GuySoft's questions

I am trying to build a distro for RaspberryPi which ships with an aarch64 chroot running docker.

For this to work, I need docker to run within a chroot. I am basing of rasbian, which is distributed only in arm32v7.

I have gotten as far as starting dockerd in the chroot using this command:

#!/usr/bin/env bash
/usr/bin/cgroupfs-mount
/usr/bin/dockerd -H unix://

However, when I try and bring up a container I get:

docker run hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
256ab8fe8778: Pull complete 
Digest: sha256:d1668a9a1f5b42ed3f46b70b9cb7c88fd8bdc8a2d73509bb0041cf436018fbf5
Status: Downloaded newer image for hello-world:latest
docker: Error response from daemon: OCI runtime create failed: container_linux.go:346: starting container process caused "process_linux.go:449: container init caused \"rootfs_linux.go:109: jailing process inside rootfs caused \\\"pivot_root invalid argument\\\"\"": unknown.
ERRO[0005] error waiting for container: context canceled 

This happens with any container.

Docker service is up, docker build gives similar issues;

Running in 74fe7f0514d0
OCI runtime create failed: container_linux.go:346: starting container process caused "process_linux.go:449: container init caused \"rootfs_linux.go:109: jailing process inside rootfs caused \\\"pivot_root invalid argument\\\"\"": unknown

I assume this is happening because I am in a chroot. I have the following mount bindings:

# fstab: static file system information for chroots.
# Note that the mount point will be prefixed by the chroot path
# (CHROOT_PATH)
#
# <file system> <mount point>   <type>  <options>       <dump>  <pass>
/proc           /proc           none    rw,bind         0       0
/sys            /sys            none    rw,bind         0       0
/dev            /dev            none    rw,bind         0       0
/dev/pts        /dev/pts        none    rw,bind         0       0
/home           /home           none    rw,bind         0       0
/tmp            /tmp            none    rw,bind         0       0

# It may be desirable to have access to /run, especially if you wish
# to run additional services in the chroot.  However, note that this
# may potentially cause undesirable behaviour on upgrades, such as
# killing services on the host.
/run           /run            none    rw,bind         0       0
/run/lock      /run/lock       none    rw,bind         0       0
/dev/shm       /dev/shm        none    rw,bind         0       0
/run/shm       /run/shm        none    rw,bind         0       0

The sources of what I am writing are also available here: https://github.com/guysoft/Raspbian64

Thanks,

I have a script that runs mariadb in a chroot, its a qemu-arm-static rasoberrypi chroot but I don't that that should change much.

The script installs and then sets the password for mariadb root user, then tries to create a database as user 'pi' using the set password.

Here is the script:

apt-get install -y mariadb-server
mysqld_safe &
echo "waiting for sql server to go online"
sleep 10

mysql -u root <<-EOF
UPDATE mysql.user SET Password=PASSWORD('root') WEHRE User='root';
DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');
DELETE FROM mysql.user WHERE User='';
DELETE FROM mysql.db WHERE Db='test' OR Db='test_%';
FLUSH PRIVILEGES;
EOF

mysql --user=root -e "select user, host, password, plugin, authentication_string from mysql.user where user='root';"
mysql --user=root -e "show grants for 'root'@'localhost';"

mysqladmin shutdown
sleep 10
mysqld_safe &
echo "waiting for sql server to go online"
sleep 10
su pi -c 'mysql --user=root --password=root -e "CREATE DATABASE dbname;"'
mysqladmin shutdown

Here is the output:

update-alternatives: using /usr/bin/xterm to provide /usr/bin/x-terminal-emulator (x-terminal-emulator) in auto mode
update-alternatives: using /usr/bin/lxterm to provide /usr/bin/x-terminal-emulator (x-terminal-emulator) in auto mode
Processing triggers for libc-bin (2.24-11+deb9u3) ...
Processing triggers for systemd (232-25+deb9u2) ...
W: chown to _apt:root of directory /var/cache/apt/archives/partial failed - SetupAPTPartialDirectory (1: Operation not permitted)
W: Not using locking for nfs mounted lock file /var/cache/apt/archives/lock
+ echo 'waiting for sql server to go online'
waiting for sql server to go online
+ sleep 10
+ mysqld_safe
180628 08:27:53 mysqld_safe Logging to syslog.
180628 08:27:54 mysqld_safe Starting mysqld daemon with databases from /var/lib/mysql
+ mysql -u root
+ mysql --user=root -e 'select user, host, password, plugin, authentication_string from mysql.user where user='\''root'\'';'
user    host    password        plugin  authentication_string
root    localhost       *81F5E21E35407D884A6CD4A731AEBFB6AF209E1B       unix_socket
+ mysql --user=root -e 'show grants for '\''root'\''@'\''localhost'\'';'
Grants for root@localhost
GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' IDENTIFIED VIA unix_socket WITH GRANT OPTION
GRANT PROXY ON ''@'%' TO 'root'@'localhost' WITH GRANT OPTION
+ mysqladmin shutdown
+ sleep 10
+ echo 'waiting for sql server to go online'
waiting for sql server to go online
+ sleep 10
+ mysqld_safe
180628 08:28:18 mysqld_safe Logging to syslog.
180628 08:28:18 mysqld_safe Starting mysqld daemon with databases from /var/lib/mysql
+ su pi -c 'mysql --user=root --password=root -e "CREATE DATABASE dbname;"'
ERROR 1698 (28000): Access denied for user 'root'@'localhost'

Running mysql as root always works and does not ask for password.

I can see that the password hash changes if I change the password from 'root' to something else, but I still get "access denied", is there anything else that needs to be done so root can login?

I have a ssh private key in a key.json file, and I want to use this credential to access a storage bucket using gsutil.

I can't seem to find anything about how to include json keys as a authentication method, only "private" and "secret" fields.

The file structure is:

{
  "private_key_id":
  "private_key": "-----BEGIN PRIVATE KEY-- ...
   "client_email":
   "client_id":
  "type": "service_account"
}

How do I use gsutil with that file?

I have a software raid1 array. Today I found one of the drives failed to sync, and I got this:

 $ cat /proc/mdstat 
Personalities : [raid1] 

md0 : active raid1 sdb1[0] sda1[2](F)
      153597312 blocks [2/1] [U_]

So I did:

  mdadm --manage /dev/md0 --remove /dev/sda1
  mdadm --manage /dev/md0 --add /dev/sda1

The devices syned about 25% of the way AFAIK, and then I ended up with mdadm calming the drive that was ok has now failed:

# cat /proc/mdstat 
Personalities : [raid1] 

md0 : active raid1 sda1[1] sdb1[2](F)
      153597312 blocks [2/1] [_U]

I am scared now to reattach and cause data loss.

1. What is going on?
2. Is there a way to test the array data is ok?
3. What should I do now?

Thanks, Guy