authentication failure [...] msg=path "/run/proxmox-backup/shmem" is not on tmpfs
fila612 opened this issue · 18 comments
Hi,
I've tried to install the latest docker image to my Synology via Portainer.
there were 4 Folders created on the host system and mapped into docker volumes:
These 4 volumes are created with following options (in Portainer called "drive options":
after start the container, logs seems to be fine and data were created in the folders.
But, the login (admin/pbspbs) is not working:
in PBS2/logs/api I found a file "auth.log" including this:
2022-02-13T09:39:05+00:00: authentication failure; rhost=[::ffff:172.17.0.1]:52784 user=admin@pbs msg=path "/run/proxmox-backup/shmem" is not on tmpfs
I think there is something wrong what I did, but I'm not sure what.
Also I checked the tmpfs inside the container:
any suggestions how to handle this?
Thanks for the tip, unfortunately my knowledge is not sufficient for this.
Will there be this patch in your image later?
understand, so I'm not able to do anything (sorry)
thanks for your quick help, should this issue be closed or it is better to leave it open until the handling regarding the patch is decided (upstream or adaption)?
Leave it for now.
I came across the same problem today on a ubuntu system with kernel 5.4.0-88-generic.
It can be solved by creating tmpfs mountpoint at /run
following docker-compose file can be an example
version: '2.1'
services:
pbs:
image: ayufan/proxmox-backup-server:latest
network_mode: host
mem_limit: 2G
volumes:
- /mnt/datastore/backup/pbs:/backups
- ./etc:/etc/proxmox-backup
- ./logs:/var/log/proxmox-backup
- ./lib:/var/lib/proxmox-backup
tmpfs:
- /run
restart: unless-stopped
stop_signal: SIGHUP
I also have a Synology NAS and I tried the above docker-compose config. It runs just fine.
hm, strange... I had also created the volumes as tmpfs, what is the difference between yours and mines?
See screenshots above, running "df -h" displays tmpfs.....
The need for tmpfs is documented in here:
Thanks @pandada8 for the hint of the Mountpoint "/run"
that was the issue why its not working on my "Synology-Docker-Portainer" machine....:)
Point is: I had created the container completely via Portainer, but the Mountpoint "/run" cannot be created in the Portainer GUI, or maybe its possible, but I don't know how to do it.
nevertheless, if I use Portainer stack (=docker compose) the PBS is working on my Synology!!! 😄
if someone are interested to my Portainer Stack content:
HINT:
the paths have to be validated by your own environment. i have created following folders on my HOST-System
/volume1/Sicherung/Backups/PBS2
/volume1/docker/PBS2/etc
/volume1/docker/PBS2/log
/volume1/docker/PBS2/lib
services:
pbs:
image: ayufan/proxmox-backup-server:latest
network_mode: "bridge"
ports:
- "8007:8007"
volumes:
- backups:/backups
- pbs_etc:/etc/proxmox-backup
- pbs_log:/var/log/proxmox-backup
- pbs_lib:/var/lib/proxmox-backup
tmpfs:
- /run
restart: unless-stopped
stop_signal: SIGHUP
environment:
TZ: Europe/Berlin
devices:
- /dev/sda
- /dev/sdb
cap_add:
- SYS_RAWIO
volumes:
backups:
driver: local
driver_opts:
type: tmpfs
o: bind
device: /volume1/Sicherung/Backups/PBS2
pbs_etc:
driver: local
driver_opts:
type: tmpfs
o: bind
device: /volume1/docker/PBS2/etc
pbs_log:
driver: local
driver_opts:
type: tmpfs
o: bind
device: /volume1/docker/PBS2/log
pbs_lib:
driver: local
driver_opts:
type: tmpfs
o: bind
device: /volume1/docker/PBS2/lib
Yes, you need to pre-create paths.
from my side issue can be closed.
solution: Portainer-stack or docker compose instead of Portainer-GUI ;)
Maybe all those details (about tmpfs and pre-create) we could add to README for next generation? :)
Hi!
I try to replace my own pbs 1x container with your. And as I see faced with kernel trouble... I run it on my openmediavault server, with current kernel 4.19.0-0.bpo.9-amd64, and in logs of container I get:
Error: mkstemp "/run/proxmox-backup/proxy.tmp_XXXXXX" failed: ENOENT: No such file or directory
And very shot time after my credentials is active, I mean very shot time before pbs re-ask to sig-in, not sure if it affialted with kernel and tmpfs /run, any suggestion? Thanks.
Btw, here is my stack:
volumes:
pbs_etc:
driver: local
pbs_logs:
driver: local
pbs_lib:
driver: local
pbs:
image: ayufan/proxmox-backup-server:latest
container_name: proxmox-backup-server
hostname: proxmox-backup-server
cap_add:
- SYS_RAWIO
devices:
- /dev/sdd
mem_limit: 2G
networks:
- omv
environment:
- TZ=Europe/Kiev
volumes:
- pbs_etc:/etc/proxmox-backup
- pbs_logs:/var/log/proxmox-backup
- pbs_lib:/var/lib/proxmox-backup
- /sharedfolders/proxmox-backup:/storage
tmpfs:
- /run
ports:
- 8007:8007
restart: unless-stopped
stop_signal: SIGHUP
logging:
driver: "json-file"
options:
max-size: "50m"
I think question 'bout re-ask credentails I can dropped. I think it was 'coz I runned two containers at one time and get /etc/shadow:ro volume in my own pbs container, not sure, but right now I don't face with it.
And one more thing, at the first start of the container, I didn't has get error with mkstemp, all seems fine:
And one more... :) I just now is saw it, the error says 'bout proxy tmp session file, I correctly understood? So maybe it's normal in this case?
Hi,
with LibreElec as Docker host there is the same issue. I've resolved it with the help from some threads here.
I've created the volumes this way:
and used the following stack file:
version: '3.9'
volumes:
pbs-etc:
driver: local
pbs-logs:
driver: local
pbs-lib:
driver: local
backups:
driver: local
driver_opts:
type: ''
o: bind
device: /storage/sambashare/NASHDD1/Backup/Proxmox/Docker
services:
pbs:
image: ayufan/proxmox-backup-server
container_name: proxmox-backup-server
hostname: proxmox-backup-server
network_mode: host
mem_limit: 4G
volumes:
- pbs-etc:/etc/proxmox-backup
- pbs-logs:/var/log/proxmox-backup
- pbs-lib:/var/lib/proxmox-backup
- backups:/backups
tmpfs: /run
cap_add: # smartctl support
- SYS_RAWIO
devices:
- /dev/sda
- /dev/sdb
- /dev/sdc
restart: unless-stopped
stop_signal: SIGHUP
environment:
- TZ=Europe/Berlin
This was working for me.
@SAOPP can you share your full stack (you seem to be missing some parts).
I have followed this thread and I get a different variant of the error message:
2023-08-24T00:28:51+00:00: authentication failure; rhost=[::ffff:172.25.0.1]:33743 user=admin@pam msg=open tmpfile in "/run/proxmox-backup/shmem" failed - EISDIR: Is a directory
(dh -f in the container shows tmpfs is mounted)
@SAOPP can you share your full stack (you seem to be missing some parts).
My stack is not changed, above: #16 (comment)