I also found that when i start docker run --rm -it --security-opt=seccomp:unconfined --cap-add SYS_ADMIN --cap-add MKNOD -v /sys/fs/cgroup:/sys/fs/cgroup:ro fedora-25-image bash
and then run the systemd (so that it is not pid 1) /lib/systemd/systemd --system --show-status=true --log-level=debug ==> then systemd starts normally (as pid 2) and the /dev/console node is _not_ deleted and it works as expected! So still puzzled what is happening, then run this as described below. docker --version Docker version 1.12.1, build 23cf638 cat /proc/version Linux version 4.7.3-200.fc24.x86_64 (mockbu...@bkernel01.phx2.fedoraproject.org) (gcc version 6.1.1 20160621 (Red Hat 6.1.1-3) (GCC) ) #1 SMP Wed Sep 7 17:31:21 UTC 2016 Am 18.09.2016 um 14:30 schrieb bal...@email.de: > > Hello, > > i hope this is the right list to ask this, if not it would be kind if > you would point me to the right forum. Currently i have systemd > running in a docker container, which works well in version 229 > (fedora 24 image). I have configured journald there to log to > console, so that i can see the logs via a simple docker logs -f > <containername>. Everything works fine with this. > > Recently i decided to to to run systemd 231 on fedora 25 beta and > rebuild my Dockerfile for fedora 25. After starting the container it > turned out that nothing was shown in docker logs -f <containername > > and after some investigation, that journald was terribly slow with > logging. After some strace sessions in the container i found that > writing to /dev/console was failing with "EIO" (-1). So i did > another test if this was docker problem and run simply a bash shell > with the container. To my surprise this worked fine. > > With a "docker exec run -it fedora-25-image bash" i could write to > console without any problems, when i did run a 'echo "Hello world" > >/dev/console" in the container. So i came to the conclusion that the > problem lies within systemd 231 and not withing Docker, as this worked > fine for fedora-24 based systemd 229 and also the simple bash test. > > At this point i investiged what was the difference. Basically it > turned out that on bash (and also on systemd 229 on fedora 24) the is > shown when i do a > > cat /proc/1/mountinfo |grep console ( /33 varies if you run more > than one container) > > 2769 2749 0:20 /33 /dev/console rw,nosuid,noexec,relatime - devpts > devpts rw,gid=5,mode=620,ptmxmode=0 > > when i do this with a fedora 25 image, where systemd is started as > process 1 i get for > > cat /proc/1/mountinfo |grep console > 2769 2749 0:20 */33//deleted */dev/console rw,nosuid,noexec,relatime - > devpts devpts rw,gid=5,mode=620,ptmxmode=000 > > > It seems that systemd somehow has deleted the /dev/console device, and > therefore a journald which wants to log to /dev/console in the > container gets an EIO . > > > In general i have started the systemd runs with the following options > (24 or 25) > docker run --rm -it --security-opt=seccomp:unconfined --cap-add > SYS_ADMIN -v /sys/fs/cgroup:/sys/fs/cgroup:ro fedora-25-image > /lib/systemd/systemd > > > My question is now is this a bug, or is this some kind of new feature, > where i need to set a special flag in systemd 231 (which one?) > > > Hope the description was sufficient. > > > > _______________________________________________ > systemd-devel mailing list > systemd-devel@lists.freedesktop.org > https://lists.freedesktop.org/mailman/listinfo/systemd-devel
_______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel