Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Starting containers fails with message 'open /proc/sys/net/ipv4/ping_group_range : no such file or directory: oci runtime attempted to invoke a command that was not found' #11210

Closed
mattiascockburn opened this issue Aug 12, 2021 · 1 comment
Closed

Starting containers fails with message 'open /proc/sys/net/ipv4/ping_group_range : no such file or directory: oci runtime attempted to invoke a command that was not found' #11210

mattiascockburn opened this issue Aug 12, 2021 · 1 comment
Labels
kind/bug Categorizes issue or PR as related to a bug. locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments.

Comments

@mattiascockburn
Copy link

Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)

/kind bug

Description

Trying to create/start containers fails with the error message open /proc/sys/net/ipv4/ping_group_range : no such file or directory: oci runtime attempted to invoke a command that was not found
This affects both unprivileged users as well as root.

Steps to reproduce the issue:

  1. Run podman run -ti --rm --log-level trace --name foo ubuntu:20.04

Describe the results you received:

The command fails. Complete trace log:

$ podman run -ti --rm --log-level trace --name foo ubuntu:20.04
INFO[0000] podman filtering at log level trace          
DEBU[0000] Called run.PersistentPreRunE(podman run -ti --rm --log-level trace --name foo ubuntu:20.04) 
DEBU[0000] overlay storage already configured with a mount-program 
TRAC[0000] Reading configuration file "/usr/share/containers/containers.conf" 
DEBU[0000] Merged system config "/usr/share/containers/containers.conf" 
TRAC[0000] &{Containers:{Devices:[] Volumes:[] ApparmorProfile:containers-default-0.38.16 Annotations:[] CgroupNS:private Cgroups:enabled DefaultCapabilities:[CHOWN DAC_OVERRIDE FOWNER FSETID KILL NET_BIND_SERVICE SETFCAP SETGID SETPCAP SETUID SYS_CHROOT] DefaultSysctls:[net.ipv4.ping_group_range = 0 0] DefaultUlimits:[] DefaultMountsFile: DNSServers:[] DNSOptions:[] DNSSearches:[] EnableKeyring:true EnableLabeling:false Env:[PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin TERM=xterm] EnvHost:false HTTPProxy:true Init:false InitPath: IPCNS:private LogDriver:k8s-file LogSizeMax:-1 NetNS:slirp4netns NoHosts:false PidsLimit:2048 PidNS:private SeccompProfile: ShmSize:65536k TZ: Umask:0022 UTSNS:private UserNS:host UserNSSize:65536} Engine:{CgroupCheck:false CgroupManager:systemd ConmonEnvVars:[PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin] ConmonPath:[/usr/libexec/podman/conmon /usr/local/libexec/podman/conmon /usr/local/lib/podman/conmon /usr/bin/conmon /usr/sbin/conmon /usr/local/bin/conmon /usr/local/sbin/conmon /run/current-system/sw/bin/conmon] DetachKeys:ctrl-p,ctrl-q EnablePortReservation:true Env:[] EventsLogFilePath:/run/user/1000/libpod/tmp/events/events.log EventsLogger:journald HooksDir:[/usr/share/containers/oci/hooks.d] ImageBuildFormat:oci ImageDefaultTransport:docker:// ImageParallelCopies:0 ImageDefaultFormat: InfraCommand: InfraImage:k8s.gcr.io/pause:3.5 InitPath:/usr/libexec/podman/catatonit LockType:shm MachineEnabled:false MultiImageArchive:false Namespace: NetworkCmdPath: NetworkCmdOptions:[] NoPivotRoot:false NumLocks:2048 OCIRuntime:crun OCIRuntimes:map[crun:[/usr/bin/crun /usr/sbin/crun /usr/local/bin/crun /usr/local/sbin/crun /sbin/crun /bin/crun /run/current-system/sw/bin/crun] kata:[/usr/bin/kata-runtime /usr/sbin/kata-runtime /usr/local/bin/kata-runtime /usr/local/sbin/kata-runtime /sbin/kata-runtime /bin/kata-runtime /usr/bin/kata-qemu /usr/bin/kata-fc] runc:[/usr/bin/runc /usr/sbin/runc /usr/local/bin/runc /usr/local/sbin/runc /sbin/runc /bin/runc /usr/lib/cri-o-runc/sbin/runc /run/current-system/sw/bin/runc] runsc:[/usr/bin/runsc /usr/sbin/runsc /usr/local/bin/runsc /usr/local/sbin/runsc /bin/runsc /sbin/runsc /run/current-system/sw/bin/runsc]] PullPolicy:missing Remote:false RemoteURI: RemoteIdentity: ActiveService: ServiceDestinations:map[] RuntimePath:[] RuntimeSupportsJSON:[crun runc kata runsc] RuntimeSupportsNoCgroups:[crun] RuntimeSupportsKVM:[kata kata-runtime kata-qemu kata-fc] SetOptions:{StorageConfigRunRootSet:false StorageConfigGraphRootSet:false StorageConfigGraphDriverNameSet:false StaticDirSet:false VolumePathSet:false TmpDirSet:false} SignaturePolicyPath:/etc/containers/policy.json SDNotify:false StateType:3 StaticDir:/home/mattias/.local/share/containers/storage/libpod StopTimeout:10 TmpDir:/run/user/1000/libpod/tmp VolumePath:/home/mattias/.local/share/containers/storage/volumes VolumePlugins:map[]} Network:{CNIPluginDirs:[/usr/libexec/cni /usr/lib/cni /usr/local/lib/cni /opt/cni/bin] DefaultNetwork:podman DefaultSubnet:10.88.0.0/16 NetworkConfigDir:/home/mattias/.config/cni/net.d}} 
TRAC[0000] Reading configuration file "/etc/containers/containers.conf" 
DEBU[0000] Merged system config "/etc/containers/containers.conf" 
TRAC[0000] &{Containers:{Devices:[] Volumes:[] ApparmorProfile:containers-default-0.38.16 Annotations:[] CgroupNS:private Cgroups:enabled DefaultCapabilities:[CHOWN DAC_OVERRIDE FOWNER FSETID KILL NET_BIND_SERVICE SETFCAP SETGID SETPCAP SETUID SYS_CHROOT] DefaultSysctls:[net.ipv4.ping_group_range = 0 0] DefaultUlimits:[] DefaultMountsFile: DNSServers:[] DNSOptions:[] DNSSearches:[] EnableKeyring:true EnableLabeling:false Env:[PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin TERM=xterm] EnvHost:false HTTPProxy:true Init:false InitPath: IPCNS:private LogDriver:k8s-file LogSizeMax:-1 NetNS:slirp4netns NoHosts:false PidsLimit:2048 PidNS:private SeccompProfile: ShmSize:65536k TZ: Umask:0022 UTSNS:private UserNS:host UserNSSize:65536} Engine:{CgroupCheck:false CgroupManager:systemd ConmonEnvVars:[PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin] ConmonPath:[/usr/libexec/podman/conmon /usr/local/libexec/podman/conmon /usr/local/lib/podman/conmon /usr/bin/conmon /usr/sbin/conmon /usr/local/bin/conmon /usr/local/sbin/conmon /run/current-system/sw/bin/conmon] DetachKeys:ctrl-p,ctrl-q EnablePortReservation:true Env:[] EventsLogFilePath:/run/user/1000/libpod/tmp/events/events.log