1380906 – systemd breaks /dev/console if run in a container

Bug 1380906 - systemd breaks /dev/console if run in a container

Summary: systemd breaks /dev/console if run in a container

Keywords:
Status:	CLOSED NOTABUG
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	systemd
Sub Component:
Version:	25
Hardware:	x86_64
OS:	Linux
Priority:	unspecified
Severity:	high
Target Milestone:	---
Assignee:	systemd-maint
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2016-10-01 11:18 UTC by Dietmar Kling
Modified:	2016-11-04 00:04 UTC (History)
CC List:	8 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2016-11-04 00:04:37 UTC
Type:	Bug
Dependent Products:

Attachments	(Terms of Use)
Bugfix for systemd running in containers (748 bytes, message/rfc822) 2016-10-01 11:18 UTC, Dietmar Kling	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Description Dietmar Kling 2016-10-01 11:18:01 UTC

Created attachment 1206501 [details]
Bugfix for systemd running in containers

Description of problem:
I run some service in a container with systemd. I noticed an incredible slowdown on docker containers in Fedora 25. When I debbuged the problem, it turned out that journald, which was configured to log to /dev/console, desperatly tried to open /dev/console for each log message an failed, because /dev/console was reported as "//deleted" if you did a cat /proc/1/mountinfo.
e.g.
cat /proc/1/mountinfo |grep console 
2769 2749 0:20 /33//deleted /dev/console rw,nosuid,noexec,relatime - devpts devpts rw,gid=5,mode=620,ptmxmode=000


The root cause for this behaviour is systemd - which when run not as process 1 in the container, did _not_ close the /dev/console.

Version-Release number of selected component (if applicable):  systemd-231-6


How reproducible:


Steps to Reproduce:
1. run systemd in docker container
2. docker exec -it <containername> bash
3. echo TEST >/dev/console 

Actual results:
The echo returns an error and after some research i found that /dev/console is closed by systemd on startup.

Expected results:
Working /dev/console

Additional info:
I have traced the problem down in systemd/src/core/main.c which calls in the main function make_null_stdio(). If  you comment out this function, systemd starts working again in the docker container and /dev/console just  works as expected. 
I have analyzed the problem further, the following seems to happen: IN src/basic/terminal-util.c where make_null_stdio() resides, the functions opens "/dev/null" and passes the filedescriptor to make_stdio(fd) in the same file. make_stdio(int fd) contains 

 s = dup2(fd, STDOUT_FILENO);

This actually closes STDOUT_FILEN which is connected to the filehandle where the docker host receives the console messages. After this point /dev/console in the docker container is broken and cannot be used anymore. Therefore e.g. a docker logs -f <container> does not get any message from journald (which is configured to log to console)


The attached patch disables make_null_stdio() for systemd when run in a container, which makes it useable again in docker.

Comment 1 Zbigniew Jędrzejewski-Szmek 2016-11-04 00:04:37 UTC

This was discussed upstream, with the conclusion that this is not a systemd bug:
https://github.com/systemd/systemd/pull/4262. Please see the the upstream discussion for details.

Note You need to log in before you can comment on or make changes to this bug.