2183667 – Error: mount /var/lib/containers/storage/overlay:/var/lib/containers/storage/overlay, flags: 0x1000: operation not permitted [rhel-8.8.0.z]

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 2183667 - Error: mount /var/lib/containers/storage/overlay:/var/lib/containers/storage/overlay, flags: 0x1000: operation not permitted [rhel-8.8.0.z]

Summary: Error: mount /var/lib/containers/storage/overlay:/var/lib/containers/storage/...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 8
Classification:	Red Hat
Component:	buildah
Sub Component:
Version:	8.8
Hardware:	x86_64
OS:	Linux
Priority:	unspecified
Severity:	high
Target Milestone:	rc
Target Release:	---
Assignee:	Tom Sweeney
QA Contact:	Alex Jia
Docs Contact:
URL:
Whiteboard:
Depends On:	2166195
Blocks:
TreeView+	depends on / blocked

Reported:	2023-04-01 00:06 UTC by RHEL Program Management Team
Modified:	2023-05-16 11:39 UTC (History)
CC List:	12 users (show)
Fixed In Version:	buildah-1.29.1-2.el8_8
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:	2166195
Environment:
Last Closed:	2023-05-16 10:01:09 UTC
Type:	---
Target Upstream Version:
Embargoed:
Dependent Products:
Flags:	pm-rhel: mirror+

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Issue Tracker	RHELPLAN-153806	0	None	None	None	2023-04-01 00:07:25 UTC
Red Hat Product Errata	RHBA-2023:3089	0	None	None	None	2023-05-16 10:01:27 UTC

Comment 6 Alex Jia 2023-04-04 00:17:47 UTC

This bug hasn't been fixed by buildah-1.29.1-2.module+el8.8.0+18553+8fea4d79.

[root@kvm-02-guest08 ~]# cat /etc/redhat-release 
Red Hat Enterprise Linux release 8.8 (Ootpa)

[root@kvm-02-guest08 ~]# rpm -q podman buildah containers-common runc systemd kernel
podman-4.4.1-10.module+el8.8.0+18555+491facf3.x86_64
buildah-1.29.1-2.module+el8.8.0+18553+8fea4d79.x86_64
containers-common-1-63.module+el8.8.0+18438+15d3aa65.x86_64
runc-1.1.4-1.module+el8.8.0+18060+3f21f2cc.x86_64
systemd-239-74.el8_8.x86_64
kernel-4.18.0-477.7.1.el8_8.x86_64

[root@kvm-02-guest08 ~]# podman run --rm --device /dev/fuse -it registry-proxy.engineering.redhat.com/rh-osbs/rhel8-buildah:8.8-3
Trying to pull registry-proxy.engineering.redhat.com/rh-osbs/rhel8-buildah:8.8-3...
Getting image source signatures
Copying blob 40635c589740 done  
Copying blob 5d5f3559a9ea done  
Copying config b3041480f0 done  
Writing manifest to image destination
Storing signatures
[root@2f6841f52a0a /]# rpm -q buildah containers-common fuse-overlayfs
buildah-1.29.1-1.module+el8.8.0+18195+471da4bb.x86_64
containers-common-1-62.module+el8.8.0+18251+ad5b274c.x86_64
fuse-overlayfs-1.10-1.module+el8.8.0+18060+3f21f2cc.x86_64
[root@2f6841f52a0a /]# buildah from ubi8
Resolved "ubi8" as an alias (/etc/containers/registries.conf.d/001-rhel-shortnames.conf)
Trying to pull registry.access.redhat.com/ubi8:latest...
Getting image source signatures
Checking if image destination supports signatures
Copying blob c4877503c8d2 done  
Copying config 36660eab1e done  
Writing manifest to image destination
Storing signatures
ubi8-working-container
[root@2f6841f52a0a /]# buildah ps
CONTAINER ID  BUILDER  IMAGE ID     IMAGE NAME                       CONTAINER NAME
c34ab7204f21     *     36660eab1ea3 registry.access.redhat.com/ub... ubi8-working-container
[root@2f6841f52a0a /]# buildah run --isolation=chroot ubi8-working-container ls /
Error: error in copier subprocess: chrooting to directory "/var/lib/containers/storage/overlay/fdac4ee1f2dea5731e9dc9728ce2b4a9db1197074a7a2f85704d1383ca5ebf55/merged": operation not permitted
[root@2f6841f52a0a /]# exit
exit
[root@kvm-02-guest08 ~]# echo $?
125

