[Users] OVZ 7 beta - capabilities problem in centos 7 container

jjs - mainphrame jjs at mainphrame.com
Wed Jan 20 12:41:55 PST 2016 

Hi Konstantin  -

I wanted to make sure it wasn't a matter of my missing some new feature or
option, or something obvious.

A sanity check is always welcome, so thanks for the clarification!

Regards,

Joe

On Wed, Jan 20, 2016 at 7:49 AM, Konstantin Khorenko <khorenko at virtuozzo.com
> wrote:

> Hi J,
>
> thank you for the report, and yes, seems it's bug.
> i've filed it, so please track it further in
>
> https://bugs.openvz.org/browse/OVZ-6657
>
> And talking about deprecated "--capability" vzctl option -
> this is correct, capabilities should be virtualized, so this option should
> not be required in Virtuozzo 7.
>
> And your question was - how to troubleshoot it?
> The generic way is - to strace the installation, find the syscall which
> fails,
> and check in kernel code what makes it to return an error. :)
>
> Pasha will look into it, track the jira issue.
>
> Thank you again for noticing it!
>
> --
> Best regards,
>
> Konstantin Khorenko,
> Virtuozzo Linux Kernel Team
>
> On 01/14/2016 10:24 PM, jjs - mainphrame wrote:
>
>> Greetings,
>>
>> I recently attempted to upgrade some packages in an OVZ 7 Centos 7
>> container.
>>
>> I did not succeed; here is the relevant snippet:
>>
>>
>> Running transaction test
>> Transaction test succeeded
>> Running transaction
>>   Updating   : iputils-20121221-7.el7.x86_64                 Â
>> Â  Â  Â  Â  Â  Â  Â 1/4Â
>> Error unpacking rpm package iputils-20121221-7.el7.x86_64
>> error: unpacking of archive failed on file /usr/bin/ping: cpio:
>> cap_set_file
>> error: iputils-20121221-7.el7.x86_64: install failed
>>
>> Attempts to set the capabilities for the container resulted in this
>> message:
>>
>> [root at hachi ~]# vzctl set 1111 --capability cap_set_file:on --save
>> Warning: The --capability option is deprecated
>>
>> In any case, the yum operation continues to fail
>>
>> How might I proceed in troubleshooting this? A peek at the openvz bug
>> tracker seems to indicate this was fixed long ago, but here we are. Any
>> advice welcome
>>
>> Regards,
>>
>> J
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openvz.org/pipermail/users/attachments/20160120/05db3517/attachment.html>

More information about the Users mailing list