Hi, I'm looking for tips on building sssd in a devcontainer. The simplest naive thing:
https://github.com/slominskir/sssd-devcontainer/blob/main/Dockerfile
```Dockerfile FROM fedora:40
RUN dnf install 'dnf-command(builddep)' tini git -y ; dnf builddep sssd -y
ENTRYPOINT ["/usr/bin/tini", "--"] CMD ["sleep", "infinity"] ```
Configure step fails with:
checking for CAP... no configure: error: libcap is missing
Ran with: docker build . -t dev docker run --rm --name dev dev docker exec -it dev bash cd /opt git clone https://github.com/SSSD/sssd cd sssd autoreconf -if ./configure
Regards,
Ryan
Am Thu, Sep 26, 2024 at 07:58:17PM -0000 schrieb Ryan Slominski:
Hi, I'm looking for tips on building sssd in a devcontainer. The simplest naive thing:
https://github.com/slominskir/sssd-devcontainer/blob/main/Dockerfile
FROM fedora:40
Hi,
Fedora 40 is not using the very latest of SSSD, in the git tree there might be already newer features added which require additional dependencies which are not listed in the Fedora 40 spec file and hence are not included with `dnf builddep`.
With respect to libcap, you can either add `dnf install libcap-devel` to your command line or use Fedora 41 which uses a more recent version of SSSD which already includes the `libcap-devel` dependency.
In general you can also grep the 'BuildRequires' from contrib/sssd.spec.in or call './contrib/ci/run -d' before calling autoreconf.
I hope there is one solution which will work for your use case.
bye, Sumit
RUN dnf install 'dnf-command(builddep)' tini git -y ; dnf builddep sssd -y
ENTRYPOINT ["/usr/bin/tini", "--"] CMD ["sleep", "infinity"]
Configure step fails with: checking for CAP... no configure: error: libcap is missing Ran with: docker build . -t dev docker run --rm --name dev dev docker exec -it dev bash cd /opt git clone https://github.com/SSSD/sssd cd sssd autoreconf -if ./configure Regards, Ryan -- _______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Hi Sumit, Using either of your approaches worked, thanks. Using the ci/run script seems like the easiest/best choice as presumably dependencies are tracked in lock step with sssd version, unlike the dnf builddep approach.
Using that same devcontainer, I noticed the ci tests (run without -d, so simply ./contrib/ci/run) fail with 1 issue:
[root@1e8d8cdc9537 sssd]# cat ci-build-debug/test-suite.log ========================================= sssd 2.10.0-beta2: ./test-suite.log =========================================
# TOTAL: 99 # PASS: 98 # SKIP: 0 # XFAIL: 0 # FAIL: 1 # XPASS: 0 # ERROR: 0
.. contents:: :depth: 2
FAIL: file_watch-tests ======================
Running suite(s): file_watch 75%: Checks: 4, Failures: 1, Errors: 0 /workspaces/sssd/src/tests/file_watch-tests.c:162:F:file_watch:test_poll_no_file:0: Callback not invoked on creation. FAIL file_watch-tests (exit status: 1)
Any tips?
Hi,
On Fri, Sep 27, 2024 at 4:44 PM Ryan Slominski via sssd-users < sssd-users@lists.fedorahosted.org> wrote:
Hi Sumit, Using either of your approaches worked, thanks. Using the ci/run script seems like the easiest/best choice as presumably dependencies are tracked in lock step with sssd version, unlike the dnf builddep approach.
Using that same devcontainer, I noticed the ci tests (run without -d, so simply ./contrib/ci/run) fail with 1 issue:
[root@1e8d8cdc9537 sssd]# cat ci-build-debug/test-suite.log
sssd 2.10.0-beta2: ./test-suite.log
# TOTAL: 99 # PASS: 98 # SKIP: 0 # XFAIL: 0 # FAIL: 1 # XPASS: 0 # ERROR: 0
.. contents:: :depth: 2
FAIL: file_watch-tests
Running suite(s): file_watch 75%: Checks: 4, Failures: 1, Errors: 0 /workspaces/sssd/src/tests/file_watch-tests.c:162:F:file_watch:test_poll_no_file:0: Callback not invoked on creation. FAIL file_watch-tests (exit status: 1)
Try running the test manually with debug enabled: ``` ./file_watch-tests -d 9 ``` and see what fails.
Maybe '/dev/shm/' that looks to be used to create files isn't accessible or something like that...
