[systemd-devel] systemd-nspawn: Failed at step SETSCHEDULER spawning /opt/freeswitch/bin/freeswitch: Operation not permitted

Nuno Reis nreis at wavecom.pt
Thu May 28 23:31:59 UTC 2020 

Hi guys.

I'm new to this mailling list so I hope this is a good place to ask this
type of stuff.

I'm trying to have a nspawn container to run freeswitch with some realtime
settings set at service level and I'm facing some permission issues as I
explain bellow. When trying to search for related issues I've found this one
<https://github.com/systemd/systemd/issues/15754> very similar to what I
see.

Here's What I have and what I was able to troubleshoot until now:

> I'm facing this  issue on Fedora 32.
> I'm also trying to boot freeswitch service on a nspawn container (CentOS
> 7) with the following settings, see bellow:
>
> [Service]
> Type=forking
> EnvironmentFile=/etc/sysconfig/freeswitch
> PIDFile=/var/run/freeswitch/freeswitch.pid
> ExecStart=/opt/freeswitch/bin/freeswitch -ncwait -nonat -nonatmap -rp
> WorkingDirectory=/var/run/freeswitch
> User=freeswitch
> Group=freeswitch
> PermissionsStartOnly=true
> TimeoutSec=45s
> Restart=always
> LimitCORE=infinity
> LimitNOFILE=100000
> LimitNPROC=60000
> #LimitSTACK=240
> LimitRTPRIO=infinity
> LimitRTTIME=7000000*IOSchedulingClass=realtime
> IOSchedulingPriority=2
> CPUSchedulingPolicy=rr
> CPUSchedulingPriority=89*
> UMask=0007
>
> The only way to make freeswitch run is by removing the IOScheduling and
> CPUScheduling options.
> If they are set freeswitch won't start giving:
>
> Failed at step SETSCHEDULER spawning /opt/freeswitch/bin/freeswitch:
> Operation not permitted
> and/or
> Failed at step IOPRIO spawning /opt/freeswitch/bin/freeswitch: Operation
> not permitted
>
> I've noticed that if I give the same CPUScheduling options to the
> 'systemd-nspawn@<MACHINE_NAME>'.service service on the Fedora 32 hosting
> system I don't have the following error anymore in the container:
> Failed at step SETSCHEDULER spawning /opt/freeswitch/bin/freeswitch:
> Operation not permitted
>
> The only error that remains is the:
>
> Failed at step IOPRIO spawning /opt/freeswitch/bin/freeswitch: Operation
> not permitted
>
What is the best way to have this options set the right way and make
everything work as expected inside the nspawn container?

Cheers,

--

*Nuno Miguel Reis* | *Unified Communication** Systems*
M. +351 913907481 | nreis at wavecom.pt
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/systemd-devel/attachments/20200529/2440032a/attachment.htm>

More information about the systemd-devel mailing list