Description of problem: Fedora container image does not contain /run/lock which causes packages that have content for /run/lock to fail to install. Version-Release number of selected component (if applicable): fedora:23 fedora:rawhide How reproducible: Deterministic. Steps to Reproduce: 1. $ docker run --rm -ti fedora:23 dnf install -y opencryptoki Actual results: Fedora 23 - x86_64 58 MB/s | 43 MB 00:00 Fedora 23 - x86_64 - Updates 51 MB/s | 23 MB 00:00 Last metadata expiration check performed 0:00:11 ago on Mon Jun 6 15:19:46 2016. Dependencies resolved. ================================================================================ Package Arch Version Repository Size ================================================================================ Installing: opencryptoki x86_64 3.4.1-1.fc23 updates 101 k opencryptoki-icsftok x86_64 3.4.1-1.fc23 updates 228 k opencryptoki-libs x86_64 3.4.1-1.fc23 updates 45 k Transaction Summary ================================================================================ Install 3 Packages Total download size: 373 k Installed size: 1.0 M Downloading Packages: (1/3): opencryptoki-libs-3.4.1-1.fc23.x86_64.rp 326 kB/s | 45 kB 00:00 (2/3): opencryptoki-3.4.1-1.fc23.x86_64.rpm 723 kB/s | 101 kB 00:00 (3/3): opencryptoki-icsftok-3.4.1-1.fc23.x86_64 1.4 MB/s | 228 kB 00:00 -------------------------------------------------------------------------------- Total 278 kB/s | 373 kB 00:01 Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transaction Installing : opencryptoki-libs-3.4.1-1.fc23.x86_64 1/3 Installing : opencryptoki-icsftok-3.4.1-1.fc23.x86_64 2/3 Installing : opencryptoki-3.4.1-1.fc23.x86_64 3/3 Error unpacking rpm package opencryptoki-3.4.1-1.fc23.x86_64 Error unpacking rpm package opencryptoki-3.4.1-1.fc23.x86_64 error: unpacking of archive failed on file /var/lock/opencryptoki: cpio: mkdir opencryptoki-3.4.1-1.fc23.x86_64 was supposed to be installed but is not! Verifying : opencryptoki-3.4.1-1.fc23.x86_64 1/3 Verifying : opencryptoki-libs-3.4.1-1.fc23.x86_64 2/3 Verifying : opencryptoki-icsftok-3.4.1-1.fc23.x86_64 3/3 Installed: opencryptoki-icsftok.x86_64 3.4.1-1.fc23 opencryptoki-libs.x86_64 3.4.1-1.fc23 Failed: opencryptoki.x86_64 3.4.1-1.fc23 Complete! Expected results: No errors, package opencryptoki installed. Additional info: This is primarily a packaging guidelines / policy issue. Either opencryptoki should not specify /run/lock/%{name}/ (but then https://fedoraproject.org/wiki/Packaging:Tmpfiles.d likely should be amended to be explicit about it) or the base image should contain the /run directories. This was also brought to the devel mailing list https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/thread/U2R34HF2IYWX7CVNONIW7HIKIQTYPBKN/ where it did not gather any ideas. It was also filed as https://fedorahosted.org/fesco/ticket/1585. This is a copy of https://fedorahosted.org/spin-kickstarts/ticket/62.
Lets see what FPC says on this one...
In https://fedorahosted.org/fpc/ticket/629#comment:9, we got: * Also ping the upstream container tools about fixing their tools for this issue. (geppetto, 17:16:53) Also, CentOS fixed their images via: https://github.com/CentOS/sig-cloud-instance-images/issues/46 Can Fedora images be fixed to container /run/lock (which will also make the dangling /var/lock symlink go away)?
https://pagure.io/fedora-kickstarts/pull-request/35
F23: https://pagure.io/fedora-kickstarts/pull-request/36 F24: https://pagure.io/fedora-kickstarts/pull-request/37
I can see the pull requests merged. When is the next respin of the Fedora base images expected?
They are available nightly with the compose, I'll get some images out though. I meant to do this before Flock but it just didn't happen. I'll update the BZ with info once I get them pushed up to the Docker Hub.
