And of course it's a bug and is reported. https://bugs.launchpad.net/ubuntu/utopic/+source/linux/+bug/1390223
2015-03-11 22:58 GMT-03:00 Norberto Bensa <[email protected]>: > This one is a kernel issue. Going back to trusty's kernel solves these > issues with mailq and pam/kerberos/ldap. > > Good kernel: > > ii linux-image-3.13.0-46-generic 3.13.0-46.77 > amd64 Linux kernel image for version 3.13.0 > on 64 bit x86 SMP > > Bad: > > ii linux-image-3.16.0-31-generic 3.16.0-31.43 > amd64 Linux kernel image for version 3.16.0 > on 64 bit x86 SMP > > > > > > 2015-03-11 22:14 GMT-03:00 Norberto Bensa <[email protected]>: > > Update. >> >> # mailq >> Mail queue is empty >> # mailq >> postqueue: warning: close: Permission denied >> >> >> Same session. Less than a second between two consecutive mailq commands. >> So I made this test: >> >> # for i in {1..1000}; do mailq 2>&1 |grep Mail; done >> Mail queue is empty >> # for i in {1..1000}; do mailq 2>&1 |grep Mail; done >> # for i in {1..1000}; do mailq 2>&1 |grep Mail; done >> Mail queue is empty >> >> Does this ring any bell? I'm using postfix as an example but I think this >> is related to my kerberos/ldap/pam problem. Postfix is just easier to set >> up :-) >> >> Thanks! >> >> >> >> >> 2015-03-11 0:42 GMT-03:00 Norberto Bensa <[email protected]>: >> >> Hello, >>> >>> I upgraded my main box to ubuntu 14.10 and now my containers are failing >>> with weird permission problems. A simple test is this: >>> >>> $ sudo lxc-create -t ubuntu -n testing -- -r trusty >>> >>> In the containter install postfix (sudo apt-get install postfix). After >>> a basic postfix configuration, run mailq: >>> >>> $ mailq >>> postqueue: warning: close: Permission denied >>> >>> $ sudo mailq >>> postqueue: warning: close: Permission denied >>> >>> >>> Others containters are also failing with pam (?) related issues. For >>> example: >>> >>> $ ssh dana >>> Connection closed by 10.11.101.3 >>> >>> Now this one is more interesting for me because "dana" uses kerberos and >>> ldap. When I attach to the container, auth.log says: >>> >>> Mar 11 00:20:15 dana sshd[1503]: Authorized to zoolook, krb5 principal >>> [email protected] (krb5_kuserok) >>> Mar 11 00:20:15 dana sshd[1503]: fatal: Access denied for user zoolook >>> by PAM account configuration [preauth] >>> >>> This container was working with ubuntu trusty on the host BUT it also >>> failed when I tried utopic kernels on the host >>> (linux-image-generic-lts-utopic). >>> >>> Does anyone have any idea what it's going on? >>> >>> Thanks in advance, >>> Norberto >>> >> >> >
_______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users
