Steve, you are right. I was preparing this comment few mins ago:
"""Speaking with Andreas we had the idea to just exit 2 (at least one
test was skipped ret code) the test when running in a unprivileged
environment. That can be easily tested by changing memlock size limit as
root (need-root in test is needed) and checking for return error""" and
it goes the same direction as you pointed.
I'll add isolation-machine and skip test if ulimit -H -l can't be done
(since w/ need-root it will indicate a unprivileged namespace).
Tks!
** Changed in: auto-package-testing
Status: New => Invalid
** Changed in: corosync-qdevice (Ubuntu)
Assignee: Rafael David Tinoco (rafaeldtinoco) => (unassigned)
** No longer affects: corosync-qdevice (Ubuntu)
--
You received this bug notification because you are a member of Ubuntu
High Availability Team, which is subscribed to corosync in Ubuntu.
https://bugs.launchpad.net/bugs/1828228
Title:
corosync fails to start in unprivileged containers - autopkgtest
failure
Status in Auto Package Testing:
Invalid
Status in corosync package in Ubuntu:
In Progress
Bug description:
Currently pacemaker v2 fails to start in armhf containers (and by
extension corosync too).
I found that it is reproducible locally, and that I had to bump a few
limits to get it going.
Specifically I did:
1) bump memlock limits
2) bump rmem_max limits
= 1) Bump memlock limits =
I have no idea, which one of these finally worked, and/or is
sufficient. A bit of a whack-a-mole.
cat >>/etc/security/limits.conf <<EOF
* soft memlock unlimited
* hard memlock unlimited
EOF
lxc config set nice-mako limits.kernel.memlock 33554432
mkdir -p /etc/systemd/system/snap.lxd.daemon.service.d/
cat >/etc/systemd/system/snap.lxd.daemon.service.d/override.conf <<EOF
[Service]
LimitMEMLOCK=6553600000
EOF
systemctl daemon-reload
systemctl restart snap.lxd.daemon.service
= 2) Bump rmem_max values =
Observed:
# strace -s99999 -f /usr/sbin/corosync 2>&1 | grep sockop
[pid 447] setsockopt(12, SOL_SOCKET, SO_RCVBUF, [8388608], 4) = 0
[pid 447] getsockopt(12, SOL_SOCKET, SO_RCVBUF, [425984], [4]) = 0
[pid 447] setsockopt(12, SOL_SOCKET, SO_RCVBUFFORCE, [8388608], 4) = -1
EPERM (Operation not permitted)
Bumped mem_max using:
sudo sysctl -w net.core.wmem_max=8388608
sudo sysctl -w net.core.rmem_max=8388608
(Not sure if the desired sized depends on the machine/container I am
running on)
Can we check the values for above things on our armhf containers and/or bump
them? or like can we mark pacemaker v2.0 autopkgtest as ignored on armhf?
To manage notifications about this bug go to:
https://bugs.launchpad.net/auto-package-testing/+bug/1828228/+subscriptions
_______________________________________________
Mailing list: https://launchpad.net/~ubuntu-ha
Post to : [email protected]
Unsubscribe : https://launchpad.net/~ubuntu-ha
More help : https://help.launchpad.net/ListHelp
