Bug 1397009

Summary: yum not working in the nodejs4 docker image
Product: Red Hat Software Collections Reporter: Johan Swensson <jswensso>
Component: rh-nodejs4-containerAssignee: Zuzana Svetlikova <zsvetlik>
Status: CLOSED WONTFIX QA Contact: BaseOS QE - Apps <qe-baseos-apps>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: unspecifiedCC: hhorak, ttomecek
Target Milestone: ---   
Target Release: 3.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-03-16 11:29:31 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Johan Swensson 2016-11-21 11:59:58 UTC 
Description of problem:
Currently it's not possible to execute yum commands with this image.

Version-Release number of selected component (if applicable):
latest              38c233077e56        2 weeks ago

How reproducible:
Every time 

Steps to Reproduce:
1.
Use this Dockerfile:

FROM registry.access.redhat.com/rhscl/nodejs-4-rhel7
RUN yum update -y

2. docker build -t reproducer .

Actual results:
# docker build -t reproducer .
Sending build context to Docker daemon 2.048 kB
Step 1 : FROM registry.access.redhat.com/rhscl/nodejs-4-rhel7
 ---> 38c233077e56
Step 2 : RUN yum update -y
 ---> Running in b812411a378a
Loaded plugins: ovl, product-id, search-disabled-repos, subscription-manager
ovl: Error while doing RPMdb copy-up:
[Errno 13] Permission denied: '/var/lib/rpm/.dbenv.lock'
You need to be root to perform this command.
The command '/bin/sh -c yum update -y' returned a non-zero code: 1


Expected results:
Command should succeed so I can update the image in case there are any updates available.
Comment 1 Tomas Tomecek 2016-11-30 10:08:55 UTC 
I'm assuming this is expected - default user in the container is not root:

$ id
uid=1001(default) gid=0(root) groups=0(root)

You can easily change this: either supply `-u root` when creating the container, or when building an image, change the user before invoking yum:

USER root
RUN yum ...
USER default


> Command should succeed so I can update the image in case there are any updates available.

This is not what we pursue. If you want updates, fetch updated image. We can't guarantee that the container remain fully working if you update (some) packages via yum directly.
Comment 2 Honza Horak 2016-12-13 19:58:14 UTC 
I think we can still do better in documenting this properly -- i.e. how users are expected to use the image when they need to install some more packages from RPM. Some examples would be very helpful here.
Comment 4 Zuzana Svetlikova 2017-03-16 11:29:31 UTC 
Since this is expected behaviour, I'm closing the bug.