[systemd-devel] machinectl pull image error
Lennart Poettering
lennart at poettering.net
Fri Aug 19 13:15:43 UTC 2016
On Tue, 02.08.16 18:06, Maxim Lacrima (lacrima.maxim at gmail.com) wrote:
> Hi!
>
> I am just trying to use machinectl. Here is a command I execute:
>
> maxim at maxim ~ % sudo machinectl --verify=no pull-raw
> https://dl.fedoraproject.org/pub/fedora/linux/releases/23/Cloud/x86_64/Images/Fedora-Cloud-Atomic-23-20151030.x86_64.raw.xz
> Failed to transfer image: Message recipient disconnected from message bus
> without replying
>
> And corresponding entries in journal:
>
> Aug 02 17:53:25 maxim sudo[9365]: maxim : TTY=pts/1 ; PWD=/home/maxim ;
> USER=root ; COMMAND=/usr/bin/machinectl --verify=no pull-raw
> https://dl.fedoraproject.org/pub/fedora/linux/releases/23/Cloud/x86_64/Images/Fedora-Cloud-Atomic-23-20151030.x86_64.raw.xz
> Aug 02 17:53:25 maxim sudo[9365]: pam_unix(sudo:session): session opened
> for user root by (uid=0)
> Aug 02 17:53:25 maxim dbus[373]: [system] Activating via systemd: service
> name='org.freedesktop.import1' unit='dbus-org.freedesktop.import1.service'
> Aug 02 17:53:25 maxim systemd[1]: Starting Virtual Machine and Container
> Download Service...
> Aug 02 17:53:25 maxim dbus[373]: [system] Successfully activated service
> 'org.freedesktop.import1'
> Aug 02 17:53:25 maxim systemd[1]: Started Virtual Machine and Container
> Download Service.
> Aug 02 17:53:25 maxim systemd[1]: systemd-importd.service: Main process
> exited, code=killed, status=31/SYS
importd aborted by SIGSYS. this is almost definitely caused by the
seccomp policy we enable these days for all our services, and it is
apparently too strict for importd, which results in SIGSYS as soon as
importd invokes some system call that isn't whitelisted.
THis is a bug in systemd, and I have now filed an issue about this and
made it a blocker for the next release:
https://github.com/systemd/systemd/issues/3996
Lennart
--
Lennart Poettering, Red Hat
More information about the systemd-devel
mailing list