Bug 1655068

Summary: Running read-only container with systemd causes failed dnf-makecache.service
Product: [Fedora] Fedora Container Images Reporter: Jan Pazdziora <jpazdziora>
Component: baseAssignee: Clement Verna <clems.verna>
Status: CLOSED EOL QA Contact:
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 28CC: kevin
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-01-07 13:54:22 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Jan Pazdziora 2018-11-30 13:15:39 UTC 
Description of problem:

When systemd container is run as read-only, the state of systemd is shows as degraded, presumably because dnf-makecache.service failed.

Version-Release number of selected component (if applicable):

REPOSITORY                          TAG   IMAGE ID       CREATED       SIZE
registry.fedoraproject.org/fedora   28    ded494ce3076   7 weeks ago   264MB

How reproducible:

Deterministic.

Steps to Reproduce:
1. sudo podman run --read-only --name systemd -d registry.fedoraproject.org/fedora:28 /usr/sbin/init
2. sudo podman exec systemd systemctl is-system-running
3. Wait some time, up to 10 minutes
4. sudo podman exec systemd systemctl status dnf-makecache.service

Actual results:

degraded
exit status 1

● dnf-makecache.service - dnf makecache
   Loaded: loaded (/usr/lib/systemd/system/dnf-makecache.service; static; vendor preset: disabled)
   Active: failed (Result: exit-code) since Fri 2018-11-30 12:40:01 UTC; 33min ago
  Process: 85 ExecStart=/usr/bin/dnf makecache timer (code=exited, status=1/FAILURE)
 Main PID: 85 (code=exited, status=1/FAILURE)

Nov 30 12:40:00 0224cccc3922 systemd[1]: Starting dnf makecache...
Nov 30 12:40:01 0224cccc3922 dnf[85]: Config error: Read-only file system: '/var/log/dnf.log'
Nov 30 12:40:01 0224cccc3922 systemd[1]: dnf-makecache.service: Main process exited, code=exited, status=1/FAILURE
Nov 30 12:40:01 0224cccc3922 systemd[1]: dnf-makecache.service: Failed with result 'exit-code'.
Nov 30 12:40:01 0224cccc3922 systemd[1]: Failed to start dnf makecache.
exit status 3

Expected results:

running

The dnf-makecache.service (and the dnf-makecache.timer) likely shouldn't be enabled at all in container -- it does not make sense in run time.

Additional info:
Comment 1 Clement Verna 2018-12-17 20:18:00 UTC 
This should work as expected, could you double check ? 

Thanks
Comment 2 Clement Verna 2018-12-17 20:25:21 UTC 
Oops sorry wrong bugzilla, I ll try this one to check if the latest image make this works as disired or not
Comment 3 Ben Cotton 2020-01-07 13:54:22 UTC 
Closing this bug as Fedora 28 reached EOL status on 2019-05-28.