Bug 1509880
Summary: | oci runtime error: permission denied while enabling docker system container | ||
---|---|---|---|
Product: | OpenShift Container Platform | Reporter: | Gan Huang <ghuang> |
Component: | Installer | Assignee: | Giuseppe Scrivano <gscrivan> |
Status: | CLOSED ERRATA | QA Contact: | Gan Huang <ghuang> |
Severity: | high | Docs Contact: | |
Priority: | high | ||
Version: | 3.7.0 | CC: | aos-bugs, ghuang, gscrivan, jokerman, mmccomas, smilner |
Target Milestone: | --- | ||
Target Release: | 3.7.z | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: |
Cause:
wrong label on /var/lib/containers
Consequence:
prevented the Docker system container to run with the correct SELinux label
Fix:
Ensure /var/lib/containers is correctly labelled
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2017-11-28 22:21:49 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Gan Huang
2017-11-06 09:22:14 UTC
Can you confirm which version of atomic host and/or atomic, docker, container-selinux packages was used when the problem was encountered? If all of those are updated to the latest does the problem go away? Setting this to 3.7.z. @Steve, it was a containerized installation on RHEL-7.4. Issue still persists while re-testing with latest RHEL7.4 and packages: # rpm -qa |grep atomic atomic-openshift-excluder-3.7.0-0.191.0.git.0.2533484.el7.noarch atomic-openshift-docker-excluder-3.7.0-0.191.0.git.0.2533484.el7.noarch atomic-registries-1.19.1-5.git48c224b.el7.x86_64 atomic-1.19.1-5.git48c224b.el7.x86_64 # rpm -qa |grep container container-storage-setup-0.8.0-3.git1d27ecf.el7.noarch skopeo-containers-0.1.24-1.dev.git28d4e08.el7.x86_64 container-selinux-2.28-1.git85ce147.el7.noarch subscription-manager-plugin-container-1.19.23-1.el7_4.x86_64 # uname -r 3.10.0-693.5.2.el7.x86_64 # cat /etc/redhat-release Red Hat Enterprise Linux Server release 7.4 (Maipo) The installation is able to proceed while using the patch above. Verified in openshift-ansible-3.7.4-1.git.0.254e849.el7.noarch.rpm Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2017:3188 |