Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Live-CD Build Error #65

Closed
stef204 opened this issue May 30, 2023 · 9 comments
Closed

Live-CD Build Error #65

stef204 opened this issue May 30, 2023 · 9 comments

Comments

@stef204
Copy link

stef204 commented May 30, 2023

From entrusted/ci_cd/live_cd, running the build.sh script gives this error:

Error: copying system image from manifest list: writing blob: adding layer with blob "sha256:xxxxxxxxxxxxxxa02d4eb6bb": processing tar file(potentially insufficient UIDs or GIDs available in user namespace (requested 0:42 for /etc/gshadow): Check /etc/subuid and /etc/subgid if configured locally and run "podman system migrate": lchown /etc/gshadow: invalid argument): exit status 1
+ retVal=125
+ '[' 125 '!=' 0 ']'
+ echo 'Could not build entrusted-cli and entrusted-webserver'
Could not build entrusted-cli and entrusted-webserver

Building from entrusted/ci_cd gives:

ERRO[0000] cannot find UID/GID for user $USER: no subuid ranges found for user $USER in /etc/subuid - check rootless mode in man pages. 
WARN[0000] Using rootless single mapping into the namespace. This might break some images. Check /etc/subuid and /etc/subgid for adding sub*ids if not using a network user 
Trying to pull docker.io/uycyjnzgntrn/rust-windows:1.67.0...
Getting image source signatures
Copying blob 7139ad4c9de2 done  
Error: writing blob: adding layer with blob "sha256:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxcf9702c6ae68b8c": processing tar file(potentially insufficient UIDs or GIDs available in user namespace (requested 0:42 for /etc/gshadow): Check /etc/subuid and /etc/subgid if configured locally and run "podman system migrate": lchown /etc/gshadow: invalid argument): exit status 1
WARN[0271] Failed to add pause process to systemd sandbox cgroup: Process org.freedesktop.systemd1 exited with status 1 
+ retVal=125
+ '[' 125 -ne 0 ']'
+ echo 'Failure to build Windows binaries'
Failure to build Windows binaries
+ exit 1
+ retVal=1
+ '[' 1 -ne 0 ']'
+ echo 'Windows build failure'
Windows build failure
+ exit 1

This is on branch main .
Linux x86_64

Any ideas how to debug?
@yveszoundi
Copy link
Member

yveszoundi commented May 30, 2023
edited
Loading

Recommendation

I suggest trying the following prior the build

echo entrusted:100000:65536 | sudo tee -a /etc/subuid
echo entrusted:100000:65536 | sudo tee -a /etc/subgid

Reason

The problem is likely that when users are added to the system, some UIDs are not registered to /etc/subuid and /etc/subgid. On some Linux distributions, I believe that the above is done sometimes automatically when adding new users to the systems (some versions of Ubuntu at least and few other distributions, if I recall correctly).

Notes

I only ever build the Live CD on Ubuntu 22.04. I've tested builds under other distributions, but that was a while ago and there were probably few local configuration differences.
It's possible that I followed the recommended solution myself a while ago and forgot to add it in build scripts.

@stef204
Copy link
Author

stef204 commented May 30, 2023

Thanks for the quick turnaround on this issue.
You're correct, I found this and have applied the fix. Rebuilding now, let's see.

@stef204
Copy link
Author

stef204 commented May 30, 2023
edited
Loading

Do I need to actually create user AND group entrusted on my box? (in addition to applying the fix above, I mean.)

@stef204
Copy link
Author

stef204 commented May 30, 2023

Still showing this error when building from entrusted/ci_cd.

Getting image source signatures
Copying blob 7139ad4c9de2 done  
Error: writing blob: adding layer with blob "sha256:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx37a9c6bcf9702c6ae68b8c": processing tar file(potentially insufficient UIDs or GIDs available in user namespace (requested 0:42 for /etc/gshadow): Check /etc/subuid and /etc/subgid if configured locally and run "podman system migrate": lchown /etc/gshadow: invalid argument): exit status 1
+ retVal=125
+ '[' 125 -ne 0 ']'
+ echo 'Failure to build Windows binaries'
Failure to build Windows binaries
+ exit 1
+ retVal=1
+ '[' 1 -ne 0 ']'
+ echo 'Windows build failure'
Windows build failure
+ exit 1

Must be related to podman and its configuration on my box?

@yveszoundi
Copy link
Member

I occasionally had to run "podman system migrate" but that was when testing on Alpine. I suggest running manually podman system migrate and then restarting the build.

Also, which Linux distribution are you using?

I've built yesterday-today the Live CD and main binaries (Linux, Windows, Mac OS) from GitHub actions successfully -> Ubuntu Linux virtual machines with logic similar to the local build.

Build results from the develop branch (Live CD and other binaries)
gh-screenshot

@yveszoundi
Copy link
Member

yveszoundi commented May 30, 2023
edited
Loading

Please let me know if running podman system migrate helps.

I answered your more specific question in the other issue #67

@stef204
Copy link
Author

stef204 commented May 30, 2023
edited
Loading

Please let me know if running podman system migrate helps.

I've already run podman system migrate a few times, no changes.

Let's focus on #67 at the moment since that fails as well and it is more basic. We can come back to this issue here #65 once #67 is resolved perhaps.

@stef204
Copy link
Author

stef204 commented May 30, 2023

Also, which Linux distribution are you using?

Archlinux x86_64

@yveszoundi yveszoundi mentioned this issue Sep 30, 2023
Open
@yveszoundi
Copy link
Member

Closing this issue in favor of #79

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@yveszoundi @stef204