On (15/01/15 09:01), Jan Pazdziora wrote: >On Wed, Jan 14, 2015 at 08:18:02PM -0800, Nathan Kinder wrote: >> Hi, >> >> I'm running into a strange problem related to ntpd when trying to use >> IPA in a container. I'm using the adelton/freeipa-server:fedora-21 and >> adelton/freeipa-client:fedora-21 docker images. Basically, the client >> install hangs when it runs ntpd. This is reproducible on two different >> docker hosts of mine, so it will probably easily reproduce for others as > >[...] > >> The /sbin/ipa-server-configure-first entrypoint script for the server >> image does a 'systemctl start-enabled' to bring up all of the services, >> which results in this output in /var/log/systemctl.log: >> >> -------------------------------------------------------------------- >> [start-enabled] >> [start ntpd.service] >> Running [export OPTIONS="-g -x"; /usr/sbin/ntpd -u ntp:ntp $OPTIONS] >> Marked pid [15] for [ntpd.service] >> Marked process name [/usr/sbin/ntpd] for [ntpd.service] >> ... >> -------------------------------------------------------------------- >> >> This is the same log output that is generated if I manually run >> 'systemctl start ntpd.service' from within the container, but the ntpd >> process stays around when I start it this way. It's hard to tell what >> might be happening to ntpd, as there is no journal in the container. >> >> I'm continuing to debug this, but I thought I'd share my findings thus >> far in case anyone else has seen this or has any ideas for tracking the >> problem down. Any ideas? > >You need to use --cap-add=SYS_TIME when running the server container >or ntpd will fail. Could you add this important information to the https://registry.hub.docker.com/u/adelton/freeipa-server/?
LS -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project