Any tips?
sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.o... Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Here is the output:
[root@b0853212bcdb ci-build-debug]# ./file_watch-tests -d 9 Could not chdir to [/dev/shm/ci-test-dir.XcCkS8dF]. Attempting to continue with current dir Running suite(s): file_watch [sssd] [setup_file_watch] (0x4000): ========================================== [sssd] [test_file_watch_no_file] (0x4000): Watching file /dev/shm/ci-test-dir.XcCkS8dF/file-watch-test-dir/../file-watch-test-dir/watched_file_inotify [sssd] [watch_file] (0x1000): Falling back to polling [sssd] [fw_watch_file_poll] (0x3f7c0): File [/dev/shm/ci-test-dir.XcCkS8dF/file-watch-test-dir/../file-watch-test-dir/watched_file_inotify] is missing. Will try again later. [sssd] [set_file_watching] (0x1000): /dev/shm/ci-test-dir.XcCkS8dF/file-watch-test-dir/../file-watch-test-dir/watched_file_inotify missing. Waiting for it to appear. [sssd] [modify_file] (0x0400): Modifying file /dev/shm/ci-test-dir.XcCkS8dF/file-watch-test-dir/unwatched_file [sssd] [setup_file_watch] (0x4000): ========================================== [sssd] [modify_file] (0x0400): Modifying file /dev/shm/ci-test-dir.XcCkS8dF/file-watch-test-dir/../file-watch-test-dir/watched_file_inotify.exists [sssd] [setup_file_watch] (0x4000): ========================================== [sssd] [test_file_watch_no_file] (0x4000): Watching file /dev/shm/ci-test-dir.XcCkS8dF/file-watch-test-dir/../file-watch-test-dir/watched_file_poll [sssd] [fw_watch_file_poll] (0x3f7c0): File [/dev/shm/ci-test-dir.XcCkS8dF/file-watch-test-dir/../file-watch-test-dir/watched_file_poll] is missing. Will try again later. [sssd] [set_file_watching] (0x1000): /dev/shm/ci-test-dir.XcCkS8dF/file-watch-test-dir/../file-watch-test-dir/watched_file_poll missing. Waiting for it to appear. [sssd] [modify_file] (0x0400): Modifying file /dev/shm/ci-test-dir.XcCkS8dF/file-watch-test-dir/unwatched_file [sssd] [setup_file_watch] (0x4000): ========================================== [sssd] [modify_file] (0x0400): Modifying file /dev/shm/ci-test-dir.XcCkS8dF/file-watch-test-dir/../file-watch-test-dir/watched_file_poll.exists 0%: Checks: 4, Failures: 4, Errors: 0 /workspaces/sssd/src/tests/file_watch-tests.c:118:F:file_watch:test_inotify_no_file:0: Failed to open the file. /workspaces/sssd/src/tests/file_watch-tests.c:118:F:file_watch:test_inotify_with_file:0: Failed to open the file. /workspaces/sssd/src/tests/file_watch-tests.c:118:F:file_watch:test_poll_no_file:0: Failed to open the file. /workspaces/sssd/src/tests/file_watch-tests.c:118:F:file_watch:test_poll_with_file:0: Failed to open the file.
Maybe a side-effect of running tini instead of systemd? Side effect of running on Windows WSL2 container host?
More info:
[root@b0853212bcdb sssd]# cd /dev [root@b0853212bcdb dev]# ls -ltra total 4 drwxrwxrwt 2 root root 40 Sep 27 16:40 mqueue drwxr-xr-x 1 root root 4096 Sep 27 16:40 .. crw-rw-rw- 1 root root 1, 5 Sep 27 16:40 zero crw-rw-rw- 1 root root 1, 9 Sep 27 16:40 urandom crw-rw-rw- 1 root root 5, 0 Sep 27 16:40 tty lrwxrwxrwx 1 root root 15 Sep 27 16:40 stdout -> /proc/self/fd/1 lrwxrwxrwx 1 root root 15 Sep 27 16:40 stdin -> /proc/self/fd/0 lrwxrwxrwx 1 root root 15 Sep 27 16:40 stderr -> /proc/self/fd/2 crw-rw-rw- 1 root root 1, 8 Sep 27 16:40 random drwxr-xr-x 2 root root 0 Sep 27 16:40 pts lrwxrwxrwx 1 root root 8 Sep 27 16:40 ptmx -> pts/ptmx crw-rw-rw- 1 root root 1, 3 Sep 27 16:40 null crw-rw-rw- 1 root root 1, 7 Sep 27 16:40 full lrwxrwxrwx 1 root root 13 Sep 27 16:40 fd -> /proc/self/fd lrwxrwxrwx 1 root root 11 Sep 27 16:40 core -> /proc/kcore drwxr-xr-x 5 root root 360 Sep 27 16:40 . drwxrwxrwt 2 root root 40 Sep 27 16:46 shm crw--w---- 1 root tty 136, 0 Sep 27 16:48 console [root@b0853212bcdb dev]# cd shm [root@b0853212bcdb shm]# ls -ltr total 0
On Fri, Sep 27, 2024 at 6:51 PM Ryan Slominski via sssd-users < sssd-users@lists.fedorahosted.org> wrote:
Here is the output:
[root@b0853212bcdb ci-build-debug]# ./file_watch-tests -d 9 Could not chdir to [/dev/shm/ci-test-dir.XcCkS8dF]. Attempting to continue with current dir Running suite(s): file_watch [sssd] [setup_file_watch] (0x4000): ========================================== [sssd] [test_file_watch_no_file] (0x4000): Watching file /dev/shm/ci-test-dir.XcCkS8dF/file-watch-test-dir/../file-watch-test-dir/watched_file_inotify [sssd] [watch_file] (0x1000): Falling back to polling
Difference starts here ^^ . In a "regular" environment test output looks like: ``` [sssd] [test_file_watch_no_file] (0x4000): Watching file /dev/shm/file-watch-test-dir/../file-watch-test-dir/watched_file_inotify [sssd] [snotify_watch] (0x2000): Opened inotify fd 5 [sssd] [snotify_watch] (0x2000): Opened file watch -1 [sssd] [snotify_watch] (0x2000): Opened directory watch 1 [sssd] [_snotify_create] (0x0400): Added a watch for /dev/shm/file-watch-test-dir/watched_file_inotify with inotify flags 0x8D88 internal flags 0x1 using function watched_file_inotify_cb after delay 1.0 ```
Perhaps `inotify` infrastructure doesn't work in container env.
If this is indeed the case then sssd.conf::try_inotify option can be used to disable attempting this feature usage.
[sssd] [fw_watch_file_poll] (0x3f7c0): File [/dev/shm/ci-test-dir.XcCkS8dF/file-watch-test-dir/../file-watch-test-dir/watched_file_inotify] is missing. Will try again later. [sssd] [set_file_watching] (0x1000): /dev/shm/ci-test-dir.XcCkS8dF/file-watch-test-dir/../file-watch-test-dir/watched_file_inotify missing. Waiting for it to appear. [sssd] [modify_file] (0x0400): Modifying file /dev/shm/ci-test-dir.XcCkS8dF/file-watch-test-dir/unwatched_file [sssd] [setup_file_watch] (0x4000): ========================================== [sssd] [modify_file] (0x0400): Modifying file /dev/shm/ci-test-dir.XcCkS8dF/file-watch-test-dir/../file-watch-test-dir/watched_file_inotify.exists [sssd] [setup_file_watch] (0x4000): ========================================== [sssd] [test_file_watch_no_file] (0x4000): Watching file /dev/shm/ci-test-dir.XcCkS8dF/file-watch-test-dir/../file-watch-test-dir/watched_file_poll [sssd] [fw_watch_file_poll] (0x3f7c0): File [/dev/shm/ci-test-dir.XcCkS8dF/file-watch-test-dir/../file-watch-test-dir/watched_file_poll] is missing. Will try again later. [sssd] [set_file_watching] (0x1000): /dev/shm/ci-test-dir.XcCkS8dF/file-watch-test-dir/../file-watch-test-dir/watched_file_poll missing. Waiting for it to appear. [sssd] [modify_file] (0x0400): Modifying file /dev/shm/ci-test-dir.XcCkS8dF/file-watch-test-dir/unwatched_file [sssd] [setup_file_watch] (0x4000): ========================================== [sssd] [modify_file] (0x0400): Modifying file /dev/shm/ci-test-dir.XcCkS8dF/file-watch-test-dir/../file-watch-test-dir/watched_file_poll.exists 0%: Checks: 4, Failures: 4, Errors: 0 /workspaces/sssd/src/tests/file_watch-tests.c:118:F:file_watch:test_inotify_no_file:0: Failed to open the file. /workspaces/sssd/src/tests/file_watch-tests.c:118:F:file_watch:test_inotify_with_file:0: Failed to open the file. /workspaces/sssd/src/tests/file_watch-tests.c:118:F:file_watch:test_poll_no_file:0: Failed to open the file. /workspaces/sssd/src/tests/file_watch-tests.c:118:F:file_watch:test_poll_with_file:0: Failed to open the file.
