Bug 1817605

Summary: atomic install fails due to missing /var/lib/atomic directory
Product: Red Hat Enterprise Linux 7 Reporter: Michael Nguyen <mnguyen>
Component: atomicAssignee: Jindrich Novy <jnovy>
Status: CLOSED ERRATA QA Contact: atomic-bugs <atomic-bugs>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 7.8CC: ajia, bbaude, bkhomuts, ddarrah, dwalsh, jnovy, lsm5, miabbott, mpitt, olorel, toneata, tsweeney
Target Milestone: rcKeywords: Extras
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: atomic-1.22.1-33.gitb507039.el7 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-04-01 00:26:56 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Michael Nguyen 2020-03-26 16:06:30 UTC 
Description of problem:
Cannot install the cockpit container (and possibly others) with the atomic command.  [Errno 2] No such file or directory: '/var/lib/atomic/install.json.lock'

Version-Release number of selected component (if applicable):
$ rpm -q atomic containers-common skopeo
atomic-1.22.1-29.gitb507039.el7.x86_64
containers-common-0.1.40-7.el7_8.x86_64
skopeo-0.1.40-7.el7_8.x86_64

$ rpm-ostree status
State: idle; auto updates disabled
Deployments:
● ostree://rhel-atomic-host-ostree:rhel-atomic-host/7/x86_64/standard
        OstreeRemoteStatus: Remote "rhel-atomic-host-ostree" not found
                   Version: 7.8.0 (2020-03-26 10:03:56)
                    Commit: 808a4d2401252b4b8b618ed9a3be8ebd98624d3f95950169107d508f27d50b29


How reproducible:
Always

Steps to Reproduce:
1. atomic install registry.access.redhat.com/rhel7/cockpit-ws


Actual results:
[cloud-user@s8 ~]$ sudo atomic install registry.access.redhat.com/rhel7/cockpit-ws
Pulling registry.access.redhat.com/rhel7/cockpit-ws:latest ...
Copying blob 1f1202c893ce done
Copying blob 32be9843afa0 done
Copying blob dc86afe5cc0c done
Copying config 34edc0b57e done
Writing manifest to image destination
Storing signatures
/usr/bin/docker run --rm --privileged -v /:/host registry.access.redhat.com/rhel7/cockpit-ws /container/atomic-install
+ sed -e /pam_selinux/d -e /pam_sepermit/d /etc/pam.d/cockpit
+ mkdir -p /host/etc/cockpit/ws-certs.d /host/etc/cockpit/machines.d
+ chmod 755 /host/etc/cockpit/ws-certs.d /host/etc/cockpit/machines.d
+ chown root:root /host/etc/cockpit/ws-certs.d /host/etc/cockpit/machines.d
+ mkdir -p /host/var/lib/cockpit
+ chmod 775 /host/var/lib/cockpit
+ chown root:wheel /host/var/lib/cockpit
+ mkdir -p /etc/ssh
+ /bin/mount --bind /host/etc/cockpit /etc/cockpit
+ /usr/sbin/remotectl certificate --ensure
[Errno 2] No such file or directory: '/var/lib/atomic/install.json.lock'


Expected results:
Cockpit container runs successfully

Additional info:
containers-common (part of skopeo) created /var/lib/atomic for its sigstore.  The sigstore has since been moved to /var/lib/containers so atomic is failing to create the install.json.lock file because /var/lib/atomic doesn't exist.
Comment 2 Martin Pitt 2020-03-26 16:12:50 UTC 
This is the same issue as https://github.com/projectatomic/atomic/issues/1258 which we found a year ago.

We have used the mkdir workaround since then on Fedora Atomic: https://github.com/cockpit-project/cockpit-ostree/commit/0cdb0bee6fc5af7ff5eb291f0a49510146ca8883
Comment 6 Alex Jia 2020-03-27 11:47:43 UTC 
Verified in atomic-1.22.1-33.gitb507039.el7_8.x86_64.

[root@atomic-host-test-001 cloud-user]# rpm -q atomic
atomic-1.22.1-33.gitb507039.el7_8.x86_64

[root@atomic-host-test-001 cloud-user]# atomic install registry.access.redhat.com/rhel7/cockpit-ws
/usr/bin/docker run --rm --privileged -v /:/host registry.access.redhat.com/rhel7/cockpit-ws /container/atomic-install
+ sed -e /pam_selinux/d -e /pam_sepermit/d /etc/pam.d/cockpit
+ mkdir -p /host/etc/cockpit/ws-certs.d /host/etc/cockpit/machines.d
+ chmod 755 /host/etc/cockpit/ws-certs.d /host/etc/cockpit/machines.d
+ chown root:root /host/etc/cockpit/ws-certs.d /host/etc/cockpit/machines.d
+ mkdir -p /host/var/lib/cockpit
+ chmod 775 /host/var/lib/cockpit
+ chown root:wheel /host/var/lib/cockpit
+ mkdir -p /etc/ssh
+ /bin/mount --bind /host/etc/cockpit /etc/cockpit
+ /usr/sbin/remotectl certificate --ensure

[root@atomic-host-test-001 cloud-user]# atomic images list | grep cockpit-ws
   registry.access.redhat.com/rhel7/cockpit-ws      latest   34edc0b57e16   2020-03-10 12:11   224.07 MB      docker
Comment 8 errata-xmlrpc 2020-04-01 00:26:56 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:1235
Comment 9 Red Hat Bugzilla 2023-09-14 05:54:47 UTC 
The needinfo request[s] on this closed bug have been removed as they have been unresolved for 1000 days