cloud-images

fstrim has default cron.weekly entry on docker containers (partner-images)

Bug #1652622 reported by codywohlers on 2016-12-26

This bug report is a duplicate of: Bug #1589289: fstrim: cannot open /dev/.lxd-mounts: Permission denied. Edit Remove

16

This bug affects 3 people

Affects		Status	Importance	Assigned to	Milestone
	cloud-images	New	Undecided	Unassigned

Bug Description

Docker image `ubuntu:16.04` (docker-brew-ubuntu), which pulls from partner-images, has a default `/etc/cron.weekly` entry. Therefore if you install cron then fstrim is run every week and produces the following errors in a docker container:

$ docker run -ti -v tmp:/tmp2 ubuntu:16.04 /sbin/fstrim --all
fstrim: /etc/hosts: not a directory
fstrim: /etc/hostname: not a directory
fstrim: /etc/resolv.conf: not a directory
fstrim: /tmp2: FITRIM ioctl failed: Operation not permitted

I think the `/etc/cron.weekly/fstrim` entry should be removed from the image so that if you install cron it is not run. Also, should `/sbin/fstrim` even be included at all? (It is part of linux-utils)

References:
docker-brew-ubuntu github issue 72: https://github.com/tianon/docker-brew-ubuntu-core/issues/72
serverfault question 820169: http://serverfault.com/questions/820169/should-i-be-running-fstrim-in-a-container/

See original description

Tags:

codywohlers (codywohlers) on 2016-12-26

description:	updated
description:	updated
tags:	added: linux-utils removed: linux-util

Revision history for this message

codywohlers (codywohlers) wrote on 2016-12-26:

#1

Workaround for now is to add `RUN rm /etc/cron.weekly/fstrim` to my Dockerfile

Revision history for this message

Daniel Bull (ubuntu-frozenmist) wrote on 2017-06-11:

#2

Interestingly enough I have a very similar issue with this but I'm running LXD containers so it seems the problem is not isolated to docker:

Email from cron:
/etc/cron.weekly/fstrim:
fstrim: cannot open /dev/.lxd-mounts: Permission denied
fstrim: /dev/lxd: FITRIM ioctl failed: Operation not permitted
fstrim: /: FITRIM ioctl failed: Operation not permitted

Like you I have 'rm /etc/cron.weekly/fstrim' in each container to resolve it.

Revision history for this message

Michael Hudson-Doyle (mwhudson) wrote on 2018-07-16:

#3

I think a generic fix for this in the systemd world would be to add ConditionVirtualization=no to the fstrim.service unit.

Revision history for this message

Eric Desrochers (slashd) wrote on 2019-08-13:

#4

fstrim.service in Xenial is in examples/

What we could do is modify the fstrim script in cron.weekly to something along those lines:

#!/bin/sh
# trim all mounted file systems which support it
+if ! /usr/bin/systemd-detect-virt -q -c; then
/sbin/fstrim --all || true
+ fi

at least the cron.weekly won't try to start fstrim inside a container automatically every sunday-ish IIRC.

Revision history for this message

Eric Desrochers (slashd) wrote on 2019-08-13:

#5

or even better I think:

#!/bin/sh
# trim all mounted file systems which support it
+if /usr/bin/systemd-detect-virt -q -c; then
+exit 0
+fi
/sbin/fstrim --all || true

Revision history for this message

Eric Desrochers (slashd) wrote on 2019-08-14:

#6

See #1589289 for recent details.

Report a bug

This report contains Public information

Everyone can see this information.

Duplicate of bug #1589289 Remove

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.