On ke, 14 loka 2020, Michael Romero via FreeIPA-users wrote:
Also having this issue when running this container on MacOS 10.15.17.
ninjitsu@derpenstein freeipa-container % docker run -e IPA_SERVER_IP=10.12.0.98 -p
53:53/udp -p 53:53 -p 80:80 -p 443:443 -p 389:389 -p 636:636 -p 88:88 -p 464:464 -p
88:88/udp -p 464:464/udp -p 123:123/udp --name freeipa-server-container -ti -h
freeipa-srv.derp.com --read-only -v /sys/fs/cgroup:/sys/fs/cgroup:ro --sysctl
net.ipv6.conf.all.disable_ipv6=0 -v /Users/ninjitsu/Documents/docker/ipa-data:/data:Z
freeipa-server --realm=DERP.COM --ds-password=changeme --admin-password=changeme
--unattended
tar: etc/systemd/system/default.target: Cannot utime: No such file or directory
tar: etc/systemd/system/multi-user.target.wants: Cannot utime: No such file or directory
tar: etc/systemd/system/container-ipa.target.wants/ipa-server-configure-first.service:
Cannot utime: No such file or directory
tar: etc/pki/ca-trust/source/ca-bundle.legacy.crt: Cannot utime: No such file or
directory
tar: etc/pam.d/smartcard-auth: Cannot utime: No such file or directory
tar: etc/pam.d/fingerprint-auth: Cannot utime: No such file or directory
tar: etc/pam.d/password-auth: Cannot utime: No such file or directory
tar: etc/pam.d/system-auth: Cannot utime: No such file or directory
tar: etc/pam.d/postlogin: Cannot utime: No such file or directory
tar: etc/krb5.conf.d/crypto-policies: Cannot utime: No such file or directory
tar: etc/sysconfig/selinux: Cannot utime: No such file or directory
tar: etc/nsswitch.conf: Cannot utime: No such file or directory
tar: Exiting with failure status due to previous errors
ninjitsu@derpenstein freeipa-container %
It is MacOS implementation-specific issue:
- MacOS had issues with utimesat() call
(
https://github.com/hanwen/go-fuse/commit/76c230393cdc945a2cdd003202251138...)
- A bug in gnulib due to this, visible as a tar issue above
(
https://lists.gnu.org/r/bug-gnulib/2019-07/msg00069.html)
The issue specifically affects bind mounts. Try to use docker-managed
volume instead of a bind mounting your directory directly.
https://github.com/freeipa/freeipa-container/issues/279
The recipe of not using bind mounts on MacOS is repeated elsewhere too,
this is just most relevant issue in FreeIPA container project.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland