[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [atomic-devel] tools and systemtap containers are available in Fedora

Thank you for figuring this out!

I fixed in dist-git: https://src.fedoraproject.org/container/systemtap/c/a8a59cacb440aacc150fad8a94d264d53a341baf?branch=master

Can't build in OSBS, seems like the service is having issues.


Tomas

On Thu, Oct 5, 2017 at 7:50 PM, Jeremy Eder <jeder redhat com> wrote:
Woops, sorry Dan,  my bad.  That was a relic from earlier, when I tried sys_admin.

Looks like --security-opt label:disable is enough to get it going.

# docker run --security-opt label:disable --cap-add SYS_MODULE -v /sys/kernel/debug:/sys/kernel/debug -v /usr/src/kernels:/usr/src/kernels -v /usr/lib/modules/:/usr/lib/modules/ -v /usr/lib/debug:/usr/lib/debug -t -i --name systemtap candidate-registry.fedoraproject.org/f26/systemtap

On Thu, Oct 5, 2017 at 1:47 PM, Frank Ch. Eigler <fche redhat com> wrote:
Hi, Dan -


> Could you show the docker line that atomic run is executing?

% atomic run --spc candidate-registry.fedoraproject.org/f26/systemtap /usr/share/systemtap/examples/io/iotop.stp
docker run --cap-add SYS_MODULE -v /sys/kernel/debug:/sys/kernel/debug -v /usr/src/kernels:/usr/src/kernels -v /usr/lib/modules/:/usr/lib/modules/ -v /usr/lib/debug:/usr/lib/debug -t -i --name systemtap-spc candidate-registry.fedoraproject.org/f26/systemtap /usr/share/systemtap/examples/io/iotop.stp

... which fails.  But a hand-run % docker run, with "--security-opt
label:disable" added in the front works for me.


> The LABEL would be the preferred way.

Sure, just someone(tm) needs to find the Dockerfile in git.  I
couldn't find it from a dozen minutes reading
https://fedoraproject.org/wiki/Changes/Layered_Docker_Image_Build_Service
and pals.


- FChE



--

-- Jeremy Eder

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]