Comment 8 Tom Sweeney 2023-04-04 23:55:58 UTC

When I try the Podman command to run RHEL, I'm getting a cert error on my Fedora machine: 

# podman run --rm --device /dev/fuse -it registry-proxy.engineering.redhat.com/rh-osbs/rhel8-buildah:8.8-3
Trying to pull registry-proxy.engineering.redhat.com/rh-osbs/rhel8-buildah:8.8-3...
Error: initializing source docker://registry-proxy.engineering.redhat.com/rh-osbs/rhel8-buildah:8.8-3: pinging container registry registry-proxy.engineering.redhat.com: Get "https://registry-proxy.engineering.redhat.com/v2/": x509: certificate signed by unknown authority

However, when I run the Buildah commands by themselves on Fedora, everything works:


# buildah -v
buildah version 1.29.1 (image-spec 1.0.2-dev, runtime-spec 1.0.2-dev)


# buildah from ubi8
Trying to pull registry.access.redhat.com/ubi8:latest...
Getting image source signatures
Checking if image destination supports signatures
Copying blob 6208c5a2e205 done  
Copying config 768688a189 done  
Writing manifest to image destination
Storing signatures
ubi8-working-container

# buildah ps
CONTAINER ID  BUILDER  IMAGE ID     IMAGE NAME                       CONTAINER NAME
c757b9985248     *     768688a18971 registry.access.redhat.com/ub... ubi8-working-container

# buildah run  --isolation=chroot ubi8-working-container ls /
bin  boot  dev	etc  home  lib	lib64  lost+found  media  mnt  opt  proc  root	run  sbin  srv	sys  tmp  usr  var

Valentin, could you give it a try when you get in please?

Comment 9 Tom Sweeney 2023-04-04 23:58:06 UTC

@jnovy The containers-common rpm version in that RHEL:8.8-3 image looks a little wonky to me.  Can you verify that's correct please?

containers-common-1-63.module+el8.8.0+18438+15d3aa65.x86_64

Comment 10 Valentin Rothberg 2023-04-05 06:10:06 UTC

(In reply to Tom Sweeney from comment #9)
> @jnovy The containers-common rpm version in that RHEL:8.8-3 image
> looks a little wonky to me.  Can you verify that's correct please?
> 
> containers-common-1-63.module+el8.8.0+18438+15d3aa65.x86_64

Yes, please check whether `containers-common` sets the `default_capabilities=...` field.  It should not anymore (or add back SYS_CHROOT).

Comment 11 Valentin Rothberg 2023-04-05 06:10:39 UTC

In /etc/containers/containers.conf.

Comment 12 Jindrich Novy 2023-04-05 08:32:05 UTC

Works for me:

[root@ci-vm-10-0-137-115 ~]# dnf install podman buildah
Updating Subscription Management repositories.
Unable to read consumer identity

This system is not registered with an entitlement server. You can use subscription-manager to register.

