Bug 1475214
Summary: | package update filesystem-3.2-21.el7.x86_64 fails in el7 nspawn container because of readonly /sys | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Christoph Sievers <christoph.sievers> |
Component: | filesystem | Assignee: | Ondrej Vasik <ovasik> |
Status: | CLOSED NOTABUG | QA Contact: | qe-baseos-daemons |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | 7.3 | CC: | christoph.sievers, mosonkonrad |
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | x86_64 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2018-05-14 21:12:12 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Christoph Sievers
2017-07-26 08:07:26 UTC
Just as a confirmation of duplicate - is that on RHEL 6 host? /sys is controlled by kernel - and kernel in containers is used from the host. Unfortunately, mode set by kernel changed between RHEL 6 and RHEL 7 (see #1037862) - so there is no good solution for this. It will be either broken on RHEL 6 host or on RHEL 7 host - or if I make this directory ghosted, it would show as "permissions modified" on one or other ghost - which is not perfect as well - could scare admin. Btw. https://bugzilla.redhat.com/show_bug.cgi?id=1116516 is similar report. It is a rhel 7 guest but I think I caused the problem myself. I'm using nsenter and remount parts of /sys to be able to set some settings using sysctl (I know it's bad) in the container - then remounting it ro but for some reason that changes the permissions on that directory like this drwxr-xr-x. 9 root root 180 Jul 26 15:55 /sys We went into same problem on "CentOS Linux release 7.5.1804 (Core)" when doing 'yum update -y' in Docker container. I'll close this bz, I don't think this is an issue with filesystem package. Filesystem only owns the sys directory, it is actually being handled by kernel - 555 is now default from kernel (see #1037862). |