Hello everyone,
I’m facing an unusual issue. I recently moved my Yunohost into an LXC container (where the create/restore backup commands worked like a charm, BTW) and I now get an error “Service redis-server is failed” in the diagnosis.
I observe the error when I try to:
yunohost service restart redis-server
I get:
redis-server[xxx]: *** FATAL CONFIG FILE ERROR ***
redis-server[xxx]: Reading the configuration file, at line 171
redis-server[xxx]: >>> 'logfile /var/log/redis/redis-server.log'
redis-server[xxx]: Can't open the log file: Read-only file system
I believe my problem is not related to Yunohost but to my configuration of the container. I just hope someone here has been crazy enough to also install its Yunohost into a container and has encountered the same problem. If so, some help would be appreciated…
Thank you!
(Because I cannot install nextcloud as it must interact with redis-server.)
alb
Ps: maybe some useful informations as follows.
In the container:
# sed -n '171p' /etc/redis/redis.conf
logfile /var/log/redis/redis-server.log
# ls -l /var/log/ | grep redis
drwxr-s--- 2 redis adm 4096 Sep 18 11:50 redis
# grep ReadWriteDirectories /etc/systemd/system/redis.service
ReadWriteDirectories=-/var/lib/redis
ReadWriteDirectories=-/var/log/redis
ReadWriteDirectories=-/var/run/redis
ReadWriteDirectories=-/etc/redis
# mount | grep 'ro,'
proc on /proc/sys type proc (ro,nosuid,nodev,noexec,relatime)
proc on /proc/sysrq-trigger type proc (ro,nosuid,nodev,noexec,relatime)
sysfs on /sys type sysfs (ro,nosuid,nodev,noexec,relatime)
none on /proc/sys/kernel/random/boot_id type tmpfs (ro,nosuid,nodev,noexec,relatime,size=492k,mode=755)
# yunohost --version
yunohost:
repo: stable
version: 4.2.8.3
yunohost-admin:
repo: stable
version: 4.2.5
moulinette:
repo: stable
version: 4.2.4
ssowat:
repo: stable
version: 4.2.4
In the host:
$ uname -srvmo
Linux 5.10.0-8-amd64 #1 SMP Debian 5.10.46-4 (2021-08-03) x86_64 GNU/Linux
$ man lxc | grep Version
Version 4.0.6 2021-06-11 lxc(7)
Note, here I removed the ip addresses:
$ cat /var/lib/lxc/yunohost/config
lxc.start.auto = 0
# Distribution configuration
lxc.include = /usr/share/lxc/config/common.conf
lxc.arch = linux64
# Container specific configuration
lxc.apparmor.profile = generated
lxc.apparmor.allow_nesting = 1
lxc.rootfs.path = dir:/var/lib/lxc/yunohost/rootfs
lxc.uts.name = yunohost
# Network configuration
lxc.net.0.type = veth
lxc.net.0.link = br0
lxc.net.0.flags = up
lxc.net.0.hwaddr = ca:fe:ba:be:00:02
# ipv4:
lxc.net.0.ipv4.address = IPV4_PREFIX.2
lxc.net.0.ipv4.gateway = IPV4_PREFIX.1
# ipv6:
lxc.net.0.ipv6.address = IPV6_PREFIX::2
lxc.net.0.ipv6.gateway = IPV6_PREFIX::1
EDIT:
Hello everyone,
I came up with a dirty fix for this issue. I explain it here but I am pretty sure that this is not the appropriate solution.
If anyone has a better fix, I would be happy to know about it.
In the container:
I edited the following systemd configuration file for redis, and commented the line containing ReadOnlyDirectories=/.
vim /lib/systemd/system/redis-server.service
# comment the line "ReadOnlyDirectories=/"
Then I reloaded the deamon for systemd so that the changes are taken into account, and I restarted the service.
sudo systemctl daemon-reload
sudo systemctl restart redis-server.service
On the one hand, this allowed service redis-server to run and nextcloud to be installed properly.
On the other hand, well…
-
This may cause problems as it feels like
redis-servercan now write at locations it is not supposed to. Also this may cause security issues (that I am not aware of) if someone can useredis-serverto write at these locations. -
It feels like an upgrade of
yunohostmight overwrite file/lib/systemd/system/redis-server.serviceand the problem might appear again.
Conclusion:
If you have a better fix for this, feel free to share it with me and I will update this (closed) post again. In the meantime, I solved the issue, but I probably caused other problems.
alb