Re: [gentoo-user] [OT] Being Facebook member: How to anon?

public inbox for gentoo-user@lists.gentoo.org
 help / color / mirror / Atom feed

From: Todd Goodman <tsg@bonedaddy.net>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] [OT] Being Facebook member: How to anon?
Date: Tue, 24 Oct 2017 07:35:35 -0400	[thread overview]
Message-ID: <82708a4d-8062-bf47-7aa5-25dcf35db929@bonedaddy.net> (raw)
In-Reply-To: <20171024024654.omryprp5anqbi6y5@solfire>



On 10/23/2017 10:46 PM, tuxic@posteo.de wrote:
>
>>>> Hi Robert,
>>>>
>>>> oh YEAH!
>>>> Thanks a lot for that quick start!
>>>>
>>>> I didi it, but...
>>>> #>eix -I docker
>>>> [I] app-emulation/docker
>>>>      Available versions:  17.03.2^si (~)17.06.2^si (~)17.09.0^si **9999^si {apparmor aufs btrfs +container-init +device-mapper hardened overlay pkcs11 seccomp}
>>>>      Installed versions:  17.09.0^si(05:48:14 PM 10/23/2017)(container-init device-mapper seccomp -apparmor -aufs -btrfs -hardened -overlay -pkcs11)
>>>>      Homepage:            https://dockerproject.org
>>>>      Description:         The core functions you need to create Docker images and run Docker containers
>>>>
>>>> [I] app-emulation/docker-proxy
>>>>      Available versions:  0.8.0_p20161111 (~)0.8.0_p20170917^t **9999
>>>>      Installed versions:  0.8.0_p20170917^t(05:46:10 PM 10/23/2017)
>>>>      Homepage:            https://github.com/docker/libnetwork
>>>>      Description:         Docker container networking
>>>>
>>>> [I] app-emulation/docker-runc
>>>>      Available versions:  1.0.0_rc2_p20170308^t (~)1.0.0_rc3_p20170706^t (~)1.0.0_rc4_p20170917^t {+ambient apparmor hardened +seccomp}
>>>>      Installed versions:  1.0.0_rc4_p20170917^t(05:46:07 PM 10/23/2017)(ambient seccomp -apparmor -hardened)
>>>>      Homepage:            http://runc.io
>>>>      Description:         runc container cli tools (docker fork)
>>>>
>>>>
>>>> #>groups
>>>> wheel mail uucp audio cdrom video games cdrw usb users docker wireshark vboxusers vlock realtime
>>>>                                                        ^----^
>>>>
>>>> (as root)
>>>> #>/etc/init.d/docker start
>>>>  * WARNING: docker has already been started
>>>> (so it is runnig)
>>>>
>>>> (as user again)
>>>> #>docker run --name firefox -e DISPLAY=$DISPLAY --device /dev/snd -v /tmp/.X11-unix:/tmp/.X11-unix -v $XAUTHORITY:/tmp/.host_Xauthority:ro -dti openhs/firefox-ubuntu
>>>>                        
>>>> docker: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?.
>>>> See 'docker run --help'.
>>>> [1]    10401 exit 125   docker run --name firefox -e DISPLAY=$DISPLAY --device /dev/snd -v  -v  -dti 
>>>>
>>>> Hmmmm...seems I missed something...
>>>>
>>>> Cheers
>>>> Meino
>>>>
>>>>
>>>>
>>>>
>>> Found this in dmesg
>>>
>>> [ 1587.391861] device-mapper: table: 254:0: thin-pool: unknown target type
>>> [ 1587.391863] device-mapper: ioctl: error adding target to table
>>>
>>> these two lines are added when I try to start /etc/ini.d/docker as root.
>>>
>>> Cheers
>>> Meino
>>>
>>>
>>>
>> I could this problem by defining 
>>
>> CONFIG_DM_THIN_PROVISIONING=y
>>
>> in the kernel, recompile it and the message disappears.
>> BUT:
>> still docker does not start...
>>
>> How can I fix that?
>>
>> Cheers
>> Meino
>>
>>
> Next fix:
> Need to activate the complete cgroup features.
>
> Now I get this error message in /var/log/docker.log
>
> time="2017-10-24T04:42:39.358339658+02:00" level=info msg="Loading containers: start." 
> time="2017-10-24T04:42:39.869600530+02:00" level=error msg="could not get initial namespace: no such file or directory" 
> time="2017-10-24T04:42:39.884438663+02:00" level=error msg="failed to set to initial namespace, readlink /proc/4588/task/4588/ns/net: no such file or directory, initns fd -1: bad file descriptor" 
> time="2017-10-24T04:42:39.885161875+02:00" level=info msg="Default bridge (docker0) is assigned with an IP address 172.17.0.0/16. Daemon option --bip can be used to set a preferred IP address" 
> time="2017-10-24T04:42:39.885339857+02:00" level=error msg="failed to set to initial namespace, readlink /proc/4588/task/4588/ns/net: no such file or directory, initns fd -1: bad file descriptor" 
> Error starting daemon: Error initializing network controller: Error creating default "bridge" network: Failed to program NAT chain: Failed to inject DOCKER in PREROUTING chain: iptables failed: iptables --wait -t nat -A PREROUTING -m addrtype --dst-type LOCAL -j DOCKER: iptables: No chain/target/match by that name.
>
> ...and now I really did not know how to hack further...
>
> Any help is very appreciated...
>
> Cheers
> Meino
>

You might need CONFIG_NF_NAT_IPV4 configured in your kernel to get the
NAT table for iptables (-t nat)

Todd

next prev parent reply	other threads:[~2017-10-24 11:35 UTC|newest]

Thread overview: 27+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-10-22  8:50 [gentoo-user] [OT] Being Facebook member: How to anon? tuxic
2017-10-22 13:58 ` J. Roeleveld
2017-10-22 14:27   ` tuxic
2017-10-22 16:39     ` Alan McKinnon
2017-10-22 16:55       ` tuxic
2017-10-22 17:13         ` J. Roeleveld
2017-10-22 16:53     ` Dale
2017-10-22 17:12       ` J. Roeleveld
2017-10-23 17:21       ` Jeriko One
2017-10-23 17:44         ` tuxic
2017-10-23 14:01     ` Stroller
2017-10-23  8:11   ` Adam Carter
2017-10-23 11:11   ` Róbert Čerňanský
2017-10-23 13:56 ` Stroller
2017-10-23 14:46   ` Wols Lists
2017-10-23 15:56   ` tuxic
2017-10-23 16:45     ` Mick
2017-10-23 18:23       ` Nils Freydank
2017-10-23 19:33     ` Róbert Čerňanský
2017-10-24  0:04       ` tuxic
2017-10-24  0:12         ` tuxic
2017-10-24  1:58           ` tuxic
2017-10-24  2:46             ` tuxic
2017-10-24 11:35               ` Todd Goodman [this message]
2017-10-24 19:32                 ` Róbert Čerňanský
2017-10-24  2:57 ` Kent Fredric
2017-10-24  3:26   ` tuxic

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=82708a4d-8062-bf47-7aa5-25dcf35db929@bonedaddy.net \
    --to=tsg@bonedaddy.net \
    --cc=gentoo-user@lists.gentoo.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox