From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 6AF131396D9 for ; Tue, 24 Oct 2017 19:32:39 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 55C6E2BC062; Tue, 24 Oct 2017 19:32:32 +0000 (UTC) Received: from smtp102-3.vfemail.net (onethreethree.vfemail.net [199.16.11.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 05E7C2BC004 for ; Tue, 24 Oct 2017 19:32:31 +0000 (UTC) Received: (qmail 15605 invoked by uid 89); 24 Oct 2017 19:32:31 -0000 Received: by simscan 1.4.0 ppid: 15588, pid: 15601, t: 0.3124s scanners:none Received: from unknown (HELO bXlzZWw=) (aHNAdmZlbWFpbC5uZXQ=@ODcuMjQ0LjIzMy4xNTM=) by 172.16.100.62 with ESMTPA; 24 Oct 2017 19:32:30 -0000 X-Received: id 2487840055 for ; Tue, 24 Oct 2017 21:32:28 +0200 (CEST) Date: Tue, 24 Oct 2017 21:32:26 +0200 From: =?UTF-8?B?UsOzYmVydCDEjGVyxYhhbnNrw70=?= To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] [OT] Being Facebook member: How to anon? Message-ID: <20171024213226.18e3de30.openhs@tightmail.com> In-Reply-To: <82708a4d-8062-bf47-7aa5-25dcf35db929@bonedaddy.net> References: <20171022085001.35mnpmv3e75dpxlz@solfire> <67FE85B8-5651-4A27-89E8-CBAC1C9CA4FD@stellar.eclipse.co.uk> <20171023155640.wx3o4ja2wd3z5cdj@solfire> <20171023213303.3dc5c397.openhs@tightmail.com> <20171024000458.clwnfu7lthoucuvx@solfire> <20171024001211.vay3qgtdo2sc6twx@solfire> <20171024015854.h3hahiv4lnou6p6h@solfire> <20171024024654.omryprp5anqbi6y5@solfire> <82708a4d-8062-bf47-7aa5-25dcf35db929@bonedaddy.net> User-Agent: Claws Mail Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Archives-Salt: a21e95d2-ba31-474e-9256-79869f3281ec X-Archives-Hash: 20d8fe91adc9eea34f437b573ac9dab2 On Tue, 24 Oct 2017 07:35:35 -0400 Todd Goodman wrote: > On 10/23/2017 10:46 PM, tuxic@posteo.de wrote: > > =20 > >>>> Hi Robert, > >>>> > >>>> oh YEAH! > >>>> Thanks a lot for that quick start! > >>>> > >>>> I didi it, but... =20 > >>>> #>eix -I docker =20 > >>>> [I] app-emulation/docker > >>>> Available versions: 17.03.2^si (~)17.06.2^si (~)17.09.0^si > >>>> **9999^si {apparmor aufs btrfs +container-init +device-mapper > >>>> hardened overlay pkcs11 seccomp} Installed versions: > >>>> 17.09.0^si(05:48:14 PM 10/23/2017)(container-init device-mapper > >>>> seccomp -apparmor -aufs -btrfs -hardened -overlay -pkcs11) > >>>> Homepage: https://dockerproject.org > >>>> Description: The core functions you need to create > >>>> Docker images and run Docker containers > >>>> > >>>> [I] app-emulation/docker-proxy > >>>> Available versions: 0.8.0_p20161111 (~)0.8.0_p20170917^t > >>>> **9999 Installed versions: 0.8.0_p20170917^t(05:46:10 PM > >>>> 10/23/2017) Homepage: > >>>> https://github.com/docker/libnetwork Description: Docker > >>>> container networking > >>>> > >>>> [I] app-emulation/docker-runc > >>>> Available versions: 1.0.0_rc2_p20170308^t > >>>> (~)1.0.0_rc3_p20170706^t (~)1.0.0_rc4_p20170917^t {+ambient > >>>> apparmor hardened +seccomp} Installed versions: > >>>> 1.0.0_rc4_p20170917^t(05:46:07 PM 10/23/2017)(ambient seccomp > >>>> -apparmor -hardened) Homepage: http://runc.io > >>>> Description: runc container cli tools (docker fork) > >>>> > >>>> =20 > >>>> #>groups =20 > >>>> wheel mail uucp audio cdrom video games cdrw usb users docker > >>>> wireshark vboxusers vlock realtime ^----^ > >>>> > >>>> (as root) =20 > >>>> #>/etc/init.d/docker start =20 > >>>> * WARNING: docker has already been started > >>>> (so it is runnig) > >>>> > >>>> (as user again) =20 > >>>> #>docker run --name firefox -e DISPLAY=3D$DISPLAY > >>>> --device /dev/snd -v /tmp/.X11-unix:/tmp/.X11-unix -v > >>>> $XAUTHORITY:/tmp/.host_Xauthority:ro -dti openhs/firefox-ubuntu > >>>> docker: Cannot connect to the Docker daemon at > >>>> unix:///var/run/docker.sock. Is the docker daemon running?. See > >>>> 'docker run --help'. [1] 10401 exit 125 docker run --name > >>>> firefox -e DISPLAY=3D$DISPLAY --device /dev/snd -v -v -dti=20 > >>>> > >>>> Hmmmm...seems I missed something... > >>>> > >>>> Cheers > >>>> Meino > >>>> > >>>> > >>>> > >>>> =20 > >>> Found this in dmesg > >>> > >>> [ 1587.391861] device-mapper: table: 254:0: thin-pool: unknown > >>> target type [ 1587.391863] device-mapper: ioctl: error adding > >>> target to table > >>> > >>> these two lines are added when I try to start /etc/ini.d/docker > >>> as root. > >>> > >>> Cheers > >>> Meino > >>> > >>> > >>> =20 > >> I could this problem by defining=20 > >> > >> CONFIG_DM_THIN_PROVISIONING=3Dy > >> > >> in the kernel, recompile it and the message disappears. > >> BUT: > >> still docker does not start... > >> > >> How can I fix that? > >> > >> Cheers > >> Meino > >> > >> =20 > > Next fix: > > Need to activate the complete cgroup features. > > > > Now I get this error message in /var/log/docker.log > > > > time=3D"2017-10-24T04:42:39.358339658+02:00" level=3Dinfo msg=3D"Loading > > containers: start." time=3D"2017-10-24T04:42:39.869600530+02:00" > > level=3Derror msg=3D"could not get initial namespace: no such file or > > directory" time=3D"2017-10-24T04:42:39.884438663+02:00" level=3Derror > > msg=3D"failed to set to initial namespace, > > readlink /proc/4588/task/4588/ns/net: no such file or directory, > > initns fd -1: bad file descriptor" > > time=3D"2017-10-24T04:42:39.885161875+02:00" level=3Dinfo msg=3D"Default > > bridge (docker0) is assigned with an IP address 172.17.0.0/16. > > Daemon option --bip can be used to set a preferred IP address" > > time=3D"2017-10-24T04:42:39.885339857+02:00" level=3Derror msg=3D"failed > > to set to initial namespace, readlink /proc/4588/task/4588/ns/net: > > no such file or directory, initns fd -1: bad file descriptor" Error > > starting daemon: Error initializing network controller: Error > > creating default "bridge" network: Failed to program NAT chain: > > Failed to inject DOCKER in PREROUTING chain: iptables failed: > > iptables --wait -t nat -A PREROUTING -m addrtype --dst-type LOCAL > > -j DOCKER: iptables: No chain/target/match by that name. > > > > ...and now I really did not know how to hack further... > > > > Any help is very appreciated... > > > > Cheers > > Meino > > =20 >=20 > You might need CONFIG_NF_NAT_IPV4 configured in your kernel to get the > NAT table for iptables (-t nat) The emerge should print/log which kernel options you do not have and should have enabled if I am not mistaken. Docker uses some advanced kernel features. I forgot to mention to check the kernel config in my quick start, sorry. Robert --=20 R=C3=B3bert =C4=8Cer=C5=88ansk=C3=BD E-mail: openhs@tightmail.com Jabber: hs@jabber.sk