cpio: cap_set_file error when installing httpd RPM inside an LXC container

My physical machine runs Debian Jessie, and it has several LXC containers (mostly Debian and Ubuntu). Now I needed to test some software under CentOS, and I bumped into the following error when installing Apache HTTP server:

Downloading packages:
httpd-2.4.6-45.el7.centos.4.x86_64.rpm                                                                        | 2.7 MB  00:00:00     
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : httpd-2.4.6-45.el7.centos.4.x86_64                                                                                1/1 
Error unpacking rpm package httpd-2.4.6-45.el7.centos.4.x86_64
error: unpacking of archive failed on file /usr/sbin/suexec;590112cd: cpio: cap_set_file
  Verifying  : httpd-2.4.6-45.el7.centos.4.x86_64                                                                                1/1 

Failed:
  httpd.x86_64 0:2.4.6-45.el7.centos.4

The thing is, that by default “/usr/share/lxc/config/centos.common.conf” defines the following capability drops:

lxc.cap.drop = mac_admin mac_override setfcap setpcap
lxc.cap.drop = sys_module sys_nice sys_pacct
lxc.cap.drop = sys_rawio sys_time

So, setfcap capability is required in order to install Apache. Use the following lines in your “/var/lib/lxc/NAME/config” to drop previously defined drops and set up a new list:

# flush all defined drops and define a new list
lxc.cap.drop =
lxc.cap.drop = mac_admin mac_override setpcap
lxc.cap.drop = sys_module sys_nice sys_pacct
lxc.cap.drop = sys_rawio sys_time

then restart the container, and “yum install httpd” should run as expected.

Running Ubuntu on Chuwi Hi10 Pro tablet

Chuwi Hi10 Pro (CW1529) tablet is sold for about $200 with an attachable keyboard, which makes it a potential candidate to replace my old Acer Aspire One and run Linux on it. It’s also equipped with a high-quality 10″, 1920×1200 IPS screen.

The tablet is based on Intel Atom x5-Z8350 Cherry Trail CPU, which requires a fresh Linux kernel. So I started with pre-release of Lubuntu 17.04 (Zesty Zapus).

So far, out of the box:

• screen is oriented vertically, which makes it difficult to operate with the keyboard.
• Touchscreen, sound, Bluetooth, and Wifi are not visible to the kernel.

Solving the screen orientation:

In /etc/default/grub, edit the following setting:

GRUB_CMDLINE_LINUX="fbcon=rotate:1"

Then, add the following to make lightdm rotate the screen automatically:

cat >/etc/lightdm/chuwi_hi10_screen_orientation.sh <<'EOT'  #!/bin/sh xrandr --orientation right  EOT  cat >/etc/lightdm/lightdm.conf.d/50_chuwi_hi10.conf <<'EOT'
[SeatDefaults]
display-setup-script=/etc/lightdm/chuwi_hi10_screen_orientation.sh
EOT
# this will apply the setting immediately:
systemctl restart lightdm

There is one bug though: for some reason, the display manager still thinks it’s the old resolution, e.g. 1920 on vertical resolution,  so all fonts look much smaller than they are, and window closing buttons are hardly visible. If I start lightdm without my customization and login, and then run “xrandr –orientation right”, all fonts and window controls are of normal size.

With Hopkins Kong’s kernel patches, Wifi adapter is now working. Touchscreen is responding, but acts randomly.

Read the rest of this entry »

PC Engines APU board: installing Debian on mSATA drive

PC Engines started shipping its new APU board in 2014. It can boot from an SD card (slow on writes), and it can also have an mSATA drive and boot from it (fast read-write, and more write cycles). Voyage Linux is well optimized for SD card.

Here I started my scripts for building a Debian CD and installing it on APU’s mSATA drive: https://github.com/ssinyagin/pcengines-apu-debian-cd