Last metadata expiration check: 0:01:10 ago on Wed 05 Apr 2023 04:28:39 AM EDT.
Dependencies resolved.
=============================================================================================================================================================================
 Package                                       Architecture             Version                                                       Repository                        Size
=============================================================================================================================================================================
Installing:
 buildah                                       x86_64                   1:1.29.1-1.module+el8.8.0+18195+471da4bb                      rhel-AppStream                   8.8 M
 podman                                        x86_64                   3:4.4.1-8.module+el8.8.0+18438+15d3aa65                       rhel-AppStream                    15 M
Installing dependencies:
 conmon                                        x86_64                   3:2.1.6-1.module+el8.8.0+18098+9b44df5f                       rhel-AppStream                    57 k
 container-selinux                             noarch                   2:2.205.0-2.module+el8.8.0+18438+15d3aa65                     rhel-AppStream                    64 k
 containernetworking-plugins                   x86_64                   1:1.2.0-1.module+el8.8.0+18060+3f21f2cc                       rhel-AppStream                    20 M
 containers-common                             x86_64                   2:1-63.module+el8.8.0+18438+15d3aa65                          rhel-AppStream                   129 k
 criu                                          x86_64                   3.15-3.module+el8.8.0+18060+3f21f2cc                          rhel-AppStream                   518 k
 fuse-common                                   x86_64                   3.3.0-16.el8                                                  rhel                              22 k
 fuse-overlayfs                                x86_64                   1.10-1.module+el8.8.0+18060+3f21f2cc                          rhel-AppStream                    74 k
 fuse3                                         x86_64                   3.3.0-16.el8                                                  rhel                              54 k
 fuse3-libs                                    x86_64                   3.3.0-16.el8                                                  rhel                              95 k
 libnet                                        x86_64                   1.1.6-15.el8                                                  rhel-AppStream                    67 k
 libslirp                                      x86_64                   4.4.0-1.module+el8.8.0+18060+3f21f2cc                         rhel-AppStream                    70 k
 podman-catatonit                              x86_64                   3:4.4.1-8.module+el8.8.0+18438+15d3aa65                       rhel-AppStream                   361 k
 protobuf-c                                    x86_64                   1.3.0-6.el8                                                   rhel-AppStream                    37 k
 runc                                          x86_64                   1:1.1.4-1.module+el8.8.0+18060+3f21f2cc                       rhel-AppStream                   3.1 M
 shadow-utils-subid                            x86_64                   2:4.6-17.el8                                                  rhel                             113 k
 slirp4netns                                   x86_64                   1.2.0-2.module+el8.8.0+18060+3f21f2cc                         rhel-AppStream                    54 k
Enabling module streams:
 container-tools                                                        rhel8                                                                                               

Transaction Summary
=============================================================================================================================================================================
Install  18 Packages

