Article ID: 116999, created on Aug 29, 2013, last review on Jun 17, 2016

  • Applies to:
  • Virtuozzo
  • Virtuozzo containers for Linux
  • Virtuozzo hypervisor

Symptoms

  1. Container does not start with segmentation faults from bash commands :

    ~# vzctl  start 102
    Starting the Container ...
    Container is mounted
    Setting permissions 20002 dev 0x7d00
    Adding offline management to Container(1): 4643
    Adding IP addresses: 82.97.15.169 82.97.15.168
    bash: line 502:     6 Segmentation fault      rm -f ${IFCFG_DIR}/${VENET_DEV_CFG} ${IFCFG_DIR}/${VENET_DEV_CFG}:* > /dev/null 2>&1
    bash: line 43:     8 Segmentation fault      ${CP} ${file} ${file}.$$
     ERROR: Can't copy file /etc/sysconfig/network
    Container is unmounted
    Failed to start the Container
    
  2. Some logs inside the container have been emptied :

    ~# vzctl mount 102
    
    ~# ls -la /vz/root/102/var/log/
    total 168
    drwxr-xr-x  5 root root   1460 juil. 14  2011 .
    drwxr-xr-x 19 root root   1576 juil. 14  2011 ..
    -rw-------  1 root utmp      0 juil. 14  2011 btmp
    drwx------  2 root root   4096 juil.  7  2011 httpd
    -rw-r--r--  1 root root 146000 juil. 14  2011 lastlog
    drwxr-xr-x  2 root root   4096 nov. 11  2010 mail
    -rw-------  1 root root      0 juil. 14  2011 maillog
    -rw-------  1 root root      0 juil. 14  2011 messages
    drwx------  3 root root   4096 juil. 14  2011 samba
    -rw-------  1 root root      0 juil. 14  2011 secure
    -rw-------  1 root root      0 juil. 14  2011 spooler
    -rw-------  1 root root      0 juil. 14  2011 tallylog
    -rw-rw-r--  1 root utmp      0 juil. 14  2011 wtmp
    
  3. Binaries have been replaced. This can be confirmed with #112599.

Cause

The container has been compromised.

Resolution

Restore that container from a backup.

If there are no backups for the container, reinstall it :

    ~# vzctl reinstall CTID

NOTE: All data will be moved to /old directory of reinstalled container

Search Words

hacked

compromised

Can't copy file /etc/sysconfig/network

Segmentation fault

Failed to start the Container

cannot start container

container doesn't start

Container is unmounted Failed to start the Container

a26b38f94253cdfbf1028d72cf3a498b 2897d76d56d2010f4e3a28f864d69223 d02f9caf3e11b191a38179103495106f e8e50b42231236b82df27684e7ec0beb 0dd5b9380c7d4884d77587f3eb0fa8ef

Email subscription for changes to this article
Save as PDF