EventsLogger:journald HooksDir:[/usr/share/containers/oci/hooks.d] ImageBuildFormat:oci ImageDefaultTransport:docker:// ImageParallelCopies:0 ImageDefaultFormat: InfraCommand: InfraImage:k8s.gcr.io/pause:3.5 InitPath:/usr/libexec/podman/catatonit LockType:shm MachineEnabled:false MultiImageArchive:false Namespace: NetworkCmdPath: NetworkCmdOptions:[] NoPivotRoot:false NumLocks:2048 OCIRuntime:crun OCIRuntimes:map[crun:[/usr/bin/crun /usr/sbin/crun /usr/local/bin/crun /usr/local/sbin/crun /sbin/crun /bin/crun /run/current-system/sw/bin/crun] kata:[/usr/bin/kata-runtime /usr/sbin/kata-runtime /usr/local/bin/kata-runtime /usr/local/sbin/kata-runtime /sbin/kata-runtime /bin/kata-runtime /usr/bin/kata-qemu /usr/bin/kata-fc] runc:[/usr/bin/runc /usr/sbin/runc /usr/local/bin/runc /usr/local/sbin/runc /sbin/runc /bin/runc /usr/lib/cri-o-runc/sbin/runc /run/current-system/sw/bin/runc] runsc:[/usr/bin/runsc /usr/sbin/runsc /usr/local/bin/runsc /usr/local/sbin/runsc /bin/runsc /sbin/runsc /run/current-system/sw/bin/runsc]] PullPolicy:missing Remote:false RemoteURI: RemoteIdentity: ActiveService: ServiceDestinations:map[] RuntimePath:[] RuntimeSupportsJSON:[crun runc kata runsc] RuntimeSupportsNoCgroups:[crun] RuntimeSupportsKVM:[kata kata-runtime kata-qemu kata-fc] SetOptions:{StorageConfigRunRootSet:false StorageConfigGraphRootSet:false StorageConfigGraphDriverNameSet:false StaticDirSet:false VolumePathSet:false TmpDirSet:false} SignaturePolicyPath:/etc/containers/policy.json SDNotify:false StateType:3 StaticDir:/home/mattias/.local/share/containers/storage/libpod StopTimeout:10 TmpDir:/run/user/1000/libpod/tmp VolumePath:/home/mattias/.local/share/containers/storage/volumes VolumePlugins:map[]} Network:{CNIPluginDirs:[/usr/libexec/cni /usr/lib/cni /usr/local/lib/cni /opt/cni/bin] DefaultNetwork:podman DefaultSubnet:10.88.0.0/16 NetworkConfigDir:/home/mattias/.config/cni/net.d}} 
DEBU[0000] overlay storage already configured with a mount-program 
DEBU[0000] Using conmon: "/usr/bin/conmon"              
DEBU[0000] Initializing boltdb state at /home/mattias/.local/share/containers/storage/libpod/bolt_state.db 
DEBU[0000] Using graph driver overlay                   
DEBU[0000] Using graph root /home/mattias/.local/share/containers/storage 
DEBU[0000] Using run root /run/user/1000                
DEBU[0000] Using static dir /home/mattias/.local/share/containers/storage/libpod 
DEBU[0000] Using tmp dir /run/user/1000/libpod/tmp      
DEBU[0000] Using volume path /home/mattias/.local/share/containers/storage/volumes 
DEBU[0000] overlay storage already configured with a mount-program 
DEBU[0000] Set libpod namespace to ""                   
DEBU[0000] [graphdriver] trying provided driver "overlay" 
DEBU[0000] overlay: mount_program=/usr/bin/fuse-overlayfs 
DEBU[0000] overlay: mount_program=/usr/bin/fuse-overlayfs 
DEBU[0000] backingFs=extfs, projectQuotaSupported=false, useNativeDiff=false, usingMetacopy=false 
DEBU[0000] Initializing event backend journald          
TRAC[0000] found runtime ""                             
