Bug 2178263

Summary: Error: mount /var/lib/containers/storage/overlay:/var/lib/containers/storage/overlay, flags: 0x1000: operation not permitted
Product: Red Hat Enterprise Linux 9 Reporter: Jindrich Novy <jnovy>
Component: containers-commonAssignee: Jindrich Novy <jnovy>
Status: VERIFIED --- QA Contact: Alex Jia <ajia>
Severity: high Docs Contact:
Priority: unspecified    
Version: 9.3CC: ajia, arajan, dwalsh, gscrivan, jnovy, mboddu, pthomas, szidek, tsweeney, umohnani, ypu
Target Milestone: rcKeywords: Triaged, ZStream
Target Release: ---Flags: gscrivan: needinfo? (dwalsh)
tsweeney: needinfo? (dwalsh)
tsweeney: needinfo? (gscrivan)
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: podman-4.4.1-8.el9 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 2166195
: 2183632 (view as bug list) Environment:
Last Closed: Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2166195    
Bug Blocks: 2166225, 2183632    

Comment 11 Alex Jia 2023-04-07 01:42:08 UTC 
This bug has been verified for podman-4.4.1-8.el9 with buildah-1.29.1-2.el9 and containers-common-1-51.el9 on RHEL 9.3.

[root@kvm-01-guest18 ~]# cat /etc/redhat-release 
Red Hat Enterprise Linux release 9.3 Beta (Plow)

[root@kvm-01-guest18 ~]# rpm -q podman buildah containers-common runc systemd kernel
podman-4.4.1-8.el9.x86_64
buildah-1.29.1-2.el9.x86_64
containers-common-1-51.el9.x86_64
runc-1.1.4-1.el9_1.x86_64
systemd-252-13.el9_2.x86_64
kernel-5.14.0-295.el9.x86_64

[root@kvm-01-guest18 ~]# podman run --rm --device /dev/fuse -it registry-proxy.engineering.redhat.com/rh-osbs/rhel9-buildah:9.2-3
Trying to pull registry-proxy.engineering.redhat.com/rh-osbs/rhel9-buildah:9.2-3...
Getting image source signatures
Copying blob f375df5edc3f done  
Copying blob 8fcb66e1c5fd done  
Copying config 05a32ed22e done  
Writing manifest to image destination
Storing signatures
[root@e9627941a25c /]# rpm -q buildah containers-common fuse-overlayfs
buildah-1.29.0-2.el9.x86_64
containers-common-1-49.el9_1.x86_64
fuse-overlayfs-1.10-2.el9.x86_64
[root@e9627941a25c /]# buildah from ubi9
Resolved "ubi9" as an alias (/etc/containers/registries.conf.d/001-rhel-shortnames.conf)
Trying to pull registry.access.redhat.com/ubi9:latest...
Getting image source signatures
Checking if image destination supports signatures
Copying blob 2a625e4afab5 done  
Copying config 9877f06ecc done  
Writing manifest to image destination
Storing signatures
ubi9-working-container
[root@e9627941a25c /]# buildah ps
CONTAINER ID  BUILDER  IMAGE ID     IMAGE NAME                       CONTAINER NAME
a76b6a0a9f0d     *     9877f06ecc6f registry.access.redhat.com/ub... ubi9-working-container
[root@e9627941a25c /]# buildah run --isolation=chroot ubi9-working-container ls /
afs  bin  boot	dev  etc  home	lib  lib64  lost+found	media  mnt  opt  proc  root  run  sbin	srv  sys  tmp  usr  var
[root@e9627941a25c /]# exit
exit
[root@kvm-01-guest18 ~]# echo $?
0
Comment 14 Alex Jia 2023-06-25 03:20:44 UTC 
This bug both are verified for podman-4.5.1-2.el9 with buildah-1.30.0-2.el9 and containers-common-1-52.el9 and
podman-4.5.1-4.el9 with buildah-1.30.0-2.el9 and containers-common-1-53.el9.