public inbox for pve-devel@lists.proxmox.com
 help / color / mirror / Atom feed
From: Orwa D via pve-devel <pve-devel@lists.proxmox.com>
To: pve-devel@lists.proxmox.com
Cc: Orwa D <orwa.diraneyya@gmail.com>
Subject: [pve-devel] Bugfix: LXC root filesystem tar extraction (bug in the exclude pattern)
Date: Sat, 4 Jan 2025 04:07:23 +0100	[thread overview]
Message-ID: <mailman.74.1735960093.441.pve-devel@lists.proxmox.com> (raw)

[-- Attachment #1: Type: message/rfc822, Size: 8535 bytes --]

From: Orwa D <orwa.diraneyya@gmail.com>
To: pve-devel@lists.proxmox.com
Subject: Bugfix: LXC root filesystem tar extraction (bug in the exclude pattern)
Date: Sat, 4 Jan 2025 04:07:23 +0100
Message-ID: <CAP8PTXROjrL-J3eRV5_HXPV1oku9xD_YVwMRcJ0OUAw=M0xw8w@mail.gmail.com>

*TL;DR *
*The tar extraction exclude pattern for LXC containers in the source file *
*/usr/share/perl5/PVE/LXC/**Create.pm* *must be changed from './dev/*' to
'dev/*'*

*Steps to reproduce error due to current bug:*
1. Grab any of the root filesystem cloud images from
https://cloud-images.ubuntu.com/
2. Using Proxmox VE web interface, download one of the tar balls using
the *Download
from URL* UI function
3. Try to create a CT (i.e. LXC container) from the tar-ball template (e.g.
https://cloud-images.ubuntu.com/jammy/current/jammy-server-cloudimg-amd64-root.tar.xz
)

*Typical failure message during container creation:*
Task viewer: CT 115 - Create
OutputStatus
Stop
Download
Logical volume "vm-115-disk-0" created.
Creating filesystem with 2097152 4k blocks and 524288 inodes
Filesystem UUID: 5d302f80-bded-46b6-a991-00cafe8a6257
Superblock backups stored on blocks:
32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632
extracting archive
'/mnt/pve/folder2TB/template/cache/jammy-server-cloudimg-amd64-root.tar.xz'
tar: dev/console: Cannot mknod: Operation not permitted
tar: dev/full: Cannot mknod: Operation not permitted
tar: dev/null: Cannot mknod: Operation not permitted
tar: dev/ptmx: Cannot mknod: Operation not permitted
tar: dev/random: Cannot mknod: Operation not permitted
tar: dev/tty: Cannot mknod: Operation not permitted
tar: dev/urandom: Cannot mknod: Operation not permitted
tar: dev/zero: Cannot mknod: Operation not permitted
Total bytes read: 1140961280 (1.1GiB, 45MiB/s)
tar: Exiting with failure status due to previous errors
Logical volume "vm-115-disk-0" successfully removed.
TASK ERROR: unable to create CT 115 - command 'lxc-usernsexec -m
u:0:100000:65536 -m g:0:100000:65536 -- tar xpf - -J --totals
--one-file-system -p --sparse --numeric-owner --acls --xattrs
'--xattrs-include=user.*' '--xattrs-include=security.capability'
'--warning=no-file-ignored' '--warning=no-xattr-write' -C
/var/lib/lxc/115/rootfs --skip-old-files --anchored --exclude './dev/*''
failed: exit code 2

*Proposed fix/solution:*
Change the exclude pattern in the tar extraction line above from './dev/*'
to 'dev/*'

This exclude pattern can be currently found in two locations:
  - /usr/share/perl5/PVE/LXC/Create.pm
  - /usr/share/lxc/templates/lxc-local (shell script)

*Success container creation message (after the fix):*
Task viewer: CT 116 - Create
OutputStatus
Stop
Download
Logical volume "vm-116-disk-0" created.
Creating filesystem with 2097152 4k blocks and 524288 inodes
Filesystem UUID: 35681b1e-4220-4d2a-9e1a-f2e17fc16806
Superblock backups stored on blocks:
32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632
extracting archive
'/var/lib/vz/template/cache/jammy-server-cloudimg-amd64-root.tar.xz'
(extraction command is 'ARRAY(0x64ac4ede7218)')
Total bytes read: 1140961280 (1.1GiB, 51MiB/s)
Detected container architecture: amd64
Creating SSH host key 'ssh_host_dsa_key' - this may take some time ...
done: SHA256:ft9IuYd6J/OiZVN2acYNe20dBADc7nS9kZS4ihD1iDA root@test
Creating SSH host key 'ssh_host_rsa_key' - this may take some time ...
done: SHA256:Nz+J528gr0ZPQARwvHx6lZgo1hElMxOfuzmFbub3inM root@test
Creating SSH host key 'ssh_host_ecdsa_key' - this may take some time ...
done: SHA256:YRUD2eS1M65WHe4+808sopNtOwGthDM9Qg96O5ljxqw root@test
Creating SSH host key 'ssh_host_ed25519_key' - this may take some time ...
done: SHA256:nLDsxaLs4/VoUjpo7MLlPhKLsssLAlNkV8nOhOUP1nk root@test
TASK OK

Prior to the fix, people were repackaging the root filesystem tarballs
found on the internet to exclude the `dev` folder, as evident here:
https://discuss.linuxcontainers.org/t/simple-script-to-convert-any-gnu-linux-machine-into-a-proxmox-lxc-container/10339
and here https://github.com/my5t3ry/machine-to-proxmox-lxc-ct-converter
which would be unnecessary after this fix.

Regards,
Orwa.



ReplyForward
Add reaction

[-- Attachment #2: Type: text/plain, Size: 160 bytes --]

_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel

                 reply	other threads:[~2025-01-04  3:08 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=mailman.74.1735960093.441.pve-devel@lists.proxmox.com \
    --to=pve-devel@lists.proxmox.com \
    --cc=orwa.diraneyya@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal