Skip to content

BUG on Debian (11 and 12) prevents starting Sysbox-Mgr and so Sysbox #870

New issue
New issue
Closed
nestybox/sysbox-mgr
#72
Closed
BUG on Debian (11 and 12) prevents starting Sysbox-Mgr and so Sysbox#870
nestybox/sysbox-mgr
#72
Assignees
ctalledo
Labels
bugSomething isn't working
@amirhmoradi

Description

@amirhmoradi
amirhmoradi
opened on Nov 15, 2024

after a clean install of sysbox following documentation, i had this error preventing sysbox service to start:

level=fatal msg="failed to create sysbox-mgr: failed to setup subid allocator: failed to parse line # allocate SUB_UID_COUNT unused user IDs from the range SUB_UID_MIN to SUB_UID_MAX for... Nov 15 17:06:38 server-internal1 systemd[1]: sysbox-mgr.service: Main process exited, code=exited, status=1/FAILURE

and so the sysbox service could not start:

A dependency job for sysbox.service failed. See 'journalctl -xe' for details.

After an hour of investigation, i found out that the source code of sysbox-mgr here what trying to read the values for the required limits from /etc/login.def in a quite dump way.... where it did not check if the values are inside a comment line or in the beginning of a line as real vars. See the content of the file in Debian:

# If /etc/subuid exists, the commands useradd and newusers (unless the user already have subordinate user IDs)
# allocate SUB_UID_COUNT unused user IDs from the range SUB_UID_MIN to SUB_UID_MAX for each new user.
# The default values for SUB_UID_MIN, SUB_UID_MAX, SUB_UID_COUNT are respectively 100000, 600100000 and 65536.
SUB_UID_MIN       100000
SUB_UID_MAX       600100000
SUB_UID_COUNT     65536
SUB_GID_MIN       100000
SUB_GID_MAX       600100000
SUB_GID_COUNT     65536

You can see that the variables SUB_UID_MIN and SUB_UID_MAX are mentioned in the comment line above the variables block having 2 columns...

The solution was to clean the /etc/login.defs comment line from these variables... and VOILA, now sysbox can start correctly on debian 12 (bookworm).

I suggest this fix:
Instead of reading the vars from "anywhere" in the file, make sure to read them when they are the first string in a given line, then check if the line has a second 'column'... in the getSubidLimits function call @ctalledo

BTW, my env:

$ lsb_release -a
No LSB modules are available.
Distributor ID:	Debian
Description:	Debian GNU/Linux 12 (bookworm)
Release:	12
Codename:	bookworm

uname -a
Linux hetzner-de-internal1 6.1.0-27-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.115-1 (2024-11-01) x86_64 GNU/Linux

Regards.

Metadata

Metadata

Assignees

Labels

bugSomething isn't working

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions