Systemd service using screen: 'No screen session found' - minecraft

I'm trying to setup a minecraft server for my kid and screen is giving me fits. I've been following this tutorial and I've already consulted this AskUbuntu answer. I'm running on Ubuntu 16.04.5 x64. I have created the following Service file and linked it to /etc/systemd/system/minecraft.service.
[Unit]
Description=Minecraft Server
Documentation=
Wants=network.target
After=network.target
[Service]
User=minecraft
Group=minecraft
Nice=5
EnvironmentFile=-/var/minecraft/unit.conf
KillMode=none
SuccessExitStatus=0 1
ProtectHome=true
ProtectSystem=full
PrivateDevices=true
NoNewPrivileges=true
PrivateTmp=true
InaccessibleDirectories=/root /sys /srv -/opt /media -/lost+found
ReadWriteDirectories=/var/minecraft/server /usr/bin/screen
WorkingDirectory=/var/minecraft/server
#ExecStartPre= /usr/bin/screen -dmS Minecraft
ExecStart= /usr/bin/screen -dm -S Minecraft '/usr/bin/java -Xmx1500M -Xms1024M -jar /var/minecraft/server/craftbukkit-1.13.jar'
ExecStop=/usr/bin/screen -S minecraft -p 0 -X stuff "stop^M"
[Install]
WantedBy=multi-user.target
When I monitor the service startup, I get the following in the journalctl logs:
Aug 05 14:55:41 spigot-1 systemd[1]: Started Minecraft Server.
Aug 05 14:55:41 spigot-1 screen[9869]: No screen session found.
Per the SO post I referenced, I already changed the permissions in /var/run/screen. This is the current setup:
root#spigot-1:/var/minecraft/server# ls -alR /var/run/screen/
/var/run/screen/:
total 0
drwxrwxrwx 4 root root 80 Aug 5 14:12 .
drwxr-xr-x 23 root root 860 Aug 5 14:11 ..
drwx------ 2 minecraft minecraft 40 Aug 5 14:55 S-minecraft
drwx------ 2 root root 40 Aug 5 14:50 S-root
/var/run/screen/S-minecraft:
total 0
drwx------ 2 minecraft minecraft 40 Aug 5 14:55 .
drwxrwxrwx 4 root root 80 Aug 5 14:12 ..
/var/run/screen/S-root:
total 0
drwx------ 2 root root 40 Aug 5 14:50 .
drwxrwxrwx 4 root root 80 Aug 5 14:12 ..
** Debug Notes **
You'll see the commented ExecStartPre command in there... all that happens if I try to start the screen session with that command is I get a second 'No screen session found' error.
I can launch the server from the command line using 'screen -dmS Minecraft [..]' and reattach. I can do this both as root and as the 'minecraft' user.
Any help would be greatly appreciated

I don't have Ubuntu to hand, but I tried something similar on Fedora 24 and had a similar error. To investigate I added an strace to the screen command and removed PrivateTmp so that I could get the trace output.
ExecStart=/bin/strace -o /tmp/s -f screen -dm -S me bash -c 'sleep 999'
In the output I found that at the end, screen was trying to open a pseudo-tty and failed to do so:
open("/dev/ptmx", O_RDWR) = -1 EACCES (Permission denied)
...
write(1, "No more PTYs.\r\nSorry, could not "..., 52) = 52
I added some ls -l /dev commands to the Unit to see what the effect of the PrivateDevices=true option had been. There was indeed a /dev/ptmx file, but unlike my real /dev it was a symbolic link to /dev/pts/ptmx, instead of just being the special character device. For some reason on my system I have:
$ ls -l /dev/ptmx /dev/pts/ptmx
crw-rw-rw- 1 root tty 5, 2 Aug 6 14:29 /dev/ptmx
c--------- 1 root root 5, 2 Jun 27 08:29 /dev/pts/ptmx
(This is probably a bug depending on the version of systemd and udev.)
So when /dev/ptmx is replaced in the private namespace by a symbolic link to /dev/pts/ptmx, you can no longer open a new pty. A simple fix for testing was sudo chmod a+rw /dev/pts/ptmx which indeed made the Unit work and start the screen process.
This may not be the case for you, but you could undertake a similar debug method to try to find the problem.

Related

Mount host directory to docker/podman container with correct permissions

Using:
podman version 4.2.0
AlmaLinux 8.7
I've created an image based on redhat/ubi8 with the following Dockerfile:
FROM docker.io/redhat/ubi8
RUN dnf install -y gcc-c++ cmake python39 openssh git
RUN useradd -ms /bin/bash foobar -g users
USER foobar
WORKDIR /home/foobar/
RUN mkdir -p .ssh
$ docker build -t mount_test_image .
I run the image from a directory that contains a directory ssh, and I want to mount that directory to /home/foobar/.ssh with ownership of foobar.users
$ ls -l
-rw-r--r--. 1 host_user users 269 Dec 7 09:10 Dockerfile
drwxrwxr-x. 2 host_user users 18 Dec 2 10:41 ssh
docker run -it -d --rm --mount type=bind,src=ssh,target=/home/foobar/.ssh --name=mount_test mount_test_image
However when I enter the container via
docker exec -it mount_test '/bin/sh'
The home directory looks like this:
drwx------. 1 foobar users 18 Dec 7 17:10 .
drwxr-xr-x. 1 root root 21 Dec 7 17:10 ..
-rw-r--r--. 1 foobar users 18 Jun 20 11:31 .bash_logout
-rw-r--r--. 1 foobar users 141 Jun 20 11:31 .bash_profile
-rw-r--r--. 1 foobar users 376 Jun 20 11:31 .bashrc
drwxrwxr-x. 2 root root 18 Dec 2 18:41 .ssh
I obviously get a "permission denied" when trying to access that directory.
sh-4.4$ ls /home/foobar/.ssh
ls: cannot open directory '/home/foobar/.ssh': Permission denied
I tried changing the ownership of the directory on the host to match the uid of the container user, but then it just looks like this:
drwxrwxr-x. 2 nobody root 18 Dec 2 18:41 .ssh
My host user uid:gid is 501:100 and the container user is 1000:100. Right now I'm just trying to generate an ssh key to upload to bitbucket, but this seems like a simple feature a container should be have. All the tutorials and examples just stop after the --mount command instruction and say "there ya go!". What good is the mount point if you can't read/write it?
EDIT:
I tried on Archlinux using docker instead of podman and it works like one would expect with both -v and --mount. The owner of the mounted directory in the container matches the uid and gid of the host. Is this then a bug in podman or is it just done differently?
You are using a non-root user (foobar) in a rootless container. You must use --userns=keep-id for the container user to see the mounted volumes.
https://github.com/containers/podman/blob/main/docs/tutorials/rootless_tutorial.md#using-volumes

SSH/Fuse mount create file ok but can't delete it

I have a proxmox server so under debian, and I want to mount a remote directory from my Nas Synologies to make backups.
I normally use ssh mounts without any problem.
But this time I have an error that I have never encountered, I can create files, but not delete them.
I find this very strange and I don't see where this can come from
root#proxmox:/mnt/# sshfs user#192.168.0.1:home/data /mnt/dist-folder/ -o reconnect,
ServerAliveInterval=60,ServerAliveCountMax=30,allow_other,
default_permissions,uid=0,gid=0,umask=007
root#proxmox:/mnt# cd dist-folder/
root#proxmox:/mnt/dist-folder# touch aa.txt
root#proxmox:/mnt/dist-folder# ls -la
total 12
drwxrwx--- 1 root root 114 Mar 13 09:53 .
drwxr-xr-x 7 root root 4096 Mar 13 09:37 ..
-rwxrwx--- 1 root root 0 Mar 13 09:53 aa.txt
root#proxmox:/mnt/dist-folder# rm aa.txt
rm: cannot remove 'aa.txt': Permission denied
With uid=0,gid=0 for root user and group
Thanks
This is finally a problem specific to synology.
For the assembly of the file it is absolutely necessary to respect the path by starting with
/homes/<user>home/
So it's give
sshfs user#192.168.0.1:/homes/proxmox/home/data /mnt/dist-folder/
And it's works fine !
It's not the first time that I have an abnormal configuration for this synology tool... AGrrrr

Cannot find the Nagios binary or no execute permissions in NagiosQL

I downloaded nagiosql_320.tar.gz and installed NagiosQL. When I click on check configuration file, it shows error as:
Cannot find the Nagios binary or no execute permissions!
I created symlink as below for nagios binary with following permission.
lrwxrwxrwx 1 root root 28 Jul 5 16:07 /usr/sbin/nagios -> /usr/local/nagios/bin/nagios
-rwxr-x--- 1 nagios apache 692624 Jun 27 14:40 /usr/local/nagios/bin/nagios
How can I correct the error?
chmod +x /usr/local/nagios/bin/nagios and try again

Can't access ttyACM device in mode 0660

I want to be able to read and write ttyACM device, particularly Arduino Leonardo board under Fedora.
I made a following rule:
SUBSYSTEM=="tty", ATTRS{idVendor}=="2341", ATTRS{idProduct}=="8036", SYMLINK+="arduino", MODE="0660", GROUP="plugdev"
Symlink is created but I do not have permission to read the device:
[nexy#shire ~]$ cat /dev/arduino
cat: /dev/arduino: Permission denied
Showing ls gives the following:
[nexy#shire ~]$ ls -l /dev/arduino /dev/ttyACM0
lrwxrwxrwx. 1 root root 7 Dec 18 15:25 /dev/arduino -> ttyACM0
crw-rw----. 1 root dialout 166, 0 Dec 18 15:25 /dev/ttyACM0
When I change mode to 0666 then it works. I belong to the group plugdev:
[nexy#shire ~]$ sudo groups nexy
nexy : nexy wheel plugdev
You might have to log out and log back in or restart your computer if you just added yourself to the group recently.

make: *** /lib/modules/2.6.32-279.el6.x86_64/build: No such file or directory. Stop

I downloaded the RALINK driver from their web site
untar -xvf rtl*
and then i ran "make" in it. google search suggested "kernel-devel"
needed to be installed.
i installed the kernel-devel package but i still get this error
make: *** /lib/modules/2.6.32-279.el6.x86_64/build: No such file or directory. Stop.
when i check to see if that file exists..
i cd into /lib/modules/2.6.32-279.el6.x86_64/
i believe this error happens right after "make" command tries to execute this command
make ARCH=x86_64 CROSS_COMPILE= -C /lib/modules/2.6.32-279.el6.x86_64/build M=/home/a/Desktop/3/rtl8712_8188_8191_8192SU_usb_linux_v2.6.6.0.20120405 modules
and it's there it is called "build"
so why is it saying no such file or directory ?
**EDIT**
If your problem is like the one I was having (see below), it seems the kernel development package isn't installed.
Try:
yum install kernel-devel
Original Message
I am having the same problem. But, interestingly, when I ls-l on the parent directory to the "missing directory" (so, ls -l /lib/modules/2.6.32-431.el6.x86_64/) it shows that build is a broken link pointing to /usr/src/kernels/2.6.32-431.el6.x86_64, but /usr/src/kernels/ is empty.
So, I don't know if this is much help, but hopefully it gives someone else a better idea of what's wrong.
[root#xx libreswan-3.7]# ls -l /lib/modules/2.6.32-431.el6.x86_64/
total 3524
lrwxrwxrwx. 1 root root 46 Dec 12 13:42 build -> ../../../usr/src/kernels/2.6.32-431.el6.x86_64
drwxr-xr-x. 2 root root 4096 Nov 21 22:41 extra
drwxr-xr-x. 11 root root 4096 Dec 12 13:42 kernel
-rw-r--r--. 1 root root 589679 Dec 12 13:43 modules.alias
...
-rw-r--r--. 1 root root 851070 Dec 12 13:43 modules.usbmap
lrwxrwxrwx. 1 root root 5 Dec 12 13:42 source -> build
drwxr-xr-x. 2 root root 4096 Nov 21 22:41 updates
drwxr-xr-x. 2 root root 4096 Dec 12 13:42 vdso
drwxr-xr-x. 2 root root 4096 Nov 21 22:41 weak-updates
[root#xx libreswan-3.7]# ls /usr/src/kernels/
[root#xx libreswan-3.7]#
Notice that the "source" link is also broken because it points to build.
cd /lib/modules/2.6.32-431.el6.x86_64
sudo rm build
sudo ln -s ../../../usr/src/kernels/2.6.32-431.29.2.el6.x86_64/ build
The above commands fixed the issue for me
But basically you must be able to use any version of 2.6.32* directory in the last command.
Thanks to Nighthawk663.
I have the same problem in ./configure --with-linux=/lib/modules/uname -r/build/. It says "not a file..." too.
Reason:
The kernel head files are missing for the current kernel.
How I solved it:
find current kernel: uname -r
yum install kernel-devel-$(uname -r)
you may not find it...
just google that version of kernel-devel-... download the rpm file, and do
rpm -i kernel-devel-xxxx.rpm
Then it works for me!
/usr/lib/modules/your-kernel-edition/build is a link file.
the link file exists. but the target file might not exists. So It is ok to see the link file, but the folder can not be changed into it (cd).
Similar Example on fedora 29.
lrwxrwxrwx. 1 root root 40 Oct 21 07:38 /usr/lib/modules/4.18.16-300.fc29.x86_64/build -> /usr/src/kernels/4.18.16-300.fc29.x86_64
Just install kernel-devel.
Example.
sudo dnf install kernel-devel-$(uname -r)
Because the link is not with your kernel version.
Delete the wrong link.
$ rm build`
Use $ uname -r to check the kernel version
Build new link with your kernel version.
$ ln -s ../../../usr/src/kernels/($(uname -r)/ build
Done