mydocker icon indicating copy to clipboard operation
mydocker copied to clipboard

Published 20 hours ago verified publisher icon xianlubird

User Namespace 报错

Open srstack opened this issue 5 years ago • 5 comments

fork/exec /usr/bin/sh: no such file or directory

环境

Linux vm_16_14_centos 3.10.0-862.3.2.el7.x86_64 #1 SMP Mon May 21 23:36:36 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux

srstack avatar Sep 18 '19 15:09 srstack

已经参考相关资料:

		UidMappings: []syscall.SysProcIDMap{
			{
				ContainerID: uid,
				HostID:      0,
				Size:        1,
			},
		},
		GidMappings: []syscall.SysProcIDMap{
			{
				ContainerID: gid,
				HostID:      0,
				Size:        1,
			},
		},

srstack avatar Sep 18 '19 15:09 srstack

环境 Linux zhang 5.0.0-29-generic #31~18.04.1-Ubuntu SMP Thu Sep 12 18:29:21 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux

错误 2019/09/25 11:11:38 fork/exec /bin/sh: no such file or directory 请问如何解决?

dadahua555 avatar Sep 25 '19 03:09 dadahua555

同问 Linux 4.14.81.bm.15-amd64 #1 SMP Debian 4.14.81.bm.15 Sun Sep 8 05:02:31 UTC 2019 x86_64 GNU/Linux 书中示例已经失效 换成 UidMappings: []syscall.SysProcIDMap{ { ContainerID: uid, HostID: 0, Size: 1, }, }, GidMappings: []syscall.SysProcIDMap{ { ContainerID: gid, HostID: 0, Size: 1, }, }, 后报错fork/exec /bin/sh: no such file or directory

xueliang123 avatar Nov 27 '19 06:11 xueliang123

我是在Ubuntu 20.04环境:

root@jasonkayPC:/home/jasonkay/workspace/my_docker# uname -a
Linux jasonkayPC 5.4.0-58-generic #64-Ubuntu SMP Wed Dec 9 08:16:25 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux

下面的代码是没问题的:

package main

import (
	"log"
	"os"
	"os/exec"
	"syscall"
)

func main() {
	cmd := exec.Command("sh")
	cmd.SysProcAttr = &syscall.SysProcAttr{
		Cloneflags: syscall.CLONE_NEWUTS | syscall.CLONE_NEWIPC |
			syscall.CLONE_NEWPID | syscall.CLONE_NEWNS | syscall.CLONE_NEWUSER,
		/*
			以下两种情况,会导致UidMappings/GidMappings中设置了非当前进程所属UID和GID的相关数值:
			1. HostID非本进程所有(与Getuid()和Getgid()不等)
			2. Size大于1 (则肯定包含非当前进程的UID和GID)
			则需要Host机使用Root权限才能正常执行此段代码。

			Issue #3 error about User Namespace:

				https://github.com/xianlubird/mydocker/issues/3
		*/
		UidMappings: []syscall.SysProcIDMap{
			{
				ContainerID: 1,
				HostID:      syscall.Getuid(),
				Size:        1,
			},
		},
		GidMappings: []syscall.SysProcIDMap{
			{
				ContainerID: 1,
				HostID:      syscall.Getgid(),
				Size:        1,
			},
		},
	}

	cmd.Stdin = os.Stdin
	cmd.Stdout = os.Stdout
	cmd.Stderr = os.Stderr

	if err := cmd.Run(); err != nil {
		log.Fatal(err)
	}

	os.Exit(-1)
}

代码来自于#3 error about User Namespace

JasonkayZK avatar Mar 15 '21 11:03 JasonkayZK

root@container:/home/ubuntu/projects/go_learning/go_namespace2# uname -a Linux container 4.15.0-142-generic #146-Ubuntu SMP Tue Apr 13 01:11:19 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux

同样的错误: root@container:/home/ubuntu/projects/go_learning/go_namespace2# go run main3.go 2022/09/20 00:02:18 fork/exec /bin/sh: no such file or directory exit status 1

zzsoszz avatar Sep 19 '22 16:09 zzsoszz