Bug 2222789 - 'init-container' fails when /var/lib/flatpak, /var/lib/systemd/coredump or /var/log/journal on the host are mounted with nodev, noexec or nosuid
Summary: 'init-container' fails when /var/lib/flatpak, /var/lib/systemd/coredump or /v...
Keywords:
Status: VERIFIED
Alias: None
Deadline: 2023-08-21
Product: Red Hat Enterprise Linux 9
Classification: Red Hat
Component: toolbox
Version: 9.3
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Debarshi Ray
QA Contact: Petr Schindler
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2023-07-13 17:58 UTC by Debarshi Ray
Modified: 2023-08-17 10:04 UTC (History)
2 users (show)

Fixed In Version: toolbox-0.0.99.4-5.el9
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Type: Bug
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github containers toolbox issues 1084 0 None closed "invalid entry point PID of container" when /var/lib/flatpak is mounted nosuid and/or nodev 2023-07-13 17:59:23 UTC
Github containers toolbox issues 911 0 None open 'init-container' fails when /var/lib/flatpak, /var/lib/systemd/coredump or /var/log/journal on the host are mounted with... 2023-07-13 17:58:54 UTC
Red Hat Issue Tracker RHELPLAN-162323 0 None None None 2023-07-13 18:01:57 UTC

Description Debarshi Ray 2023-07-13 17:58:55 UTC
This is the same as RHEL 8 bug 2144541

I expect several RHEL 9 users to have /var/lib/flatpak, /var/lib/systemd/coredump or /var/log/journal on the host mounted with nodev, noexec or nosuid.  So, it will be good to fix it in RHEL 9 as well.

Comment 1 Debarshi Ray 2023-08-11 16:02:22 UTC
Merge request: https://gitlab.com/redhat/centos-stream/rpms/toolbox/-/merge_requests/69

Comment 2 Debarshi Ray 2023-08-11 17:01:14 UTC
Built toolbox-0.0.99.4-5.el9:
https://kojihub.stream.rdu2.redhat.com/koji/taskinfo?taskID=2674880


Note You need to log in before you can comment on or make changes to this bug.