pve-backup-server-dockerfiles
pve-backup-server-dockerfiles copied to clipboard
ayufan
authentication failure [...] msg=path "/run/proxmox-backup/shmem" is not on tmpfs
Hi,
I've tried to install the latest docker image to my Synology via Portainer.
there were 4 Folders created on the host system and mapped into docker volumes:
These 4 volumes are created with following options (in Portainer called "drive options":
after start the container, logs seems to be fine and data were created in the folders.
But, the login (admin/pbspbs) is not working:
in PBS2/logs/api I found a file "auth.log" including this:
2022-02-13T09:39:05+00:00: authentication failure; rhost=[::ffff:172.17.0.1]:52784 user=admin@pbs msg=path "/run/proxmox-backup/shmem" is not on tmpfs
I think there is something wrong what I did, but I'm not sure what.
Also I checked the tmpfs inside the container:
any suggestions how to handle this?
@fila612 Synology uses pretty outdated linux kernel: https://github.com/ayufan/pve-backup-server-dockerfiles/pull/15. You might apply this patch yourself and recompile.
Thanks for the tip, unfortunately my knowledge is not sufficient for this. Will there be this patch in your image later?
I would prefer if this patch is being sent upstream. This would be best. If not accepted I might adapt that, but this is some additional maintenance burden :(
On Sun, Feb 13, 2022 at 11:15 AM fila612 @.***> wrote:
Thanks for the tip, unfortunately my knowledge is not sufficient for this. Will there be this patch in your image later?
— Reply to this email directly, view it on GitHub https://github.com/ayufan/pve-backup-server-dockerfiles/issues/16#issuecomment-1037987659, or unsubscribe https://github.com/notifications/unsubscribe-auth/AASOSQK5I2G233XKEMSZK4LU26ADZANCNFSM5OIUX3KQ . Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.
You are receiving this because you commented.Message ID: @.***>
understand, so I'm not able to do anything (sorry) thanks for your quick help, should this issue be closed or it is better to leave it open until the handling regarding the patch is decided (upstream or adaption)?
I came across the same problem today on a ubuntu system with kernel 5.4.0-88-generic.
It can be solved by creating tmpfs mountpoint at /run
following docker-compose file can be an example
version: '2.1'
services:
pbs:
image: ayufan/proxmox-backup-server:latest
network_mode: host
mem_limit: 2G
volumes:
- /mnt/datastore/backup/pbs:/backups
- ./etc:/etc/proxmox-backup
- ./logs:/var/log/proxmox-backup
- ./lib:/var/lib/proxmox-backup
tmpfs:
- /run
restart: unless-stopped
stop_signal: SIGHUP
I also have a Synology NAS and I tried the above docker-compose config. It runs just fine.
hm, strange... I had also created the volumes as tmpfs, what is the difference between yours and mines? See screenshots above, running "df -h" displays tmpfs.....
The need for tmpfs is documented in here:
- https://github.com/ayufan/pve-backup-server-dockerfiles#changelog
- https://github.com/ayufan/pve-backup-server-dockerfiles/blob/master/docker-compose.yml#L13
Thanks @pandada8 for the hint of the Mountpoint "/run"
that was the issue why its not working on my "Synology-Docker-Portainer" machine....:) Point is: I had created the container completely via Portainer, but the Mountpoint "/run" cannot be created in the Portainer GUI, or maybe its possible, but I don't know how to do it.
nevertheless, if I use Portainer stack (=docker compose) the PBS is working on my Synology!!! 😄
if someone are interested to my Portainer Stack content: HINT: the paths have to be validated by your own environment. i have created following folders on my HOST-System /volume1/Sicherung/Backups/PBS2 /volume1/docker/PBS2/etc /volume1/docker/PBS2/log /volume1/docker/PBS2/lib
services: pbs: image: ayufan/proxmox-backup-server:latest network_mode: "bridge" ports: - "8007:8007" volumes: - backups:/backups - pbs_etc:/etc/proxmox-backup - pbs_log:/var/log/proxmox-backup - pbs_lib:/var/lib/proxmox-backup tmpfs: - /run restart: unless-stopped stop_signal: SIGHUP environment: TZ: Europe/Berlin devices: - /dev/sda - /dev/sdb cap_add: - SYS_RAWIO volumes: backups: driver: local driver_opts: type: tmpfs o: bind device: /volume1/Sicherung/Backups/PBS2 pbs_etc: driver: local driver_opts: type: tmpfs o: bind device: /volume1/docker/PBS2/etc pbs_log: driver: local driver_opts: type: tmpfs o: bind device: /volume1/docker/PBS2/log pbs_lib: driver: local driver_opts: type: tmpfs o: bind device: /volume1/docker/PBS2/lib
from my side issue can be closed. solution: Portainer-stack or docker compose instead of Portainer-GUI ;)
@fila612
Maybe all those details (about tmpfs and pre-create) we could add to README for next generation? :)
Hi!
I try to replace my own pbs 1x container with your. And as I see faced with kernel trouble... I run it on my openmediavault server, with current kernel 4.19.0-0.bpo.9-amd64, and in logs of container I get:
Error: mkstemp "/run/proxmox-backup/proxy.tmp_XXXXXX" failed: ENOENT: No such file or directory
And very shot time after my credentials is active, I mean very shot time before pbs re-ask to sig-in, not sure if it affialted with kernel and tmpfs /run, any suggestion? Thanks.
Btw, here is my stack:
volumes:
pbs_etc:
driver: local
pbs_logs:
driver: local
pbs_lib:
driver: local
pbs:
image: ayufan/proxmox-backup-server:latest
container_name: proxmox-backup-server
hostname: proxmox-backup-server
cap_add:
- SYS_RAWIO
devices:
- /dev/sdd
mem_limit: 2G
networks:
- omv
environment:
- TZ=Europe/Kiev
volumes:
- pbs_etc:/etc/proxmox-backup
- pbs_logs:/var/log/proxmox-backup
- pbs_lib:/var/lib/proxmox-backup
- /sharedfolders/proxmox-backup:/storage
tmpfs:
- /run
ports:
- 8007:8007
restart: unless-stopped
stop_signal: SIGHUP
logging:
driver: "json-file"
options:
max-size: "50m"
I think question 'bout re-ask credentails I can dropped. I think it was 'coz I runned two containers at one time and get /etc/shadow:ro volume in my own pbs container, not sure, but right now I don't face with it.
And one more thing, at the first start of the container, I didn't has get error with mkstemp, all seems fine:
And one more... :) I just now is saw it, the error says 'bout proxy tmp session file, I correctly understood? So maybe it's normal in this case?
Hi,
with LibreElec as Docker host there is the same issue. I've resolved it with the help from some threads here.
I've created the volumes this way:
and used the following stack file:
version: '3.9'
volumes:
pbs-etc:
driver: local
pbs-logs:
driver: local
pbs-lib:
driver: local
backups:
driver: local
driver_opts:
type: ''
o: bind
device: /storage/sambashare/NASHDD1/Backup/Proxmox/Docker
services:
pbs:
image: ayufan/proxmox-backup-server
container_name: proxmox-backup-server
hostname: proxmox-backup-server
network_mode: host
mem_limit: 4G
volumes:
- pbs-etc:/etc/proxmox-backup
- pbs-logs:/var/log/proxmox-backup
- pbs-lib:/var/lib/proxmox-backup
- backups:/backups
tmpfs: /run
cap_add: # smartctl support
- SYS_RAWIO
devices:
- /dev/sda
- /dev/sdb
- /dev/sdc
restart: unless-stopped
stop_signal: SIGHUP
environment:
- TZ=Europe/Berlin
This was working for me.
@SAOPP can you share your full stack (you seem to be missing some parts).
I have followed this thread and I get a different variant of the error message:
2023-08-24T00:28:51+00:00: authentication failure; rhost=[::ffff:172.25.0.1]:33743 user=admin@pam msg=open tmpfile in "/run/proxmox-backup/shmem" failed - EISDIR: Is a directory
(dh -f in the container shows tmpfs is mounted)
@SAOPP can you share your full stack (you seem to be missing some parts).
My stack is not changed, above: https://github.com/ayufan/pve-backup-server-dockerfiles/issues/16#issuecomment-1107463256