days and HOAS can be reached in the d1g forum too... | 06:16 |
drawkula | there they set the kernel init= parameter to openrc-init but thjat may have evolved since 2017 | 06:18 |
agris | I don't know if that works for my situation as I'm using a kernel namespace not a full kernel | 06:20 |
agris | also, OpenRC loads fine on the hypervisor | 06:21 |
agris | and my other containers load openrc fine | 06:21 |
agris | don't know what's changed | 06:21 |
gnarface | oh, this is in a VM? | 06:37 |
gnarface | hmmm, interesting | 06:38 |
gnarface | maybe it is just one of the startup scripts trying to access something it can't | 06:38 |
gnarface | "mountkernfs.sh" sounds like the type of thing a guest VM shouldn't be able to do | 06:38 |
gnarface | the sysvinit scripts just fail loudly but startup/shutdown keeps going anyway | 06:38 |
gnarface | maybe one of the openrc scripts doesn't fail at it that gracefully | 06:39 |
gnarface | probably something about mounting swap or tmpfs? | 06:39 |
gnarface | if that's the case, it's probably something the hypervisor does anyway and you can just safely comment it out or even remove the offending script | 06:39 |
gnarface | agris: ^ | 06:40 |
agris | no | 06:42 |
agris | this is not a vm | 06:42 |
agris | this is a container | 06:42 |
gnarface | semantic irrelevance | 06:43 |
gnarface | check that mountkernfs.sh, figure out what it's actually trying to mount | 06:45 |
gnarface | i'd bet you'll find something it doesn't have permission to mount, that is probably already mounted in the first place | 06:45 |
gnarface | like the swap partition or something | 06:45 |
gnarface | and it probably *should* be changed to fail more gracefully but i doubt that's a case they would have considered | 06:46 |
gnarface | or if not mountkernfs.sh, whatever script is supposed to run right after it | 06:52 |
gnarface | i don't know openrc well enough to know exactly | 06:52 |
gnarface | but the whole point of containers *or* VMs, or any type of virtualization really, is to prevent access to certain host-level things that are often routine actions of startup scripots | 06:53 |
gnarface | scripts | 06:53 |
gnarface | this is all starting to give me deja-vu | 06:54 |
agris | gnarface, it does matter, a lot actually. In a containerization setup, there is absolutely zero 'virtualization' being done | 07:00 |
agris | and there is only one kernel | 07:00 |
agris | the kernel that runs on the bare metal | 07:00 |
agris | page nesting or special CPU instructions/features are not used at all | 07:01 |
gnarface | oh yea? log into a working container and unmount the host /tmp partition | 07:01 |
gnarface | try it | 07:01 |
gnarface | i mean, unmount it from inside the container | 07:02 |
gnarface | and the host swap partition | 07:02 |
gnarface | swapoff it | 07:02 |
gnarface | try it | 07:02 |
gnarface | i'm guessing you'll get a permission denied error | 07:02 |
gnarface | either that or the device won't even be visible | 07:03 |
gnarface | hell just look in /dev from inside the container | 07:04 |
gnarface | it's probably missing stuff | 07:04 |
gnarface | if you have other working ones, working with openrc, maybe it's even something simple you can put back | 07:05 |
gnarface | but it probably represents a big security risk then | 07:05 |
gnarface | which is important to know about even if you don't care in your use case | 07:05 |
agris | sure | 07:25 |
agris | there are problems with devuan ascii right now | 07:25 |
agris | specificly in the implementations of ascii's apparmor rules | 07:26 |
agris | but hopefully that will be fully resolved in beowulf | 07:26 |
agris | as it is in the debian equivalent, ubuntu, and alpine | 07:26 |
agris | as in the apparmor profile for lxc containers is incomplete, but not fully missing | 07:27 |
agris | https://github.com/lxc/lxc/issues/1895 | 07:27 |
agris | https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883703 | 07:28 |
agris | in other news I think I have resolved the issue | 07:29 |
agris | both /etc/inittab and /etc/init.d/rcS were wrong | 07:29 |
agris | and the thing is says on the forum to put in rcS is wrong | 07:30 |
agris | it should be set -e | 07:30 |
agris | exec /sbin/openrc | 07:30 |
agris | not set -e | 07:30 |
agris | exec /sbin/openrc sysinit | 07:30 |
agris | this makes the container boot properly again | 07:31 |
agris | I'm going to patch my templates then submit a pull request on git.devuan.org | 07:31 |
agris | hopefully the error 500s are gone by now or we've moved on to gitea | 07:31 |
agris | thank you gnarface. You did provide me enough information to figure out the rest of why it wasn't working | 07:39 |
gnarface | hmm, well the important part is that you got it working | 07:55 |
gnarface | there really aren't a lot of people using openrc on devuan yet, so your testing and fixes are important | 07:56 |
gnarface | you very well may have been the first person to try it with lxc containers | 07:59 |
agris | yeah | 08:27 |
agris | I find myself in that position a lot these days | 08:27 |
ErRandir | In ascii it runs an elogind daemon. Can it be disabled or does that cause issues? | 11:02 |
gnarface | you don't need it if you're not using a graphical login | 11:06 |
Generated by irclog2html.py 2.17.0 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!