https://github.com/docker-library/official-images/pull/2055
I can see that REPOSITORY TAG IMAGE ID CREATED SIZE docker.io/fedora 24 11a5107645d4 6 days ago 204.4 MB has the issue addressed: $ docker run -ti fedora:24 ls -la /run/lock total 0 drwxr-xr-x. 3 root root 20 Aug 15 05:19 . drwxr-xr-x. 11 root root 160 Aug 22 06:51 .. drwxr-xr-x. 2 root root 6 Aug 15 05:19 subsys $ docker run --rm -ti fedora:24 dnf install -y opencryptoki [...] Installing : opencryptoki-libs-3.5-1.fc24.x86_64 1/3 Installing : opencryptoki-icsftok-3.5-1.fc24.x86_64 2/3 Installing : opencryptoki-3.5-1.fc24.x86_64 3/3 Failed to connect to bus: No such file or directory Verifying : opencryptoki-3.5-1.fc24.x86_64 1/3 Verifying : opencryptoki-libs-3.5-1.fc24.x86_64 2/3 Verifying : opencryptoki-icsftok-3.5-1.fc24.x86_64 3/3 Installed: opencryptoki.x86_64 3.5-1.fc24 opencryptoki-icsftok.x86_64 3.5-1.fc24 opencryptoki-libs.x86_64 3.5-1.fc24 Complete! However, fedora:rawhide which seems to have been built on the same day, is still missing /run/lock: REPOSITORY TAG IMAGE ID CREATED SIZE docker.io/fedora rawhide 3bcdeb6ee43b 6 days ago 174 MB $ docker run --rm -ti fedora:rawhide dnf install -y opencryptoki [...] Installing : opencryptoki-libs-3.5-1.fc25.x86_64 1/3 Installing : opencryptoki-icsftok-3.5-1.fc25.x86_64 2/3 Installing : opencryptoki-3.5-1.fc25.x86_64 3/3 Error unpacking rpm package opencryptoki-3.5-1.fc25.x86_64 Error unpacking rpm package opencryptoki-3.5-1.fc25.x86_64 error: unpacking of archive failed on file /var/lock/opencryptoki: cpio: mkdir opencryptoki-3.5-1.fc25.x86_64 was supposed to be installed but is not! Verifying : opencryptoki-3.5-1.fc25.x86_64 1/3 Verifying : opencryptoki-libs-3.5-1.fc25.x86_64 2/3 Verifying : opencryptoki-icsftok-3.5-1.fc25.x86_64 3/3 Installed: opencryptoki-icsftok.x86_64 3.5-1.fc25 opencryptoki-libs.x86_64 3.5-1.fc25 Failed: opencryptoki.x86_64 3.5-1.fc25 Complete! $ docker run -ti fedora:rawhide ls -la /run/lock ls: cannot access '/run/lock': No such file or directory Any chance of getting the fix to fedora:rawhide image as well?
Let me reopen this so that we don't lose the information that fix is still needed for fedora:rawhide image.
This message is a reminder that Fedora 23 is nearing its end of life. Approximately 4 (four) weeks from now Fedora will stop maintaining and issuing updates for Fedora 23. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as EOL if it remains open with a Fedora 'version' of '23'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version. Thank you for reporting this issue and we are sorry that we were not able to fix it before Fedora 23 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora, you are encouraged change the 'version' to a later Fedora version prior this bug is closed as described in the policy above. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete.
So, situation with images pulled from registry as of today: # for i in 23 24 25 rawhide ; do echo fedora:$i: ; docker run --rm -ti fedora:$i ls -la /run ; done fedora:23: total 0 drwxr-xr-x. 3 root root 21 Nov 25 13:52 . drwxr-xr-x. 18 root root 260 Nov 25 13:52 .. drwxr-xr-x. 2 root root 6 Nov 25 13:52 secrets fedora:24: total 4 drwxr-xr-x. 11 root root 160 Nov 25 13:52 . drwxr-xr-x. 18 root root 260 Nov 25 13:52 .. drwxr-xr-x. 2 root root 6 Aug 15 05:19 console drwxr-xr-x. 2 root root 6 Aug 15 05:19 faillock drwxr-xr-x. 3 root root 20 Aug 15 05:19 lock drwxr-xr-x. 2 root root 6 Aug 15 05:19 log -rw-r--r--. 1 root root 42 Aug 15 05:19 nologin drwxr-xr-x. 2 root root 6 Nov 25 13:52 secrets drwxr-xr-x. 2 root root 6 Aug 15 05:19 sepermit drwxr-xr-x. 2 root root 6 Aug 15 05:19 setrans drwxr-xr-x. 9 root root 113 Aug 15 05:19 systemd drwxr-xr-x. 2 root root 6 Aug 15 05:19 user -rw-rw-r--. 1 root utmp 0 Aug 15 05:19 utmp fedora:25: total 0 drwxr-xr-x. 3 root root 21 Nov 25 13:52 . drwxr-xr-x. 18 root root 260 Nov 25 13:52 .. drwxr-xr-x. 2 root root 6 Nov 25 13:52 secrets fedora:rawhide: total 0 drwxr-xr-x. 3 root root 21 Nov 25 13:52 . drwxr-xr-x. 18 root root 260 Nov 25 13:52 .. drwxr-xr-x. 2 root root 6 Nov 25 13:52 secrets So fedora:24 got fixed by fedora:25 and fedora:rawhide lost the fix again.
I merged a bunch of changes into rawhide dockerfile that should fix this I believe once the images start building again. https://pagure.io/fedora-kickstarts/pull-request/119
(In reply to Dusty Mabe from comment #12) > I merged a bunch of changes into rawhide dockerfile that should fix this I > believe once the images start building again. What is the plan / process to start the image building?
hey jan, for rawhide, they are actively trying to get a full rawhide compose done. Once a compose completes successfully then this will be available in the rawhide image (and presumably f26). Let me know if I did not answer your question.
This message is a reminder that Fedora 25 is nearing its end of life. Approximately 4 (four) weeks from now Fedora will stop maintaining and issuing updates for Fedora 25. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as EOL if it remains open with a Fedora 'version' of '25'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version. Thank you for reporting this issue and we are sorry that we were not able to fix it before Fedora 25 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora, you are encouraged change the 'version' to a later Fedora version prior this bug is closed as described in the policy above. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete.
fedora:26, fedora:27, and fedora:rawhide contain /run/lock: $ for i in 23 24 25 26 27 rawhide ; do echo fedora:$i: ; docker run --rm -ti fedora:$i ls -la /run/lock ; done So maybe this should be CLOSED CURRENTRELEASE?
sure