Bug 1877699

Summary: podman does not use $TMPDIR loading a tar file.
Product: Red Hat Enterprise Linux 7 Reporter: hasuzuki
Component: podmanAssignee: Jindrich Novy <jnovy>
Status: CLOSED ERRATA QA Contact: Martin Jenner <mjenner>
Severity: high Docs Contact:
Priority: unspecified    
Version: 7.8CC: bbaude, dornelas, dwalsh, jligon, jnovy, lsm5, mheon, tsweeney, umohnani, ypu
Target Milestone: rcKeywords: Extras
Target Release: ---   
Hardware: Unspecified   
OS: Linux   
Whiteboard:
Fixed In Version: podman-1.6.4-25.el7 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-11-10 13:54:23 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1186913, 1845974    

Description hasuzuki 2020-09-10 08:44:41 UTC 
Description of problem:

podman does not use $TMPDIR loading an tar file.
Podman load command fail on systems with small /var/tmp partition.



Version-Release number of selected component (if applicable):
podman-1.6.4-18.el7_8.x86_64 (latest version in RHEL7)


How reproducible:
100%

Steps to Reproduce:
1. Set /var/tmp small small size.
   # mount -t tmpfs -o size=1M tmpfs /var/tmp
2. Set environment variable to /tmp.
   # export TMPDIR=/tmp
3. Execute podman load command.

# podman load -i ./redhat.tar
Getting image source signatures
Copying blob 22415211085f skipped: already exists  
Copying blob 063d4ba31922 skipped: already exists  
Copying blob 0a0f017f8754 [======>-------------------------------] 92.3MiB / 523.1MiB
  write /var/tmp/storage071747019/1: no space left on device
Error: error pulling "": unable to pull dir:./redhat.tar: error determining pull goal for image "dir:./redhat.tar": error parsing dest reference name "localhost/./redhat.tar": error parsing named reference "localhost/./redhat.tar": invalid reference format


Actual results:
podman load command use /var/tmp directory.

Expected results:
podman load command use /tmp directory.

Additional info:

I think, following patch fix the issue.

  https://github.com/containers/podman/pull/5412


3 cmd/podman/load.go
@@ -10,6 +10,7 @@ import (
	"github.com/containers/libpod/cmd/podman/cliconfig"
	"github.com/containers/libpod/cmd/podman/shared/parse"
	"github.com/containers/libpod/pkg/adapter"
	"github.com/containers/libpod/pkg/util"
	"github.com/pkg/errors"
	"github.com/spf13/cobra"
	"golang.org/x/crypto/ssh/terminal"
@@ -75,7 +76,7 @@ func loadCmd(c *cliconfig.LoadValues) error {
		if terminal.IsTerminal(int(os.Stdin.Fd())) {
			return errors.Errorf("cannot read from terminal. Use command-line redirection or the --input flag.")
		}
		outFile, err := ioutil.TempFile("/var/tmp", "podman")     <==
		outFile, err := ioutil.TempFile(util.Tmpdir(), "podman")
		if err != nil {
			return errors.Errorf("error creating file %v", err)
		}


This patch is not yet backported to our podman.
podman/load.go in podman-1.6.4-18.el7_8.src.rpm
///
     75                 if terminal.IsTerminal(int(os.Stdin.Fd())) {
     76                         return errors.Errorf("cannot read from terminal. Use command-line redirection or the --input flag        .")
     77                 }
     78                 outFile, err := ioutil.TempFile("/var/tmp", "podman")              <==
     79                 if err != nil {
     80                         return errors.Errorf("error creating file %v", err)
     81                 }
     82                 defer os.Remove(outFile.Name())
     83                 defer outFile.Close()
     84 
     85                 _, err = io.Copy(outFile, os.Stdin)
     86                 if err != nil {
     87                         return errors.Errorf("error copying file %v", err)
     88                 }
     89 
     90                 c.Input = outFile.Name()
     91         }

Could you backport the patch to our podman?


The issue looks like following bugzilla for rhel8.
https://bugzilla.redhat.com/show_bug.cgi?id=1769918

Thanks
Hayato Suzuki
Comment 2 Derrick Ornelas 2020-09-10 14:23:13 UTC 
*** Bug 1877700 has been marked as a duplicate of this bug. ***
Comment 4 Tom Sweeney 2020-09-10 15:04:47 UTC 
Assigning to Matt as he handled the other related backports for this issue.
Comment 5 Jindrich Novy 2020-09-11 09:01:40 UTC 
If we talk about https://github.com/containers/image/commit/81308749f70d6c40c6b0fea39ffe767bfe50da38.patch

then this patch was already in as part of fixing CVE-2020-8945:

* Fri Apr 03 2020 Jindrich Novy <jnovy> - 1.6.4-18
- fix "CVE-2020-8945 proglottis/gpgme: Use-after-free in GPGME bindings during container image pull"
- Resolves: #1806940

Matt, do we need to do anything else on top of this?
Comment 6 Matthew Heon 2020-09-11 13:30:04 UTC 
I think we need one more commit in Podman itself to actually use the support that c/image added - 2c328f94b61116bfa7d1d46525d854678f94c9f3 appears to be the one
Comment 12 Joy Pu 2020-10-20 08:22:51 UTC 
Test with podman-1.6.4-26.el7_9.x86_64 and it works as expect. So set this to verified. Details:
# mount -t tmpfs -o size=1M tmpfs /var/tmp
# export TMPDIR=/tmp
# podman pull ubi8
Trying to pull registry.access.redhat.com/ubi8...
Getting image source signatures
Copying blob c4d668e229cd done  
Copying blob ec1681b6a383 done  
Copying config ecbc6f53bb done  
Writing manifest to image destination
Storing signatures
ecbc6f53bba0d1923ca9e92b3f747da8353a070fccbae93625bd8b47dbee772e
Comment 14 errata-xmlrpc 2020-11-10 13:54:23 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: podman security and bug fix update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2020:5056
Comment 15 Red Hat Bugzilla 2023-09-18 00:22:24 UTC 
The needinfo request[s] on this closed bug have been removed as they have been unresolved for 120 days