Re: Starting a container with machinectl vs nspawn

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I tried systemctl on the host


  root@messagerie-recup[10.10.10.20] ~ # systemctl status -M clone-messagerie
  Failed to read server status: Transport endpoint is not connected
  root@messagerie-recup[10.10.10.20] ~ #


Best,
--
Yassine -- Sysadmin and SMTP Whisperer, delivering mail and bad puns since 2014.
57 70
023 50 01 11


Le 2/18/25 à 11:53, Yassine Chaouche a écrit :

Hello all,

I have been advised to use systemd-nspawn and machinectl in place of chroot to run services from a cloned, working remote host.
The cloning was done using rsync of the root filesystem (/) into a location in the new host,
then linking that location from /var/lib/machines/

When I start the machine with nspawn -bD
I get the login prompt from both the nspawn command itself
and from subsequent machinectl login commands (additional shells),
but the UID shifting doesn't happen,
and this is adds a layer of troubleshooting I'd like to avoid when diagnosing why a particular service isn't running in the container
(mysql for example)

If I then stop the container,
and start with machinectl start instead,
I have no errors when starting it,
but when I try to login with machinectl login I get the following error about dbus,
which I didn't have with nspawn:


   # machinectl login clone-messagerie
   Failed to get login PTY: There is no system bus in container clone-messagerie.
   #


but the machine seems to be running just fine,
and UID shift is applied:


   root@messagerie-recup[10.10.10.20] ~ # machinectl status clone-messagerie
   clone-messagerie(823952398253425ab703ecef4bdd936e)
              Since: Tue 2025-02-18 11:31:43 CET; 9min ago
             Leader: 251356 (systemd)
            Service: systemd-nspawn; class container
               Root: /mnt/anciennevar/clone-messagerie
              Iface: ve-clone-me-Nbp
                 OS: Debian GNU/Linux 8 (jessie)
          UID Shift: 38928384
               Unit: systemd-nspawn@clone-messagerie.service
                     ├─payload
                     │ ├─251356 /lib/systemd/systemd
                     │ ├─251426 /lib/systemd/systemd-journald
                     │ ├─251669 /usr/bin/freshclam -d --foreground=true
                     │ ├─251670 /usr/sbin/atd -f
                     │ ├─251673 /usr/sbin/cron -f
                     │ ├─251704 /usr/sbin/opendkim -x /etc/opendkim.conf -u postfix -P /var/run/opendkim/opendkim.pid
                     │ ├─251763 /usr/sbin/irqbalance --pid=/var/run/irqbalance.pid
                     │ ├─251768 /usr/sbin/ntpd -p /var/run/ntpd.pid -g -u 112:119
                     │ ├─251947 /usr/sbin/apache2 -k start
                     │ ├─251993 /usr/sbin/apache2 -k start
                     │ ├─251994 /usr/sbin/apache2 -k start
                     │ ├─251997 /usr/sbin/apache2 -k start
                     │ ├─251999 /usr/sbin/apache2 -k start
                     │ ├─252000 /usr/sbin/apache2 -k start
                     │ ├─252166 /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
                     │ ├─252572 /usr/sbin/rsyslogd -n
                     │ ├─252574 /usr/sbin/acpid
                     │ └─252579 /usr/sbin/sshd -D
                     └─supervisor
                       └─251354 systemd-nspawn --quiet --keep-unit --boot --link-journal=try-guest --network-veth -U --settings=override --machine=clone-messagerie
   Feb 18 11:32:59 messagerie-recup systemd-nspawn[251354]: [  OK  ] Started LSB: starts FusionInventory Agent.
   Feb 18 11:32:59 messagerie-recup systemd-nspawn[251354]: [  OK  ] Started LSB: Apache2 web server.
   Feb 18 11:32:59 messagerie-recup systemd-nspawn[251354]: [  OK  ] Started LSB: Starts and daemonize Glances server.
   Feb 18 11:32:59 messagerie-recup systemd-nspawn[251354]: [  OK  ] Started LSB: disk temperature monitoring daemon.
   Feb 18 11:32:59 messagerie-recup systemd-nspawn[251354]: [  OK  ] Started LSB: Start NTP daemon.
   Feb 18 11:32:59 messagerie-recup systemd-nspawn[251354]: [  OK  ] Started LSB: Starts amavisd-new mailfilter.
   Feb 18 11:32:59 messagerie-recup systemd-nspawn[251354]: [  OK  ] Started LSB: Start/stop fail2ban.
   Feb 18 11:32:59 messagerie-recup systemd-nspawn[251354]: [  OK  ] Started Permit User Sessions.
   Feb 18 11:32:59 messagerie-recup systemd-nspawn[251354]: [  OK  ] Started Initialize hardware monitoring sensors.
   Feb 18 11:32:59 messagerie-recup systemd-nspawn[251354]: [  OK  ] Started System Logging Service.
   root@messagerie-recup[10.10.10.20] ~ #


After a few minutes,
a second attempt at login in resulted in a different error message:

   root@messagerie-recup[10.10.10.20] ~ # machinectl login clone-messagerie
   Failed to get login PTY: Connection timed out
   root@messagerie-recup[10.10.10.20] ~ #

same with machinectl shell:

   root@messagerie-recup[10.10.10.20] ~ # machinectl shell clone-messagerie
   Failed to get login PTY: Connection timed out
   root@messagerie-recup[10.10.10.20] ~ #


I would really appreciate a little help to get me started using nspawn and machinectl.
By the way, I have added the pts lines (pts/{0..9}) in the container's /etc/securetty file.


The host OS is :

   systemd 252
   debian 12


Container OS is :
   systemd 215
   debian 8

Best,




--
yassine -- sysadm
http://about.me/ychaouche
Looking for side gigs.
[Index of Archives]     [LARTC]     [Bugtraq]     [Yosemite Forum]     [Photo]

  Powered by Linux