Total download size: 48 M
Installed size: 148 M
Is this ok [y/N]: y
Downloading Packages:
(1/18): fuse-common-3.3.0-16.el8.x86_64.rpm                                                                                                  781 kB/s |  22 kB     00:00    
(2/18): fuse3-3.3.0-16.el8.x86_64.rpm                                                                                                        1.7 MB/s |  54 kB     00:00    
(3/18): fuse3-libs-3.3.0-16.el8.x86_64.rpm                                                                                                   2.6 MB/s |  95 kB     00:00    
(4/18): shadow-utils-subid-4.6-17.el8.x86_64.rpm                                                                                             6.0 MB/s | 113 kB     00:00    
(5/18): conmon-2.1.6-1.module+el8.8.0+18098+9b44df5f.x86_64.rpm                                                                              2.4 MB/s |  57 kB     00:00    
(6/18): container-selinux-2.205.0-2.module+el8.8.0+18438+15d3aa65.noarch.rpm                                                                 3.3 MB/s |  64 kB     00:00    
(7/18): containers-common-1-63.module+el8.8.0+18438+15d3aa65.x86_64.rpm                                                                      6.9 MB/s | 129 kB     00:00    
(8/18): criu-3.15-3.module+el8.8.0+18060+3f21f2cc.x86_64.rpm                                                                                  23 MB/s | 518 kB     00:00    
(9/18): fuse-overlayfs-1.10-1.module+el8.8.0+18060+3f21f2cc.x86_64.rpm                                                                       4.7 MB/s |  74 kB     00:00    
(10/18): libnet-1.1.6-15.el8.x86_64.rpm                                                                                                      4.1 MB/s |  67 kB     00:00    
(11/18): libslirp-4.4.0-1.module+el8.8.0+18060+3f21f2cc.x86_64.rpm                                                                           4.3 MB/s |  70 kB     00:00    
(12/18): buildah-1.29.1-1.module+el8.8.0+18195+471da4bb.x86_64.rpm                                                                            35 MB/s | 8.8 MB     00:00    
(13/18): podman-catatonit-4.4.1-8.module+el8.8.0+18438+15d3aa65.x86_64.rpm                                                                    16 MB/s | 361 kB     00:00    
(14/18): protobuf-c-1.3.0-6.el8.x86_64.rpm                                                                                                   2.3 MB/s |  37 kB     00:00    
(15/18): runc-1.1.4-1.module+el8.8.0+18060+3f21f2cc.x86_64.rpm                                                                                25 MB/s | 3.1 MB     00:00    
(16/18): slirp4netns-1.2.0-2.module+el8.8.0+18060+3f21f2cc.x86_64.rpm                                                                        3.2 MB/s |  54 kB     00:00    
(17/18): containernetworking-plugins-1.2.0-1.module+el8.8.0+18060+3f21f2cc.x86_64.rpm                                                         36 MB/s |  20 MB     00:00    
(18/18): podman-4.4.1-8.module+el8.8.0+18438+15d3aa65.x86_64.rpm                                                                              28 MB/s |  15 MB     00:00    
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total                                                                                                                                         71 MB/s |  48 MB     00:00     
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                                                                                                                                                     1/1 
  Running scriptlet: container-selinux-2:2.205.0-2.module+el8.8.0+18438+15d3aa65.noarch                                                                                 1/18 
  Installing       : container-selinux-2:2.205.0-2.module+el8.8.0+18438+15d3aa65.noarch                                                                                 1/18 
  Running scriptlet: container-selinux-2:2.205.0-2.module+el8.8.0+18438+15d3aa65.noarch                                                                                 1/18 
  Installing       : containernetworking-plugins-1:1.2.0-1.module+el8.8.0+18060+3f21f2cc.x86_64                                                                         2/18 
  Installing       : fuse3-libs-3.3.0-16.el8.x86_64                                                                                                                     3/18 
  Running scriptlet: fuse3-libs-3.3.0-16.el8.x86_64                                                                                                                     3/18 
  Installing       : protobuf-c-1.3.0-6.el8.x86_64                                                                                                                      4/18 
  Installing       : libslirp-4.4.0-1.module+el8.8.0+18060+3f21f2cc.x86_64                                                                                              5/18 
  Installing       : slirp4netns-1.2.0-2.module+el8.8.0+18060+3f21f2cc.x86_64                                                                                           6/18 
  Installing       : libnet-1.1.6-15.el8.x86_64                                                                                                                         7/18 
  Running scriptlet: libnet-1.1.6-15.el8.x86_64                                                                                                                         7/18 
  Installing       : criu-3.15-3.module+el8.8.0+18060+3f21f2cc.x86_64                                                                                                   8/18 
  Installing       : runc-1:1.1.4-1.module+el8.8.0+18060+3f21f2cc.x86_64                                                                                                9/18 
  Installing       : conmon-3:2.1.6-1.module+el8.8.0+18098+9b44df5f.x86_64                                                                                             10/18 
  Installing       : shadow-utils-subid-2:4.6-17.el8.x86_64                                                                                                            11/18 
  Installing       : fuse-common-3.3.0-16.el8.x86_64                                                                                                                   12/18 
  Installing       : fuse3-3.3.0-16.el8.x86_64                                                                                                                         13/18 
  Installing       : fuse-overlayfs-1.10-1.module+el8.8.0+18060+3f21f2cc.x86_64                                                                                        14/18 
  Running scriptlet: fuse-overlayfs-1.10-1.module+el8.8.0+18060+3f21f2cc.x86_64                                                                                        14/18 
  Installing       : containers-common-2:1-63.module+el8.8.0+18438+15d3aa65.x86_64                                                                                     15/18 
  Installing       : podman-catatonit-3:4.4.1-8.module+el8.8.0+18438+15d3aa65.x86_64                                                                                   16/18 
  Installing       : podman-3:4.4.1-8.module+el8.8.0+18438+15d3aa65.x86_64                                                                                             17/18 
  Installing       : buildah-1:1.29.1-1.module+el8.8.0+18195+471da4bb.x86_64                                                                                           18/18 
  Running scriptlet: container-selinux-2:2.205.0-2.module+el8.8.0+18438+15d3aa65.noarch                                                                                18/18 
  Running scriptlet: buildah-1:1.29.1-1.module+el8.8.0+18195+471da4bb.x86_64                                                                                           18/18 
  Verifying        : fuse-common-3.3.0-16.el8.x86_64                                                                                                                    1/18 
  Verifying        : fuse3-3.3.0-16.el8.x86_64                                                                                                                          2/18 
  Verifying        : fuse3-libs-3.3.0-16.el8.x86_64                                                                                                                     3/18 
  Verifying        : shadow-utils-subid-2:4.6-17.el8.x86_64                                                                                                             4/18 
  Verifying        : buildah-1:1.29.1-1.module+el8.8.0+18195+471da4bb.x86_64                                                                                            5/18 
  Verifying        : conmon-3:2.1.6-1.module+el8.8.0+18098+9b44df5f.x86_64                                                                                              6/18 
  Verifying        : container-selinux-2:2.205.0-2.module+el8.8.0+18438+15d3aa65.noarch                                                                                 7/18 
  Verifying        : containernetworking-plugins-1:1.2.0-1.module+el8.8.0+18060+3f21f2cc.x86_64                                                                         8/18 
  Verifying        : containers-common-2:1-63.module+el8.8.0+18438+15d3aa65.x86_64                                                                                      9/18 
  Verifying        : criu-3.15-3.module+el8.8.0+18060+3f21f2cc.x86_64                                                                                                  10/18 
  Verifying        : fuse-overlayfs-1.10-1.module+el8.8.0+18060+3f21f2cc.x86_64                                                                                        11/18 
  Verifying        : libnet-1.1.6-15.el8.x86_64                                                                                                                        12/18 
  Verifying        : libslirp-4.4.0-1.module+el8.8.0+18060+3f21f2cc.x86_64                                                                                             13/18 
  Verifying        : podman-3:4.4.1-8.module+el8.8.0+18438+15d3aa65.x86_64                                                                                             14/18 
  Verifying        : podman-catatonit-3:4.4.1-8.module+el8.8.0+18438+15d3aa65.x86_64                                                                                   15/18 
  Verifying        : protobuf-c-1.3.0-6.el8.x86_64                                                                                                                     16/18 
  Verifying        : runc-1:1.1.4-1.module+el8.8.0+18060+3f21f2cc.x86_64                                                                                               17/18 
  Verifying        : slirp4netns-1.2.0-2.module+el8.8.0+18060+3f21f2cc.x86_64                                                                                          18/18 
Installed products updated.

