Bug #15636
closedErrors with Rudder agent on unprivileged containers (LXC)
Description
If you are using rudder agent on an unprivileged container you get the following errors on rudder agent update
or rudder agent run
:
Version: Rudder agent 5.0.12-stretch0
running on LXC Container within Proxmox VE hypervisor
error: Cannot follow symlink '/proc/net/netstat'; it is not owned by root or the user running this process, and the target owner and/or group differs from that of the symlink itself.
error: Cannot follow symlink '/proc/net/route'; it is not owned by root or the user running this process, and the ta rget owner and/or group differs from that of the symlink itself.
error: Cannot follow symlink '/proc/net/snmp6'; it is not owned by root or the user running this process, and the ta rget owner and/or group differs from that of the symlink itself.
error: Cannot follow symlink '/proc/net/ipv6_route'; it is not owned by root or the user running this process, and t he target owner and/or group differs from that of the symlink itself.
error: Cannot follow symlink '/proc/net/if_inet6'; it is not owned by root or the user running this process, and the target owner and/or group differs from that of the symlink itself.
error: Cannot follow symlink '/proc/net/dev'; it is not owned by root or the user running this process, and the targ et owner and/or group differs from that of the symlink itself.
Updated by Alexis Mousset about 4 years ago
# ls -ahl /proc [...] lrwxrwxrwx 1 nobody nogroup 8 Sep 28 13:54 net -> self/net [...] lrwxrwxrwx 1 nobody nogroup 0 Sep 28 13:51 self -> 2607 [...] dr-xr-xr-x 9 root root 0 Sep 28 13:57 2607 [...]
Updated by Alexis Mousset about 4 years ago
- Assignee set to Alexis Mousset
- Target version set to 6.1.5
Updated by Alexis Mousset about 4 years ago
- Status changed from New to In progress
Updated by Alexis Mousset about 4 years ago
Upstream issue: https://tracker.mender.io/browse/CFE-3429
Updated by Vincent MEMBRÉ about 4 years ago
- Target version changed from 6.1.5 to 6.1.6
Updated by Vincent MEMBRÉ about 4 years ago
- Target version changed from 6.1.6 to 6.1.7
Updated by Mathias B. about 4 years ago
Still an issue on Rudder agent version 6.2.0~beta1 on Debian 10 (buster), on an unprivilegied LXC container running on Proxmox.
Output when running rudder agent update
:
error: Cannot follow symlink '/proc/net/netstat'; it is not owned by root or the user running this process, and the target owner and/or group differs from that of the symlink itself.
error: Cannot follow symlink '/proc/net/route'; it is not owned by root or the user running this process, and the target owner and/or group differs from that of the symlink itself.
error: Cannot follow symlink '/proc/net/snmp6'; it is not owned by root or the user running this process, and the target owner and/or group differs from that of the symlink itself.
error: Cannot follow symlink '/proc/net/ipv6_route'; it is not owned by root or the user running this process, and the target owner and/or group differs from that of the symlink itself.
error: Cannot follow symlink '/proc/net/if_inet6'; it is not owned by root or the user running this process, and the target owner and/or group differs from that of the symlink itself.
error: Cannot follow symlink '/proc/net/dev'; it is not owned by root or the user running this process, and the target owner and/or group differs from that of the symlink itself.
Output of ls -l /proc
:
...
lrwxrwxrwx 1 nobody nogroup 8 Nov 11 19:22 net -> self/net
...
lrwxrwxrwx 1 nobody nogroup 0 Nov 11 17:24 self -> 22206
...
dr-xr-xr-x 9 root root 0 Nov 11 19:22 22206
...
rudder agent health
returns "OK".Updated by Vincent MEMBRÉ about 4 years ago
- Target version changed from 6.1.7 to 6.1.8
Updated by Vincent MEMBRÉ almost 4 years ago
- Target version changed from 6.1.8 to 6.1.9
Updated by Vincent MEMBRÉ almost 4 years ago
- Target version changed from 6.1.9 to 6.1.10
Updated by Vincent MEMBRÉ almost 4 years ago
- Target version changed from 6.1.10 to 6.1.11
Updated by Vincent MEMBRÉ almost 4 years ago
- Target version changed from 6.1.11 to 6.1.12
Updated by Vincent MEMBRÉ over 3 years ago
- Target version changed from 6.1.12 to 6.1.13
Updated by Vincent MEMBRÉ over 3 years ago
- Target version changed from 6.1.13 to 6.1.14
Updated by Vincent MEMBRÉ over 3 years ago
- Target version changed from 6.1.14 to 6.1.15
Updated by Vincent MEMBRÉ over 3 years ago
- Target version changed from 6.1.15 to 6.1.16
Updated by Vincent MEMBRÉ over 3 years ago
- Target version changed from 6.1.16 to 6.1.17
Updated by Vincent MEMBRÉ about 3 years ago
- Target version changed from 6.1.17 to 6.1.18
Updated by Vincent MEMBRÉ about 3 years ago
- Target version changed from 6.1.18 to 6.1.19
Updated by Elaad FURREEDAN about 3 years ago
- Translation missing: en.field_tag_list set to Sponsored
Updated by Vincent MEMBRÉ over 2 years ago
- Target version changed from 6.1.19 to 6.1.20
Updated by Vincent MEMBRÉ over 2 years ago
- Target version changed from 6.1.20 to 6.1.21
Updated by Alexis Mousset over 2 years ago
- Status changed from In progress to New
Updated by Alexis Mousset over 2 years ago
- Tracker changed from User story to Bug
- UX impact set to I dislike using that feature
- Suggestion strength deleted (
Advise - This would make Rudder significantly better | easier | simpler) - Severity set to Major - prevents use of part of Rudder | no simple workaround
- Priority set to 43
Updated by Stefan Schmitt over 2 years ago
Still an issue on Rudder agent version 7.1.1 on Debian 11 (bullseye), on an unprivilegied LXC container running on Proxmox.
Updated by Nicolas CHARLES over 2 years ago
It still happens, and makes the "rudder agent update" command output the error message
error: Rudder agent policies could not be updated.
Updated by Alexis Mousset over 2 years ago
I'll work on this one next week or the following.
Updated by Vincent MEMBRÉ over 2 years ago
- Target version changed from 6.1.21 to old 6.1 issues to relocate
Updated by Alexis Mousset about 2 years ago
- Target version changed from old 6.1 issues to relocate to old 6.2 issues to relocate
- Priority changed from 43 to 93
Updated by Benoît PECCATTE over 1 year ago
- Status changed from New to In progress
- Assignee changed from Alexis Mousset to Benoît PECCATTE
- Priority changed from 93 to 96
Updated by Benoît PECCATTE over 1 year ago
- Status changed from In progress to Pending technical review
- Assignee changed from Benoît PECCATTE to Alexis Mousset
- Pull Request set to https://github.com/Normation/rudder-packages/pull/2719
Updated by Benoît PECCATTE over 1 year ago
- Pull Request changed from https://github.com/Normation/rudder-packages/pull/2719 to https://github.com/Normation/rudder-packages/pull/2727
Updated by Benoît PECCATTE over 1 year ago
- Target version changed from old 6.2 issues to relocate to 7.2.7
- Regression set to No
Updated by Benoît PECCATTE over 1 year ago
- Status changed from Pending technical review to Pending release
Applied in changeset rudder-packages|588a68ddba0b1d0a8e40e665a4b85261813080ea.
Updated by Vincent MEMBRÉ over 1 year ago
- Status changed from Pending release to Released
- Priority changed from 96 to 97
This bug has been fixed in Rudder 7.2.7 and 7.3.2 which were released today.