Disabling root in the ssh, CMS Gone

Dear XIBO stuff,

Maybe was an useless move, but I disabled the root user, and created an alternative user (for security reasons) in ssh. Now the players arent collecting, and the cms isnt showing up. You have and idea for unstuck or I should reinstall everything?

docker-compose -f cms_custom-ports.yml up -d

ERROR: Couldn’t connect to Docker daemon at http+docker://localunixsocket - is it running?
If it’s at a non-standard location, specify the URL with the DOCKER_HOST environment variable.

Thanks in advance,
Francesco

There is no SSH service inside our containers, so I’m not sure what you’ve changed.

The XMR and web container run as unprivileged users anyway. They launch as root, but drop privileges.

It looks like your Docker daemon isn’t running. Try restarting that and then recreate the containers to get yourself back to the standard setup.

Hi Alex, thanks for help.

I erased the folder shared, fully, and then I used the docker-compose up. Now seems working… but seems I deleted all my settings. I didnt create any layout or else, I’ve just set locales and the XMR thing. 5 minutes.
Anyway there’s something weird in this log, maybe? PLease… thanks you so much

systemctl daemon-reload
sudo service docker restart

Now the CMS shows up at the page.

sudo service docker status`

Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled)
Active: active (running) since Mon 2018-02-05 15:23:43 GMT; 4min 12s ago
Docs: https://docs.docker.com
Main PID: 9867 (dockerd)
Memory: 117.8M
CGroup: /system.slice/docker.service
├─ 9867 /usr/bin/dockerd
├─ 9875 docker-containerd --config /var/run/docker/containerd/containerd.toml
├─10221 /usr/bin/docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 65501 -container-ip 172.18.0.2 -container-port 80
├─10230 docker-containerd-shim -namespace moby -workdir /var/lib/docker/containerd/daemon/io.containerd.runtime.v1.linux/moby/7e7af1a2df5df25aade0525ebb7cb5f…
├─10241 /usr/bin/docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 65500 -container-ip 172.18.0.4 -container-port 9505
├─10306 docker-containerd-shim -namespace moby -workdir /var/lib/docker/containerd/daemon/io.containerd.runtime.v1.linux/moby/06c456c1ebc070e4d7ebe0338e11879…
└─10379 docker-containerd-shim -namespace moby -workdir /var/lib/docker/containerd/daemon/io.containerd.runtime.v1.linux/moby/d7134b887237966669b0cf7178d00f8…

Feb 05 15:23:42 LIMONEDS.poundhost.com dockerd[9867]: time=“2018-02-05T15:23:42Z” level=info msg=“shim docker-containerd-shim started” address="/containerd-shi…pid=10379
Feb 05 15:23:42 LIMONEDS.poundhost.com dockerd[9867]: time=“2018-02-05T15:23:42.781326433Z” level=warning msg=“unknown container” container=06c456c1ebc070e4d7e…gins.moby
Feb 05 15:23:42 LIMONEDS.poundhost.com dockerd[9867]: time=“2018-02-05T15:23:42.944595689Z” level=warning msg=“unknown container” container=06c456c1ebc070e4d7e…gins.moby
Feb 05 15:23:43 LIMONEDS.poundhost.com dockerd[9867]: time=“2018-02-05T15:23:43.437190636Z” level=warning msg=“unknown container” container=d7134b887237966669b…gins.moby
Feb 05 15:23:43 LIMONEDS.poundhost.com dockerd[9867]: time=“2018-02-05T15:23:43.459449969Z” level=warning msg=“unknown container” container=d7134b887237966669b…gins.moby
Feb 05 15:23:43 LIMONEDS.poundhost.com dockerd[9867]: time=“2018-02-05T15:23:43.708771343Z” level=info msg=“Loading containers: done.”
Feb 05 15:23:43 LIMONEDS.poundhost.com dockerd[9867]: time=“2018-02-05T15:23:43.806852206Z” level=info msg=“Docker daemon” commit=c97c6d6 graphdriver(s)=overla…7.12.0-ce
Feb 05 15:23:43 LIMONEDS.poundhost.com dockerd[9867]: time=“2018-02-05T15:23:43.818359704Z” level=info msg=“Daemon has completed initialization”
Feb 05 15:23:43 LIMONEDS.poundhost.com dockerd[9867]: time=“2018-02-05T15:23:43.872500307Z” level=info msg=“API listen on /var/run/docker.sock”
Feb 05 15:23:43 LIMONEDS.poundhost.com systemd[1]: Started Docker Application Container Engine.
Hint: Some lines were ellipsized, use -l to show in full.

docker-compose -f cms_custom-ports.yml up -d

I think you probably just needed to run this from within /opt/xibo and also with sudo?

I’m still learning how to run this, but I’ve thought I was doing something wrong before then remembered to run the command with sudo.

You only need sudo if you’ve not given the user you’re running as permission to use docker.

By deleting shared, you’ve removed all your content. If you have a backup, then down the containers, restore shared from it, and then up them again to restore your data.

Thanks so much for your help, Alex. Ok that’s the exact procedure for “refreshing” the containers.
Anyway everything seems working fine. I’m scared about that event, but it’s working.
Luckily was fresh-installed, the only thing I lose was some videos…

Just for information, I disabled the ssh root user because everytime I log in the ssh, there’s thousand of unsuccesful logins, wich means bots trying to log-in, I beleive. So I disabled it, making it a little more difficult for the bots. But in the end Xibo suffered from that, for a while. :confused:

Xibo doesn’t have an SSH server in the container.

If you’re running an SSH server, it’s not related to Xibo at all.

Yes, I’m a beginner in this.

Well, since we are using a remote server, and the only way to work with it is the ssh terminal, (or the plesk platform) I was sure everything on the machine was in risk, xibo too, using ssh.

Thanks, I learned something again :blush: