Bug 1741611 - Subscription-manager can not detect when running in a container when running via podman as non-root
Summary: Subscription-manager can not detect when running in a container when running ...
Keywords:
Status: NEW
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: subscription-manager
Version: 7.8
Hardware: Unspecified
OS: Unspecified
medium
unspecified
Target Milestone: rc
: ---
Assignee: candlepin-bugs
QA Contact: Red Hat subscription-manager QE Team
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2019-08-15 14:59 UTC by Chris Snyder
Modified: 2021-02-13 07:35 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Target Upstream Version:


Attachments (Terms of Use)

Description Chris Snyder 2019-08-15 14:59:31 UTC
Description of problem:

When using subscription-manager from inside a rhel container using podman as a non-root user (on the container host), subscription-manager is unable to detect it is running inside a container.


Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1. podman run -it --rm registry.redhat.io/rhel7:latest /bin/bash
# Now inside the container
2. subscription-manager status
+-------------------------------------------+
   System Status Details
+-------------------------------------------+
Overall Status: Unknown

System Purpose Status: Unknown

# ^^ We should have been informed subman is not enabled in containers

Actual results:

Subman operates as if it is not running in a container


Expected results:
After running any subman command I expect we'll see:
"""
subscription-manager is disabled when running inside a container. Please refer to your host system for subscription management.
"""


Additional info:
If you start podman as root (in the first step above) subman behaves as expected in the container

I believe this is caused by podman not being able to fully populate /run/secrets/rhsm due to permissions on the host.

Comment 3 Daniel Walsh 2020-01-09 20:16:19 UTC
You could check if their is an environment variable CONTAINER 

$ podman run fedora printenv container
oci

We set that on all of the container engines.

There is also a /run/.containerenv
file

$ podman run fedora ls /run/.containerenv
/run/.containerenv


Note You need to log in before you can comment on or make changes to this bug.