[systemd-devel] Removing image from /var/lib/machines

Lennart Poettering lennart at poettering.net
Thu Feb 19 06:19:54 PST 2015 

On Thu, 19.02.15 14:58, Peter Paule (systemd-devel at fedux.org) wrote:

> Hi Lennart,
> 
> I reformatted my partition and tried again. :-) Importing now works, if I
> disabled the
> verification.
> 
>   Feb 19 :52 host systemd-importd[483]: (transfer1) Pulling 'https://cloud-images.ubuntu.com/trusty/current/trusty-server-cloudimg-amd64-root.tar.gz',
> saving as 'tr
>   Feb 19 :53 host systemd-importd[483]: (transfer1) Downloading 177.7M for https://cloud-images.ubuntu.com/trusty/current/trusty-server-cloudimg-amd64-root.tar.gz.
>   Feb 19 :53 host systemd-importd[483]: (transfer1) Got 1% of https://cloud-images.ubuntu.com/trusty/current/trusty-server-cloudimg-amd64-root.tar.gz.
>   [...]
>   Feb 19 :13 host systemd-importd[483]: (transfer1) Got 97% of https://cloud-images.ubuntu.com/trusty/current/trusty-server-cloudimg-amd64-root.tar.gz.
> 631ms left a
>   Feb 19 :13 host systemd-importd[483]: (transfer1) Download of https://cloud-images.ubuntu.com/trusty/current/trusty-server-cloudimg-amd64-root.tar.gz
> complete.
>   Feb 19 :14 host systemd-importd[483]: (transfer1) Created new local image
> 'trusty-server-cloudimg-amd64-root'.
>   Feb 19 :14 host systemd-importd[483]: (transfer1) Operation completed
> successfully.
>   Feb 19 :14 host systemd-importd[483]: (transfer1) Exiting.
> 
> With the verification enabled, I still get the following error. Is this a
> problem of my setup or a systemd-problem?
> 
>   Feb 19 :19 host systemd-importd[454]: (transfer1) SHA256 checksum of https://cloud-images.ubuntu.com/trusty/current/trusty-server-cloudimg-amd64-root.tar.gz
> is va
>   Feb 19 :19 host systemd-importd[454]: (transfer1) gpg: Signature made Thu
> 19 Feb 2015 08:09:48 AM UTC using RSA key ID 7DB87C81
>   Feb 19 :19 host systemd-importd[454]: (transfer1) gpg: can't access
> '/root/.gnupg/trustdb.gpg': Permission denied
>   Feb 19 :19 host systemd-importd[454]: (transfer1) gpg: Fatal: can't init
> trustdb: Trust DB error
>   Feb 19 :19 host systemd-importd[454]: (transfer1) gpg failed with error
> code 2.
>   Feb 19 :19 host systemd-importd[454]: (transfer1) Signature verification
> failed.

Hmm, this is really weird, we actually turn off the trustdb stuff
explicitly, via --no-auto-check-trustdb --trust-model=always. I don't
quite understand why this works fine here, but doesn't for you. Which
distro is this? Maybe the gpg versions differ?

>   # machinectl list-images
>   NAME                              TYPE      RO  USAGE  CREATED
> MODIFIED
>   trusty-server-cloudimg-amd64-root subvolume no  342.1M Thu 2015-02-19 :55
> UTC n/a
> 
> It fails with "Access Denied".

Hmm, it would be good to know if this is a dbus policy error or an
error in disk. If you strace machined, do you see an EPERM/EACCESS
thrown there when you do this operation?

> 
>   # machinectl remove trusty-server-cloudimg-amd64-root
>   Could not remove image: Access denied
> 
> What works is to delete the sub-volumes with `btrfs`:
> 
>   btrfs subvolume delete /var/lib/machines/middleman-presentation/ -c
> 
> I'm new to btrfs. Anything I did wrong?

Nope. We do the equivalent of "btrfs subvolume delete" in machiend.

> On log message comes up when issuing the command
> 
>   Feb 19 :35 host kernel: BTRFS: could not find root 8
> 
> I fixed this by enabling quotas, but the error message mentioned above still
> occures. Maybe the quota stuff should be mentioned in the readme?

Quota is optional, it just gives you quota display.

> Running them looks good! Maybe you want to add a warning, that CMD and
> ENTRYPOINT from Dockerfile are ignored. At least it looks like that.

Yes, we need to convert that and intrdouce some scheme how this can be
nicely configured next to the container tree itself.

Lennart

-- 
Lennart Poettering, Red Hat

More information about the systemd-devel mailing list