Bug 1858974 - Containers don't start on Fedora CoreOS because there's no 'sudo' group inside the container
Summary: Containers don't start on Fedora CoreOS because there's no 'sudo' group insid...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: toolbox
Version: 33
Hardware: x86_64
OS: Linux
unspecified
medium
Target Milestone: ---
Assignee: Debarshi Ray
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard: AcceptedFreezeException
Depends On:
Blocks: F33BetaFreezeException
TreeView+ depends on / blocked
 
Reported: 2020-07-20 23:38 UTC by Brandon Bennett
Modified: 2020-09-10 20:29 UTC (History)
4 users (show)

Fixed In Version: toolbox-0.0.95-1.fc33
Clone Of:
Environment:
Last Closed: 2020-09-10 20:29:06 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github containers toolbox issues 423 0 None closed Containers don't start on Fedora CoreOS because there's no 'sudo' group inside the container 2021-02-10 19:29:48 UTC

Internal Links: 1867829

Description Brandon Bennett 2020-07-20 23:38:34 UTC 
Description of problem:

Following the instructions on toolbox after creating the toolbox the toolbox fails to start/enter with error `Error: failed to start container fedora-toolbox-32`

```
$ toolbox create
Created container: fedora-toolbox-32
Enter with: toolbox enter
$ toolbox enter
Error: failed to start container fedora-toolbox-32
```

podman start reports a sudo group error

```
$ podman start fedora-toolbox-32
Error: unable to start container "c355d1274c6ac90d0763c0f4662905c289e23a44f418b4e84ac9036dc197ea05": error looking up supplemental groups for container c355d1274c6ac90d0763c0f4662905c289e23a44f418b4e84ac9036dc197ea05: Unable to find group sudo
```


Version-Release number of selected component (if applicable):

$ rpm -q podman conmon toolbox
podman-2.0.2-1.fc32.x86_64
conmon-2.0.18-1.fc32.x86_64
toolbox-0.0.92-1.fc32.x86_64


How reproducible: On my machine everytime


Steps to Reproduce:
1. Install toolbox on f32
2. run `toolbox create`
3. run `toolbox enter`

Actual results:

Get an error `Error: failed to start container fedora-toolbox-32`

Expected results:

Entered into the container able to play in my new sandbox.


Additional info:  This is not silverblue but just normal fedora
Comment 1 Marcel Ziswiler 2020-08-07 10:37:21 UTC 
Exact same happens on latest stable Fedora CoreOS!

$ podman start fedora-toolbox-32
Error: unable to start container "fedora-toolbox-32": error looking up supplemental groups for container 6bdba905e4d80c1ab8269ee014a51c23c5376f8ff0e932fc58f07c4cd50a865d: Unable to find group sudo

$ rpm -q podman conmon toolbox
podman-1.9.3-1.fc32.x86_64
conmon-2.0.18-1.fc32.x86_64
toolbox-0.0.92-1.fc32.x86_64

This happens regardless whether or not the sudo group actually exists or not!
Comment 2 Marcel Ziswiler 2020-08-11 06:51:48 UTC 
Please note that toolbox containers from Fedora 31, 32 and 33 all work just fine when spun up on my Fedora Worstation 31 installation:

$ rpm -q podman toolbox systemd
podman-2.0.4-1.fc31.x86_64
toolbox-0.0.92-1.fc31.x86_64
systemd-243.8-1.fc31.x86_64

What exactly is the problem with CoreOS?
Comment 3 Marcel Ziswiler 2020-08-11 08:23:04 UTC 
Besides the regular FCOS stable stream I also gave testing and next a try but the result stays the same!
Comment 4 Fedora Update System 2020-08-30 21:15:38 UTC 
FEDORA-2020-885e55baff has been submitted as an update to Fedora 33. https://bodhi.fedoraproject.org/updates/FEDORA-2020-885e55baff
Comment 5 Fedora Update System 2020-08-30 21:17:47 UTC 
FEDORA-2020-306addaac0 has been submitted as an update to Fedora 32. https://bodhi.fedoraproject.org/updates/FEDORA-2020-306addaac0
Comment 6 Fedora Update System 2020-08-31 15:55:20 UTC 
FEDORA-2020-306addaac0 has been pushed to the Fedora 32 testing repository.
In short time you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2020-306addaac0`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2020-306addaac0

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
Comment 7 Fedora Update System 2020-08-31 18:57:17 UTC 
FEDORA-2020-885e55baff has been pushed to the Fedora 33 testing repository.
In short time you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2020-885e55baff`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2020-885e55baff

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
Comment 8 Fedora Update System 2020-09-01 19:30:52 UTC 
FEDORA-2020-306addaac0 has been pushed to the Fedora 32 stable repository.
If problem still persists, please make note of it in this bug report.
Comment 9 Debarshi Ray 2020-09-08 11:48:34 UTC 
Toolbox is getting more and more attention from Fedora CoreOS users, and it will be good to unbreak the use of those containers. The fix isn't intrusive, has been widely tested and already deployed on Fedora 32.

Proposing as a Beta freeze exception.
Comment 10 Adam Williamson 2020-09-10 19:52:34 UTC 
This has +6 votes in the ticket, setting accepted.

Note, don't set updates for other releases as fixing bugs that are proposed as FEs or blockers, because then the update for the other release going stable will cause the bug to be closed, as in this case. If a proposed or accepted blocker or FE bug is closed for any reason it drops off all radars, it must be open to get any attention.
Comment 11 Fedora Update System 2020-09-10 20:29:06 UTC 
FEDORA-2020-885e55baff has been pushed to the Fedora 33 stable repository.
If problem still persists, please make note of it in this bug report.
Note You need to log in before you can comment on or make changes to this bug.