Maybe a side-effect of running tini instead of systemd? Side effect of running on Windows WSL2 container host?
More info:
[root@b0853212bcdb sssd]# cd /dev [root@b0853212bcdb dev]# ls -ltra total 4 drwxrwxrwt 2 root root 40 Sep 27 16:40 mqueue drwxr-xr-x 1 root root 4096 Sep 27 16:40 .. crw-rw-rw- 1 root root 1, 5 Sep 27 16:40 zero crw-rw-rw- 1 root root 1, 9 Sep 27 16:40 urandom crw-rw-rw- 1 root root 5, 0 Sep 27 16:40 tty lrwxrwxrwx 1 root root 15 Sep 27 16:40 stdout -> /proc/self/fd/1 lrwxrwxrwx 1 root root 15 Sep 27 16:40 stdin -> /proc/self/fd/0 lrwxrwxrwx 1 root root 15 Sep 27 16:40 stderr -> /proc/self/fd/2 crw-rw-rw- 1 root root 1, 8 Sep 27 16:40 random drwxr-xr-x 2 root root 0 Sep 27 16:40 pts lrwxrwxrwx 1 root root 8 Sep 27 16:40 ptmx -> pts/ptmx crw-rw-rw- 1 root root 1, 3 Sep 27 16:40 null crw-rw-rw- 1 root root 1, 7 Sep 27 16:40 full lrwxrwxrwx 1 root root 13 Sep 27 16:40 fd -> /proc/self/fd lrwxrwxrwx 1 root root 11 Sep 27 16:40 core -> /proc/kcore drwxr-xr-x 5 root root 360 Sep 27 16:40 . drwxrwxrwt 2 root root 40 Sep 27 16:46 shm crw--w---- 1 root tty 136, 0 Sep 27 16:48 console [root@b0853212bcdb dev]# cd shm [root@b0853212bcdb shm]# ls -ltr total 0 -- _______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.o... Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
On Пят, 27 вер 2024, Ryan Slominski via sssd-users wrote:
Here is the output:
[root@b0853212bcdb ci-build-debug]# ./file_watch-tests -d 9 Could not chdir to [/dev/shm/ci-test-dir.XcCkS8dF]. Attempting to continue with current dir Running suite(s): file_watch [sssd] [setup_file_watch] (0x4000): ========================================== [sssd] [test_file_watch_no_file] (0x4000): Watching file /dev/shm/ci-test-dir.XcCkS8dF/file-watch-test-dir/../file-watch-test-dir/watched_file_inotify [sssd] [watch_file] (0x1000): Falling back to polling [sssd] [fw_watch_file_poll] (0x3f7c0): File [/dev/shm/ci-test-dir.XcCkS8dF/file-watch-test-dir/../file-watch-test-dir/watched_file_inotify] is missing. Will try again later. [sssd] [set_file_watching] (0x1000): /dev/shm/ci-test-dir.XcCkS8dF/file-watch-test-dir/../file-watch-test-dir/watched_file_inotify missing. Waiting for it to appear. [sssd] [modify_file] (0x0400): Modifying file /dev/shm/ci-test-dir.XcCkS8dF/file-watch-test-dir/unwatched_file [sssd] [setup_file_watch] (0x4000): ========================================== [sssd] [modify_file] (0x0400): Modifying file /dev/shm/ci-test-dir.XcCkS8dF/file-watch-test-dir/../file-watch-test-dir/watched_file_inotify.exists [sssd] [setup_file_watch] (0x4000): ========================================== [sssd] [test_file_watch_no_file] (0x4000): Watching file /dev/shm/ci-test-dir.XcCkS8dF/file-watch-test-dir/../file-watch-test-dir/watched_file_poll [sssd] [fw_watch_file_poll] (0x3f7c0): File [/dev/shm/ci-test-dir.XcCkS8dF/file-watch-test-dir/../file-watch-test-dir/watched_file_poll] is missing. Will try again later. [sssd] [set_file_watching] (0x1000): /dev/shm/ci-test-dir.XcCkS8dF/file-watch-test-dir/../file-watch-test-dir/watched_file_poll missing. Waiting for it to appear. [sssd] [modify_file] (0x0400): Modifying file /dev/shm/ci-test-dir.XcCkS8dF/file-watch-test-dir/unwatched_file [sssd] [setup_file_watch] (0x4000): ========================================== [sssd] [modify_file] (0x0400): Modifying file /dev/shm/ci-test-dir.XcCkS8dF/file-watch-test-dir/../file-watch-test-dir/watched_file_poll.exists 0%: Checks: 4, Failures: 4, Errors: 0 /workspaces/sssd/src/tests/file_watch-tests.c:118:F:file_watch:test_inotify_no_file:0: Failed to open the file. /workspaces/sssd/src/tests/file_watch-tests.c:118:F:file_watch:test_inotify_with_file:0: Failed to open the file. /workspaces/sssd/src/tests/file_watch-tests.c:118:F:file_watch:test_poll_no_file:0: Failed to open the file. /workspaces/sssd/src/tests/file_watch-tests.c:118:F:file_watch:test_poll_with_file:0: Failed to open the file.
