RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 2152023 - podman: ubi8 sticky bit removed from /tmp
Summary: podman: ubi8 sticky bit removed from /tmp
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 9
Classification: Red Hat
Component: podman
Version: 9.2
Hardware: x86_64
OS: Linux
unspecified
high
Target Milestone: rc
: ---
Assignee: Jindrich Novy
QA Contact: Joy Pu
URL:
Whiteboard:
Depends On: 2138434 2141452 2152001
Blocks: 2152026
TreeView+ depends on / blocked
 
Reported: 2022-12-08 22:44 UTC by Tom Sweeney
Modified: 2023-05-09 08:53 UTC (History)
21 users (show)

Fixed In Version: podman-4.4.0-1.el9
Doc Type: If docs needed, set a value
Doc Text:
Clone Of: 2138434
: 2152026 (view as bug list)
Environment:
Last Closed: 2023-05-09 07:41:58 UTC
Type: Bug
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github containers podman pull 16689 0 None Merged Update vendor of containers/(image, buildah) 2022-12-12 10:46:03 UTC
Red Hat Issue Tracker RHELPLAN-141729 0 None None None 2022-12-08 22:51:45 UTC
Red Hat Product Errata RHSA-2023:2282 0 None None None 2023-05-09 07:42:55 UTC

Comment 8 Joy Pu 2023-02-13 08:22:19 UTC 
Test with podman-4.4.0-1.el9.x86_64. The flag "t" exist after build. So move it to verified. More details:
# podman build -t test .
STEP 1/23: FROM scratch
STEP 2/23: ADD rhel-base-fs-container-8.6-2480.x86_64.tar.gz /
--> c37e4e3ca23
STEP 3/23: ADD tls-ca-bundle.pem /tmp/tls-ca-bundle.pem
--> 3183839aaa6
STEP 4/23: ADD atomic-reactor-repos/* /etc/yum.repos.d/
--> c50e0e36d8b
STEP 5/23: LABEL maintainer="Red Hat, Inc."
--> 0854b100d6f
STEP 6/23: LABEL com.redhat.component="ubi8-container"       name="ubi8"       version="8.6"
--> ede6b88d8f1
STEP 7/23: LABEL com.redhat.license_terms="https://www.redhat.com/en/about/red-hat-end-user-license-agreements#UBI"
--> b2fe7ce2787
STEP 8/23: LABEL summary="Provides the latest release of Red Hat Universal Base Image 8."
--> f655b37c9ba
STEP 9/23: LABEL description="The Universal Base Image is designed and engineered to be the base layer for all of your containerized applications, middleware and utilities. This base image is freely redistributable, but Red Hat only supports Red Hat technologies through subscriptions for Red Hat products. This image is maintained by Red Hat and updated regularly."
--> 1c32b16e486
STEP 10/23: LABEL io.k8s.display-name="Red Hat Universal Base Image 8"
--> 2a0af69419f
STEP 11/23: LABEL io.openshift.expose-services=""
--> 71bab441063
STEP 12/23: LABEL io.openshift.tags="base rhel8"
--> 69d4b7f6f08
STEP 13/23: ENV container oci
--> 7b0bd02b54f
STEP 14/23: ENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
--> b3b9083bb1c
STEP 15/23: CMD ["/bin/bash"]
--> 9638119a584
STEP 16/23: RUN rm -rf /var/log/*
--> 1c45e55081f
STEP 17/23: RUN mkdir -p /var/log/rhsm
--> d1e5171fc6b
STEP 18/23: LABEL release=1054
--> e44bab647fb
STEP 19/23: ADD ubi8-container-8.6-1054.json /root/buildinfo/content_manifests/ubi8-container-8.6-1054.json
--> fbc8160c1d5
STEP 20/23: ADD Dockerfile-ubi8-8.6-1054 /root/buildinfo/Dockerfile-ubi8-8.6-1054
--> 520cc03bee4
STEP 21/23: LABEL "distribution-scope"="public" "vendor"="Red Hat, Inc." "build-date"="2022-12-19T02:04:53" "architecture"="x86_64" "vcs-type"="git" "vcs-ref"="f1ee6e37554363ec55e0035aba1a693d3627fdeb" "io.k8s.description"="The Universal Base Image is designed and engineered to be the base layer for all of your containerized applications, middleware and utilities. This base image is freely redistributable, but Red Hat only supports Red Hat technologies through subscriptions for Red Hat products. This image is maintained by Red Hat and updated regularly." "url"="https://access.redhat.com/containers/#/registry.access.redhat.com/ubi8/images/8.6-1054"
--> 5479b4c7b6a
STEP 22/23: RUN rm -f '/etc/yum.repos.d/beaker-AppStream.repo'
--> 95d9e96598d
STEP 23/23: RUN rm -f /tmp/tls-ca-bundle.pem
COMMIT test
--> 856687d8067
Successfully tagged localhost/test:latest
856687d80675efa96d348a8c99570b66db2db45b8a954770ccc70aa839b12612
# podman run test ls -ld /tmp
drwxrwxrwt. 1 root root 31 Feb 13 08:19 /tmp
Comment 11 errata-xmlrpc 2023-05-09 07:41:58 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: podman security and bug fix update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2023:2282
Note You need to log in before you can comment on or make changes to this bug.