TRAC[0000] found runtime ""                             
DEBU[0000] configured OCI runtime kata initialization failed: no valid executable found for OCI runtime kata: invalid argument 
DEBU[0000] configured OCI runtime runsc initialization failed: no valid executable found for OCI runtime runsc: invalid argument 
DEBU[0000] Using OCI runtime "/usr/bin/crun"            
INFO[0000] Found CNI network container-demo_default (type=bridge) at /home/mattias/.config/cni/net.d/container-demo_default.conflist 
DEBU[0000] Default CNI network name podman is unchangeable 
INFO[0000] Setting parallel job count to 13             
DEBU[0000] Pulling image ubuntu:20.04 (policy: missing) 
DEBU[0000] Looking up image "ubuntu:20.04" in local containers storage 
DEBU[0000] Trying "ubuntu:20.04" ...                    
DEBU[0000] Loading registries configuration "/etc/containers/registries.conf" 
DEBU[0000] Trying "localhost/ubuntu:20.04" ...          
DEBU[0000] Trying "docker.io/library/ubuntu:20.04" ...  
DEBU[0000] parsed reference into "[overlay@/home/mattias/.local/share/containers/storage+/run/user/1000:overlay.mount_program=/usr/bin/fuse-overlayfs,overlay.mount_program=/usr/bin/fuse-overlayfs]@9873176a8ff5ac192ce4d7df8a403787558b9f3981a4c4d74afb3edceeda451c" 
DEBU[0000] Found image "ubuntu:20.04" as "docker.io/library/ubuntu:20.04" in local containers storage 
DEBU[0000] Looking up image "docker.io/library/ubuntu:20.04" in local containers storage 
DEBU[0000] Trying "docker.io/library/ubuntu:20.04" ...  
DEBU[0000] parsed reference into "[overlay@/home/mattias/.local/share/containers/storage+/run/user/1000:overlay.mount_program=/usr/bin/fuse-overlayfs,overlay.mount_program=/usr/bin/fuse-overlayfs]@9873176a8ff5ac192ce4d7df8a403787558b9f3981a4c4d74afb3edceeda451c" 
DEBU[0000] Found image "docker.io/library/ubuntu:20.04" as "docker.io/library/ubuntu:20.04" in local containers storage 
DEBU[0000] Looking up image "ubuntu:20.04" in local containers storage 
DEBU[0000] Trying "ubuntu:20.04" ...                    
DEBU[0000] Trying "localhost/ubuntu:20.04" ...          
DEBU[0000] Trying "docker.io/library/ubuntu:20.04" ...  
DEBU[0000] parsed reference into "[overlay@/home/mattias/.local/share/containers/storage+/run/user/1000:overlay.mount_program=/usr/bin/fuse-overlayfs,overlay.mount_program=/usr/bin/fuse-overlayfs]@9873176a8ff5ac192ce4d7df8a403787558b9f3981a4c4d74afb3edceeda451c" 
DEBU[0000] Found image "ubuntu:20.04" as "docker.io/library/ubuntu:20.04" in local containers storage 
DEBU[0000] Inspecting image 9873176a8ff5ac192ce4d7df8a403787558b9f3981a4c4d74afb3edceeda451c 
DEBU[0000] exporting opaque data as blob "sha256:9873176a8ff5ac192ce4d7df8a403787558b9f3981a4c4d74afb3edceeda451c" 
DEBU[0000] exporting opaque data as blob "sha256:9873176a8ff5ac192ce4d7df8a403787558b9f3981a4c4d74afb3edceeda451c" 
DEBU[0000] exporting opaque data as blob "sha256:9873176a8ff5ac192ce4d7df8a403787558b9f3981a4c4d74afb3edceeda451c" 
DEBU[0000] exporting opaque data as blob "sha256:9873176a8ff5ac192ce4d7df8a403787558b9f3981a4c4d74afb3edceeda451c" 