Installed:
  buildah-1:1.29.1-1.module+el8.8.0+18195+471da4bb.x86_64                           conmon-3:2.1.6-1.module+el8.8.0+18098+9b44df5f.x86_64                                    
  container-selinux-2:2.205.0-2.module+el8.8.0+18438+15d3aa65.noarch                containernetworking-plugins-1:1.2.0-1.module+el8.8.0+18060+3f21f2cc.x86_64               
  containers-common-2:1-63.module+el8.8.0+18438+15d3aa65.x86_64                     criu-3.15-3.module+el8.8.0+18060+3f21f2cc.x86_64                                         
  fuse-common-3.3.0-16.el8.x86_64                                                   fuse-overlayfs-1.10-1.module+el8.8.0+18060+3f21f2cc.x86_64                               
  fuse3-3.3.0-16.el8.x86_64                                                         fuse3-libs-3.3.0-16.el8.x86_64                                                           
  libnet-1.1.6-15.el8.x86_64                                                        libslirp-4.4.0-1.module+el8.8.0+18060+3f21f2cc.x86_64                                    
  podman-3:4.4.1-8.module+el8.8.0+18438+15d3aa65.x86_64                             podman-catatonit-3:4.4.1-8.module+el8.8.0+18438+15d3aa65.x86_64                          
  protobuf-c-1.3.0-6.el8.x86_64                                                     runc-1:1.1.4-1.module+el8.8.0+18060+3f21f2cc.x86_64                                      
  shadow-utils-subid-2:4.6-17.el8.x86_64                                            slirp4netns-1.2.0-2.module+el8.8.0+18060+3f21f2cc.x86_64                                 

Complete!
[root@ci-vm-10-0-137-115 ~]# podman run --rm --device /dev/fuse -it registry-proxy.engineering.redhat.com/rh-osbs/rhel8-buildah:8.8-3
Trying to pull registry-proxy.engineering.redhat.com/rh-osbs/rhel8-buildah:8.8-3...
Getting image source signatures
Copying blob 40635c589740 done  
Copying blob 5d5f3559a9ea done  
Copying config b3041480f0 done  
Writing manifest to image destination
Storing signatures

Comment 13 Jindrich Novy 2023-04-05 08:43:22 UTC

And btw. I made sure SYS_CHROOT is present in containers.conf default_capabilities.

