Bug 1752079

Summary: podman docker command fails at COPY - overwriting existing file
Product: Red Hat Enterprise Linux 8 Reporter: Moss Uchida <muchida>
Component: podmanAssignee: Tom Sweeney <tsweeney>
Status: CLOSED ERRATA QA Contact: atomic-bugs <atomic-bugs>
Severity: high Docs Contact:
Priority: unspecified    
Version: 8.0CC: dwalsh, jligon, jnovy, lsm5, mheon, tsweeney, ypu
Target Milestone: rc   
Target Release: 8.0   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: podman 2.0.4 or newer Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-11-04 03:05:10 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
Dockerfile_KS, server.xml & war file to run docker build command none

Description Moss Uchida 2019-09-13 16:13:57 UTC 
Created attachment 1614923 [details]
Dockerfile_KS, server.xml & war file to run docker build command

Description of problem:
When I tried to run docker command using podman-docker to generate an image using Dockerfile, it fails at COPY command when the target file already exists

Version-Release number of selected component (if applicable):
podman 1.0.3. I have tried to upgrade podman & talked with multiple RH team members, however, nobody was able to provide podman upgrade steps NOR IBM IT team. I was not able to upgrade.  Daniel Walsh asked me to open bugzilla issue here instead of asking in email.

How reproducible:
Run the following Dockerfile using docker command that in turn use podman

Steps to Reproduce:
1. Run "docker build -f ./${DOCKERFILE} -t ${IMAGENAME} ."
2. Use the attached Dockerfile_KS & server.xml.  Put server.xml in the local dir.

Actual results:
It fails with the following error:
STEP 6: COPY --chown=1001:0 server.xml /config/server.xml

error building at step {Env:[PATH=/opt/ibm/wlp/bin:/opt/ibm/helpers/build:/opt/ibm/java/jre/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin container=oci JAVA_VERSION=1.8.0_sr5fp37 JAVA_HOME=/opt/ibm/java/jre IBM_JAVA_OPTIONS=-Xshareclasses:name=liberty,nonfatal,cacheDir=/output/.classCache/ -XX:+UseContainerSupport LIBERTY_VERSION=19.0.0_08 LOG_DIR=/logs WLP_OUTPUT_DIR=/opt/ibm/wlp/output RANDFILE=/tmp/.rnd] Command:copy Args:[server.xml /config/server.xml] Flags:[--chown=1001:0] Attrs:map[] Message:COPY --chown=1001:0 server.xml /config/server.xml Original:COPY --chown=1001:0 server.xml /config/server.xml}: error copying "/root/CLOUD/pingservlet-java/server.xml" to "/var/lib/containers/storage/overlay/0e10d548c6ab9cfa2bcd90af89865296e5c800125b745f88725954ab4073fce1/merged/config/server.xml": mkdir /var/lib/containers/storage/overlay/0e10d548c6ab9cfa2bcd90af89865296e5c800125b745f88725954ab4073fce1/merged/config: file exists

Expected results:
Image creation succeed without error.

Additional info:
Comment 1 Daniel Walsh 2019-09-13 16:18:31 UTC 
TOm could you verify if this is fixed in upstream, and report back which version of podman has the fix.
Comment 2 Tom Sweeney 2019-09-13 18:39:10 UTC 
Hi Moss,

I'm a little confused by the title and the example?  Based on the initial email, I thought you were having issues with Podman?  The title of this BZ says "Podman Docker" and the command example you've included shows a Docker rather than a Podman command.

I've just tried your build on Fedora 30 using:  

# podman version
Version:            1.5.1
RemoteAPI Version:  1
Go Version:         go1.12.7
OS/Arch:            linux/amd64
[root@localhost ~]# podman build -t tom .

and it worked for me:

 podman build -t tom .
STEP 1: FROM centos:7 AS runtime
Getting image source signatures
Copying blob d8d02d457314 done
Copying config 67fa590cfc done
Writing manifest to image destination
Storing signatures
STEP 2: LABEL intermediate=true
bd080f2c43deced73d641de68ba9d58f25e178e256726598ebb42f7a9fea7e79
STEP 3: RUN mkdir -p /opt/ssfs/runtime
9c4f4a8a4229c2d79693cca07ba93dc31f907c44347ffe01df29fc6f75287a9d
STEP 4: COPY . .
53a82612ba43eb6093896090860a2d3f33ccc0e5529f6e0cd4fb8ca1ffbd484b
STEP 5: FROM 53a82612ba43eb6093896090860a2d3f33ccc0e5529f6e0cd4fb8ca1ffbd484b
STEP 6: ARG ARCH
157ac8d504b786f28811ed1f6b5105be06589f1942be2fb49441c830e28c360d
STEP 7: RUN  /usr/bin/curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/${ARCH}/kubectl      && chmod +x ./kubectl       &&  mv ./kubectl /usr/local/bin/kubectl
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   215  100   215    0     0    464      0 --:--:-- --:--:-- --:--:--   464
STEP 8: COMMIT tom
0b72f96696e9747e86aa0ce9a9aa81c63aad103b4e8b8e401ef29a1ae72b17f8


So I think if we can figure out the install fun of the required packages with Lokesh, then we'll be able to get things working for you on RHEL 8.
Comment 3 Moss Uchida 2019-09-13 19:19:12 UTC 
Sorry, I am new to Podman (less than 1 week).  When I tried to install docker on my RHEL8.0, yum installed podman with podman-docker.  So, I started to study about podman & podman-docker and found out that docker command is mapped to podman by podman-docker & underline, it uses podman.  Talked with RH performance team (Radim Vansa) a while ago, I remembered he recommended podman over doker & it seems like it is preferred over docker for RHEL, I have decided to give it a try.  I also likes podman architecture over docker as it is daemon less.  I run the above podman command on my RHEL8.0 and I hit the same error, it is the podman 1.0.3 that has issue.  From your test, it seems like this issue is fixed with the latest podman (which is a good news), at this point, I just would like to know the installation details so that I can upgrade my podman on RHEL 8 without installing docker.
Comment 4 Daniel Walsh 2019-09-13 20:21:22 UTC 
Well RHEL works a little slower for things like this so we are stuck with a very old version of Podman until RHEL8.1 which hits in November.  At that point we will update to a medium old version podman1.4.4 (We are releaseing podman 1.6, this weekend).

After November we will release the current version every three Months.
Comment 6 Moss Uchida 2019-11-20 17:34:11 UTC 
I have upgraded my RHEL 8.0 to 8.1.  Please provide steps to install/upgrade to the  podman1.4.4

[root@noah ~]# cat /etc/redhat-release
Red Hat Enterprise Linux release 8.1 (Ootpa)


[root@noah ~]# rpm -qa | grep podman
podman-1.0.0-3.git921f98f.module+el8.1.0+4241+a7060183.x86_64
podman-docker-1.0.0-3.git921f98f.module+el8.1.0+4241+a7060183.noarch
pcp-pmda-podman-4.3.2-2.el8.x86_64
Comment 7 Tom Sweeney 2019-11-20 18:14:54 UTC 
Moss I'm assuming you tried 'yum update podman'.  Lokesh do you know if there's some tweaking that he needs to do for yum/rpm to find the right bits?
Comment 8 Moss Uchida 2019-11-20 20:25:04 UTC 
I got answer in here : https://access.redhat.com/discussions/4171061#comment-1671581

Can you update podman doc so that RHEL 8.1 users can install the latest 1.4.2 version?

btw, now I hit the docker hub does not support OCI images issue... and kubernetes cannot pull the image from docker hub... sigh

https://github.com/containers/libpod/issues/4285
Comment 15 Joy Pu 2020-08-31 16:08:32 UTC 
Can reproduce this with podman-1.0.0-5.git921f98f and test with podman-2.0.4-3.module+el8.3.0+7716+ce654703.x86_64, the step 5 works as expect. So set this to verified. Details:
# podman  build -t test -f ./Dockerfile_KS 
STEP 1: FROM ibmcom/websphere-liberty:kernel-ubi-min-amd64
STEP 2: USER 0
--> Using cache ae602a0c3f10c1958cae9b9f4b97ba81af8d59425ea1f24cbb5be9c529776555
STEP 3: USER 1001
--> Using cache be6b882a97f7c6a8043d73468febf9e6b1aff19eec56a0df912b17403379bd26
STEP 4: COPY --chown=1001:0 server.xml /config/server.xml
--> Using cache ad310ea5a61fd700951d720785711568f86171ec5cbff6eb811e7d459201a916
STEP 5: COPY --chown=1001:0 target/pingservlet-2.0.0-SNAPSHOT.war /config/apps/PingServlet.war
--> Using cache aae51861de4f6c99e4a8b4e41a7d0e869c168f2db91b76b43c20523bd77f62f9
STEP 6: RUN configure.sh
+ WLP_INSTALL_DIR=/opt/ibm/wlp
+ SHARED_CONFIG_DIR=/opt/ibm/wlp/usr/shared/config
+ SHARED_RESOURCE_DIR=/opt/ibm/wlp/usr/shared/resources
+ SNIPPETS_SOURCE=/opt/ibm/helpers/build/configuration_snippets
+ SNIPPETS_TARGET=/config/configDropins/overrides
+ SNIPPETS_TARGET_DEFAULTS=/config/configDropins/defaults
+ mkdir -p /config/configDropins/overrides
+ '[' '' == true ']'
+ '[' '' == true ']'
....
Comment 18 errata-xmlrpc 2020-11-04 03:05:10 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: container-tools:rhel8 security, bug fix, and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2020:4694