DEBU[0000] Looking up image "ubuntu:20.04" in local containers storage 
DEBU[0000] Trying "ubuntu:20.04" ...                    
DEBU[0000] Trying "localhost/ubuntu:20.04" ...          
DEBU[0000] Trying "docker.io/library/ubuntu:20.04" ...  
DEBU[0000] parsed reference into "[overlay@/home/mattias/.local/share/containers/storage+/run/user/1000:overlay.mount_program=/usr/bin/fuse-overlayfs,overlay.mount_program=/usr/bin/fuse-overlayfs]@9873176a8ff5ac192ce4d7df8a403787558b9f3981a4c4d74afb3edceeda451c" 
DEBU[0000] Found image "ubuntu:20.04" as "docker.io/library/ubuntu:20.04" in local containers storage 
DEBU[0000] Inspecting image 9873176a8ff5ac192ce4d7df8a403787558b9f3981a4c4d74afb3edceeda451c 
DEBU[0000] exporting opaque data as blob "sha256:9873176a8ff5ac192ce4d7df8a403787558b9f3981a4c4d74afb3edceeda451c" 
DEBU[0000] exporting opaque data as blob "sha256:9873176a8ff5ac192ce4d7df8a403787558b9f3981a4c4d74afb3edceeda451c" 
DEBU[0000] exporting opaque data as blob "sha256:9873176a8ff5ac192ce4d7df8a403787558b9f3981a4c4d74afb3edceeda451c" 
DEBU[0000] exporting opaque data as blob "sha256:9873176a8ff5ac192ce4d7df8a403787558b9f3981a4c4d74afb3edceeda451c" 
DEBU[0000] Inspecting image 9873176a8ff5ac192ce4d7df8a403787558b9f3981a4c4d74afb3edceeda451c 
DEBU[0000] using systemd mode: false                    
DEBU[0000] setting container name foo                   
DEBU[0000] No hostname set; container's hostname will default to runtime default 
DEBU[0000] Loading seccomp profile from "/etc/containers/seccomp.json" 
DEBU[0000] Allocated lock 57 for container be92d127ecb98869863e376ce42c2f8d07fa80d281eb92d9ca8aa26443a9b38f 
DEBU[0000] parsed reference into "[overlay@/home/mattias/.local/share/containers/storage+/run/user/1000:overlay.mount_program=/usr/bin/fuse-overlayfs,overlay.mount_program=/usr/bin/fuse-overlayfs]@9873176a8ff5ac192ce4d7df8a403787558b9f3981a4c4d74afb3edceeda451c" 
DEBU[0000] exporting opaque data as blob "sha256:9873176a8ff5ac192ce4d7df8a403787558b9f3981a4c4d74afb3edceeda451c" 
DEBU[0000] created container "be92d127ecb98869863e376ce42c2f8d07fa80d281eb92d9ca8aa26443a9b38f" 
DEBU[0000] container "be92d127ecb98869863e376ce42c2f8d07fa80d281eb92d9ca8aa26443a9b38f" has work directory "/home/mattias/.local/share/containers/storage/overlay-containers/be92d127ecb98869863e376ce42c2f8d07fa80d281eb92d9ca8aa26443a9b38f/userdata" 
DEBU[0000] container "be92d127ecb98869863e376ce42c2f8d07fa80d281eb92d9ca8aa26443a9b38f" has run directory "/run/user/1000/overlay-containers/be92d127ecb98869863e376ce42c2f8d07fa80d281eb92d9ca8aa26443a9b38f/userdata" 
DEBU[0000] Handling terminal attach                     
DEBU[0000] [graphdriver] trying provided driver "overlay" 
DEBU[0000] overlay: mount_program=/usr/bin/fuse-overlayfs 
DEBU[0000] overlay: mount_program=/usr/bin/fuse-overlayfs 
DEBU[0000] backingFs=extfs, projectQuotaSupported=false, useNativeDiff=false, usingMetacopy=false 