Tom, the versioning of containers-common is OK.

Comment 14 Tom Sweeney 2023-04-05 13:59:37 UTC

Jindrich, I still can't get that podman command to run on my machine, probably a local issue.  Could I ask you to try running these two commands inside the container after you run that podman run command?

# podman run --rm --device /dev/fuse -it registry-proxy.engineering.redhat.com/rh-osbs/rhel8-buildah:8.8-3

In the container: 

# buildah from ubi8
Trying to pull registry.access.redhat.com/ubi8:latest...
Getting image source signatures
Checking if image destination supports signatures
Copying blob 6208c5a2e205 done  
Copying config 768688a189 done  
Writing manifest to image destination
Storing signatures
ubi8-working-container


# buildah run  --isolation=chroot ubi8-working-container ls /
bin  boot  dev	etc  home  lib	lib64  lost+found  media  mnt  opt  proc  root	run  sbin  srv	sys  tmp  usr  var

Comment 16 Alex Jia 2023-04-07 01:23:42 UTC

This bug has been verified for buildah-1.29.1-2.module+el8.8.0+18553+8fea4d79 with containers-common-1-64.module+el8.8.0+18571+eed59fc4.

[root@kvm-01-guest11 ~]# cat /etc/redhat-release 
Red Hat Enterprise Linux release 8.8 (Ootpa)

[root@kvm-01-guest11 ~]# rpm -q podman buildah containers-common runc systemd kernel
podman-4.4.1-10.module+el8.8.0+18555+491facf3.x86_64
buildah-1.29.1-2.module+el8.8.0+18553+8fea4d79.x86_64
containers-common-1-64.module+el8.8.0+18571+eed59fc4.x86_64
runc-1.1.4-1.module+el8.8.0+18060+3f21f2cc.x86_64
systemd-239-74.el8_8.x86_64
kernel-4.18.0-477.9.1.el8_8.x86_64

[root@kvm-01-guest11 ~]# podman run --rm --device /dev/fuse -it registry-proxy.engineering.redhat.com/rh-osbs/rhel8-buildah:8.8-3
Trying to pull registry-proxy.engineering.redhat.com/rh-osbs/rhel8-buildah:8.8-3...
Getting image source signatures
Copying blob 40635c589740 done  
Copying blob 5d5f3559a9ea done  
Copying config b3041480f0 done  
Writing manifest to image destination
Storing signatures
[root@12b8d0de88ca /]# rpm -q buildah containers-common fuse-overlayfs
buildah-1.29.1-1.module+el8.8.0+18195+471da4bb.x86_64
containers-common-1-62.module+el8.8.0+18251+ad5b274c.x86_64
fuse-overlayfs-1.10-1.module+el8.8.0+18060+3f21f2cc.x86_64
[root@12b8d0de88ca /]# buildah from ubi8
Resolved "ubi8" as an alias (/etc/containers/registries.conf.d/001-rhel-shortnames.conf)
Trying to pull registry.access.redhat.com/ubi8:latest...
Getting image source signatures
Checking if image destination supports signatures
Copying blob 6208c5a2e205 done  
Copying config 768688a189 done  
Writing manifest to image destination
Storing signatures
ubi8-working-container
[root@12b8d0de88ca /]# buildah ps
CONTAINER ID  BUILDER  IMAGE ID     IMAGE NAME                       CONTAINER NAME
2cb22145e5d5     *     768688a18971 registry.access.redhat.com/ub... ubi8-working-container
[root@12b8d0de88ca /]# buildah run --isolation=chroot ubi8-working-container ls /
bin  boot  dev	etc  home  lib	lib64  lost+found  media  mnt  opt  proc  root	run  sbin  srv	sys  tmp  usr  var
[root@12b8d0de88ca /]# exit
exit
[root@kvm-01-guest11 ~]# echo $?
0

Comment 21 errata-xmlrpc 2023-05-16 10:01:09 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (container-tools:rhel8 bug fix update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2023:3089

Note You need to log in before you can comment on or make changes to this bug.