Bug 1536726
| Summary: | docker 1.12.6-68.gitec8512b.el7 does not provide secrets | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | Jaroslav Spanko <jspanko> |
| Component: | docker | Assignee: | Lokesh Mandvekar <lsm5> |
| Status: | CLOSED ERRATA | QA Contact: | atomic-bugs <atomic-bugs> |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | 7.4 | CC: | amurdaca, dornelas, lsm5, lsu, rrajaram, sakulkar |
| Target Milestone: | rc | Keywords: | Extras |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | docker-1.13.1-48.gitec9911e.el7_4 | Doc Type: | If docs needed, set a value |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2018-03-07 09:51:51 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 1186913, 1513780 | ||
|
Description
Jaroslav Spanko
2018-01-20 09:48:02 UTC
Does this come from skopeo-containers? moving to skopeo as it looks like problem there for now ... Thanks ! (In reply to Daniel Walsh from comment #3) > Does this come from skopeo-containers? Yes, the entitlement problem is caused by missing /usr/share/rhel/secrets/ which is now provided by skopeo-containers instead of docker. I think the fix is to have docker-1.12.6-68.gitec8512b.el7 (and newer) have a dependency on skopeo-containers >= 0.1.26-2.dev.git2e8377a.el7 See my example below: ** Start with docker-1.12.6-61.git85d7426.el7 # rpm -q docker docker-1.12.6-61.git85d7426.el7.x86_64 # rpm -qf /usr/share/rhel/secrets/ docker-1.12.6-61.git85d7426.el7.x86_64 # docker pull rhel7 Using default tag: latest Trying to pull repository registry.access.redhat.com/rhel7 ... latest: Pulling from registry.access.redhat.com/rhel7 9a32f102e677: Already exists b8aa42cec17a: Already exists Digest: sha256:66bf4409e707da5c08fd0f03c653d0954ade3b6d9dfadd07edf7a0cb1bd9c42f # docker run --name test -ti rhel7 bash [root@e6314cc0c78b /]# yum repolist Loaded plugins: ovl, product-id, search-disabled-repos, subscription-manager rhel-7-server-rpms | 2.0 kB 00:00:00 (1/3): rhel-7-server-rpms/7Server/x86_64/group | 595 kB 00:00:00 (2/3): rhel-7-server-rpms/7Server/x86_64/updateinfo | 2.2 MB 00:00:00 (3/3): rhel-7-server-rpms/7Server/x86_64/primary | 39 MB 00:00:02 rhel-7-server-rpms 18022/18022 repo id repo name status !rhel-7-server-rpms/7Server/x86_64 Red Hat Enterprise Linux 7 Server (RPMs) 31329 repolist: 31329 [root@e6314cc0c78b /]# exit ** Update docker # yum update docker Loaded plugins: search-disabled-repos rhel-7-server-extras-rpms | 2.0 kB 00:00:00 rhel-7-server-rh-common-rpms | 2.1 kB 00:00:00 rhel-7-server-rpms | 2.0 kB 00:00:00 Resolving Dependencies [...] Dependencies Resolved ================================================================================================================================================================ Package Arch Version Repository Size ================================================================================================================================================================ Updating: docker x86_64 2:1.12.6-71.git3e8e77d.el7 rhel-7-server-extras-rpms 15 M Updating for dependencies: docker-client x86_64 2:1.12.6-71.git3e8e77d.el7 rhel-7-server-extras-rpms 3.4 M docker-common x86_64 2:1.12.6-71.git3e8e77d.el7 rhel-7-server-extras-rpms 83 k docker-rhel-push-plugin x86_64 2:1.12.6-71.git3e8e77d.el7 rhel-7-server-extras-rpms 1.6 M oci-register-machine x86_64 1:0-3.14.gitcd1e331.el7 rhel-7-server-extras-rpms 1.1 M Transaction Summary ================================================================================================================================================================ Upgrade 1 Package (+4 Dependent packages) [...] Updated: docker.x86_64 2:1.12.6-71.git3e8e77d.el7 Dependency Updated: docker-client.x86_64 2:1.12.6-71.git3e8e77d.el7 docker-common.x86_64 2:1.12.6-71.git3e8e77d.el7 docker-rhel-push-plugin.x86_64 2:1.12.6-71.git3e8e77d.el7 oci-register-machine.x86_64 1:0-3.14.gitcd1e331.el7 Complete! # docker start -ai test [root@e6314cc0c78b /]# yum repolist Loaded plugins: ovl, product-id, search-disabled-repos, subscription-manager This system is not registered with an entitlement server. You can use subscription-manager to register. repolist: 0 [root@e6314cc0c78b /]# ls -l /etc/pki/entitlement-host lrwxrwxrwx. 1 root root 32 Jan 18 16:40 /etc/pki/entitlement-host -> /run/secrets/etc-pki-entitlement [root@e6314cc0c78b /]# ls -l /run/secrets/etc-pki-entitlement ls: cannot access /run/secrets/etc-pki-entitlement: No such file or directory [root@e6314cc0c78b /]# exit # docker run --name test2 -ti rhel7 bash [root@ed2bcb987134 /]# yum repolist Loaded plugins: ovl, product-id, search-disabled-repos, subscription-manager This system is not registered with an entitlement server. You can use subscription-manager to register. repolist: 0 [root@ed2bcb987134 /]# exit ** Both existing container and new container don't have access to entitlements # ls -l /usr/share/rhel/secrets/ ls: cannot access /usr/share/rhel/secrets/: No such file or directory ** Install skopeo-containers-0.1.26-2.dev.git2e8377a.el7 which provides /usr/share/rhel/secrets/ # yum update skopeo-containers-0.1.26-2.dev.git2e8377a.el7 skopeo-0.1.26-2.dev.git2e8377a.el7 Loaded plugins: search-disabled-repos rhel-7-server-extras-rpms | 2.0 kB 00:00:00 rhel-7-server-rh-common-rpms | 2.1 kB 00:00:00 rhel-7-server-rpms | 2.0 kB 00:00:00 Resolving Dependencies [...] Dependencies Resolved ================================================================================================================================================================ Package Arch Version Repository Size ================================================================================================================================================================ Updating: skopeo x86_64 1:0.1.26-2.dev.git2e8377a.el7 rhel-7-server-extras-rpms 3.2 M skopeo-containers x86_64 1:0.1.26-2.dev.git2e8377a.el7 rhel-7-server-extras-rpms 12 k Transaction Summary ================================================================================================================================================================ Upgrade 2 Packages [...] Updated: skopeo.x86_64 1:0.1.26-2.dev.git2e8377a.el7 skopeo-containers.x86_64 1:0.1.26-2.dev.git2e8377a.el7 Complete! # rpm -qf /usr/share/rhel/secrets/ skopeo-containers-0.1.26-2.dev.git2e8377a.el7.x86_64 # docker start -ai test2 [root@ed2bcb987134 /]# yum repolist Loaded plugins: ovl, product-id, search-disabled-repos, subscription-manager rhel-7-server-rpms | 2.0 kB 00:00:00 (1/3): rhel-7-server-rpms/7Server/x86_64/group | 595 kB 00:00:00 (2/3): rhel-7-server-rpms/7Server/x86_64/updateinfo | 2.2 MB 00:00:00 (3/3): rhel-7-server-rpms/7Server/x86_64/primary | 39 MB 00:00:02 rhel-7-server-rpms 18022/18022 repo id repo name status !rhel-7-server-rpms/7Server/x86_64 Red Hat Enterprise Linux 7 Server (RPMs) 31329 repolist: 31329 fixing this bug in 7.4.5 itself, cause that will reduce mess for 7.5 Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2018:0436 |