Bug 1902979
| Summary: | podman run fails to update /etc/hosts when --uidmap is provided | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 8 | Reporter: | Suhaas Bhat <subhat> |
| Component: | podman | Assignee: | Jindrich Novy <jnovy> |
| Status: | CLOSED ERRATA | QA Contact: | Alex Jia <ajia> |
| Severity: | medium | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 8.3 | CC: | bbaude, dornelas, dwalsh, jligon, jnovy, lsm5, mheon, pthomas, tsweeney, umohnani, ypu |
| Target Milestone: | rc | ||
| Target Release: | 8.4 | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | podman-2.2.0-1.el8 | Doc Type: | If docs needed, set a value |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2021-05-18 15:32:56 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 1186913, 1823899 | ||
|
Description
Suhaas Bhat
2020-12-01 03:04:29 UTC
Fixed upstream by https://github.com/containers/podman/commit/3ae47f7d2b9328ff47dc5702d834ae9ee296a27b. A version with the fix should land in RHEL 8.4. I got 'permission denied' on fixed version podman-2.2.0-1, please gave correct fixed version. # podman run --uidmap 0:100000:1000 --rm --hostname foohostname quay.io/libpod/alpine grep foohostname /etc/hosts Trying to pull quay.io/libpod/alpine:latest... Getting image source signatures Copying blob 9d16cba9fb96 done Copying config 9617696764 done Writing manifest to image destination Storing signatures Error: container_linux.go:370: starting container process caused: process_linux.go:459: container init caused: rootfs_linux.go:59: mounting "sysfs" to rootfs at "/sys" caused: operation not permitted: OCI permission denied # rpm -q podman runc crun kernel podman-2.2.0-1.module+el8.4.0+8963+6755fc2b.x86_64 runc-1.0.0-68.rc92.module+el8.4.0+8963+6755fc2b.x86_64 crun-0.16-1.module+el8.4.0+8963+6755fc2b.x86_64 kernel-4.18.0-259.el8.x86_64 And verified on podman-3.0.0-0.21.module+el8.4.0+9425+98db097b.x86_64. # podman run --uidmap 0:100000:1000 --rm --hostname foohostname quay.io/libpod/alpine grep foohostname /etc/hosts Trying to pull quay.io/libpod/alpine:latest... Getting image source signatures Copying blob 9d16cba9fb96 done Copying config 9617696764 done Writing manifest to image destination Storing signatures 10.88.0.2 foohostname practical_pare # rpm -q podman runc crun kernel podman-3.0.0-0.21.module+el8.4.0+9425+98db097b.x86_64 runc-1.0.0-69.rc92.module+el8.4.0+9425+98db097b.x86_64 crun-0.16-2.module+el8.4.0+9425+98db097b.x86_64 kernel-4.18.0-272.el8.dt5.x86_64 Alex/Jindrich, As this BZ is targeted for RHEL 8.4, I think Alex should be testing with Podman 3.0. Jindrich to you concur? Tom, yes you are right. Alex, please re-test with podman-3.0.0 which is aimed at 8.4.0, thanks! (In reply to Jindrich Novy from comment #8) > Tom, yes you are right. > > Alex, please re-test with podman-3.0.0 which is aimed at 8.4.0, thanks! I also gave a test on podman-3.0.0, it works for me, for details, please see Comment 6. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: container-tools:rhel8 security, bug fix, and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:1796 |