Bug 2094610

Brent, PTAL

For clarification, in your report you said two pull requests were merged upstream that fixed this.  Does that mean it works upstream but not in the version of RHEL you are using?  Are you really asking for a backport?

That correct @bbaude 
We want it to be backported to Podman 4.0 on RHEL 8.6.

FWIW, the development team does not make decisions on backports.  It is typically done by product management.  the appropriate people have been asked.

@dornelas and @mrussell I think our only delivery vehicle for RHEL 8.6 at this point is 8.6.0.2 and this fix is included in Podman v4.1.1 which will be part of RHEL 8.6.0.2.  I don't think any further backport is necessary, thoughts?  FWIW, RHEL 8.6.0.2 is due out in mid August.

Correct, the next planned release under development will include podman-4.1.1, and this rebase will be made available in the August timeframe.  

My understanding is that the workaround for this issue is to include the '--interval=<duration>' option with the HEALTHCHECK instruction.

This bug has been verified on podman-4.2.0-1.module+el8.7.0+16493+89f82ab8.x86_64.

[root@hpe-dl380pgen8-02-vm-7 ~]# cat /etc/redhat-release 
Red Hat Enterprise Linux release 8.7 Beta (Ootpa)

[root@hpe-dl380pgen8-02-vm-7 ~]# rpm -q podman runc systemd kernel
podman-4.2.0-1.module+el8.7.0+16493+89f82ab8.x86_64
runc-1.1.4-1.module+el8.7.0+16493+89f82ab8.x86_64
systemd-239-65.el8.x86_64
kernel-4.18.0-422.el8.x86_64

[root@hpe-dl380pgen8-02-vm-7 ~]# podman build . -t dev --format docker
STEP 1/4: FROM quay.io/libpod/alpine
Trying to pull quay.io/libpod/alpine:latest...
Getting image source signatures
Copying blob 9d16cba9fb96 done  
Copying config 9617696764 done  
Writing manifest to image destination
Storing signatures
STEP 2/4: RUN mkdir /healthchecks
--> ce87526f6a7
STEP 3/4: HEALTHCHECK CMD touch /healthchecks/"$(date +%s)"
--> ff1bc3d88ad
STEP 4/4: CMD ["sleep", "999999999999"]
COMMIT dev
--> 0d74bc74495
Successfully tagged localhost/dev:latest
0d74bc74495a485eff48bf44557506d3dd82b0ba3e5f880adc80fef748568271

[root@hpe-dl380pgen8-02-vm-7 ~]# podman run -d --name test --rm dev
f1f7c7f0a80499a2f2d3c9fb380cdd166d7ac37f7607f9bcca1165ee90d0e786
[root@hpe-dl380pgen8-02-vm-7 ~]# podman ps
CONTAINER ID  IMAGE                 COMMAND               CREATED             STATUS                           PORTS       NAMES
f1f7c7f0a804  localhost/dev:latest  sleep 99999999999...  About a minute ago  Up About a minute ago (healthy)              test
[root@hpe-dl380pgen8-02-vm-7 ~]# podman ps
CONTAINER ID  IMAGE                 COMMAND               CREATED             STATUS                           PORTS       NAMES
f1f7c7f0a804  localhost/dev:latest  sleep 99999999999...  About a minute ago  Up About a minute ago (healthy)              test
[root@hpe-dl380pgen8-02-vm-7 ~]# podman ps
CONTAINER ID  IMAGE                 COMMAND               CREATED             STATUS                           PORTS       NAMES
f1f7c7f0a804  localhost/dev:latest  sleep 99999999999...  About a minute ago  Up About a minute ago (healthy)              test
[root@hpe-dl380pgen8-02-vm-7 ~]# podman exec test ls /healthchecks
1661774679
1661774710
1661774741
1661774772

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: container-tools:rhel8 security, bug fix, and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2022:7457

The needinfo request[s] on this closed bug have been removed as they have been unresolved for 120 days