Maybe a side-effect of running tini instead of systemd? Side effect of running on Windows WSL2 container host?
On this: inotify has problems with WSL2 containerized environments. Their implementation of a file server API with 9p in WSL2 does not support inotify:
https://github.com/microsoft/WSL/issues/4739
Those issues, however, should affect files modified by Windows apps and watched within Linux containers. This should not be the case here?
More info:
[root@b0853212bcdb sssd]# cd /dev [root@b0853212bcdb dev]# ls -ltra total 4 drwxrwxrwt 2 root root 40 Sep 27 16:40 mqueue drwxr-xr-x 1 root root 4096 Sep 27 16:40 .. crw-rw-rw- 1 root root 1, 5 Sep 27 16:40 zero crw-rw-rw- 1 root root 1, 9 Sep 27 16:40 urandom crw-rw-rw- 1 root root 5, 0 Sep 27 16:40 tty lrwxrwxrwx 1 root root 15 Sep 27 16:40 stdout -> /proc/self/fd/1 lrwxrwxrwx 1 root root 15 Sep 27 16:40 stdin -> /proc/self/fd/0 lrwxrwxrwx 1 root root 15 Sep 27 16:40 stderr -> /proc/self/fd/2 crw-rw-rw- 1 root root 1, 8 Sep 27 16:40 random drwxr-xr-x 2 root root 0 Sep 27 16:40 pts lrwxrwxrwx 1 root root 8 Sep 27 16:40 ptmx -> pts/ptmx crw-rw-rw- 1 root root 1, 3 Sep 27 16:40 null crw-rw-rw- 1 root root 1, 7 Sep 27 16:40 full lrwxrwxrwx 1 root root 13 Sep 27 16:40 fd -> /proc/self/fd lrwxrwxrwx 1 root root 11 Sep 27 16:40 core -> /proc/kcore drwxr-xr-x 5 root root 360 Sep 27 16:40 . drwxrwxrwt 2 root root 40 Sep 27 16:46 shm crw--w---- 1 root tty 136, 0 Sep 27 16:48 console [root@b0853212bcdb dev]# cd shm [root@b0853212bcdb shm]# ls -ltr total 0 -- _______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.o... Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Hi Alexander, I agree that inotify has known issues with WSL2, but I expect it would only be an issue with bind mounts and I'm not using any. I ran the devcontainer on a different host with Windows 11 Pro host and WSL2 and it worked fine, so there is something odd with my Windows 11 Home edition and WSL2 host. Both running latest Docker Desktop 4.34.2 (167172). Oh well, probably just wait another few months and tools will get better. For now I guess I'll stick to VPN to Red Hat Enterprise Linux host.
Eventually building software will be easy and portable. Just not quite yet! The "development container" idea is still being fought over:
- https://devfile.io/ - https://docs.docker.com/desktop/dev-environments/ - https://containers.dev/ - https://www.gitpod.io/ - https://coder.com/ - https://devpod.sh/ - https://github.com/recode-sh/cli
sssd-users@lists.fedorahosted.org
-
Alexander Bokovoy -
Alexey Tikhonov -
Ryan Slominski -
Sumit Bose