DEBU[0000] overlay: mount_data=,lowerdir=/home/mattias/.local/share/containers/storage/overlay/l/XX7JK56PWENBVPMYW2UNM7FXGE,upperdir=/home/mattias/.local/share/containers/storage/overlay/c7c91a5df1c35200c8104840043f83ce10f3cf3fbd0bf07141da55015dc22ac7/diff,workdir=/home/mattias/.local/share/containers/storage/overlay/c7c91a5df1c35200c8104840043f83ce10f3cf3fbd0bf07141da55015dc22ac7/work,volatile 
DEBU[0000] Made network namespace at /run/user/1000/netns/cni-1d2c402d-6f8d-586f-6993-e064da384428 for container be92d127ecb98869863e376ce42c2f8d07fa80d281eb92d9ca8aa26443a9b38f 
DEBU[0000] mounted container "be92d127ecb98869863e376ce42c2f8d07fa80d281eb92d9ca8aa26443a9b38f" at "/home/mattias/.local/share/containers/storage/overlay/c7c91a5df1c35200c8104840043f83ce10f3cf3fbd0bf07141da55015dc22ac7/merged" 
DEBU[0000] slirp4netns command: /usr/bin/slirp4netns --disable-host-loopback --mtu=65520 --enable-sandbox --enable-seccomp -c -e 3 -r 4 --netns-type=path /run/user/1000/netns/cni-1d2c402d-6f8d-586f-6993-e064da384428 tap0 
DEBU[0000] Created root filesystem for container be92d127ecb98869863e376ce42c2f8d07fa80d281eb92d9ca8aa26443a9b38f at /home/mattias/.local/share/containers/storage/overlay/c7c91a5df1c35200c8104840043f83ce10f3cf3fbd0bf07141da55015dc22ac7/merged 
DEBU[0000] Workdir "/" resolved to host path "/home/mattias/.local/share/containers/storage/overlay/c7c91a5df1c35200c8104840043f83ce10f3cf3fbd0bf07141da55015dc22ac7/merged" 
DEBU[0000] skipping unrecognized mount in /etc/containers/mounts.conf: "# Configuration file for default mounts in containers (see man 5" 
DEBU[0000] skipping unrecognized mount in /etc/containers/mounts.conf: "# containers-mounts.conf for further information)" 
DEBU[0000] skipping unrecognized mount in /etc/containers/mounts.conf: "" 
DEBU[0000] /etc/system-fips does not exist on host, not mounting FIPS mode subscription 
DEBU[0000] Setting CGroups for container be92d127ecb98869863e376ce42c2f8d07fa80d281eb92d9ca8aa26443a9b38f to user.slice:libpod:be92d127ecb98869863e376ce42c2f8d07fa80d281eb92d9ca8aa26443a9b38f 
DEBU[0000] reading hooks from /usr/share/containers/oci/hooks.d 
DEBU[0000] Created OCI spec for container be92d127ecb98869863e376ce42c2f8d07fa80d281eb92d9ca8aa26443a9b38f at /home/mattias/.local/share/containers/storage/overlay-containers/be92d127ecb98869863e376ce42c2f8d07fa80d281eb92d9ca8aa26443a9b38f/userdata/config.json 
DEBU[0000] running conmon: /usr/bin/conmon               args="[--api-version 1 -c be92d127ecb98869863e376ce42c2f8d07fa80d281eb92d9ca8aa26443a9b38f -u be92d127ecb98869863e376ce42c2f8d07fa80d281eb92d9ca8aa26443a9b38f -r /usr/bin/crun -b /home/mattias/.local/share/containers/storage/overlay-containers/be92d127ecb98869863e376ce42c2f8d07fa80d281eb92d9ca8aa26443a9b38f/userdata -p /run/user/1000/overlay-containers/be92d127ecb98869863e376ce42c2f8d07fa80d281eb92d9ca8aa26443a9b38f/userdata/pidfile -n foo --exit-dir /run/user/1000/libpod/tmp/exits --full-attach -s -l k8s-file:/home/mattias/.local/share/containers/storage/overlay-containers/be92d127ecb98869863e376ce42c2f8d07fa80d281eb92d9ca8aa26443a9b38f/userdata/ctr.log --log-level trace --runtime-arg --log-format=json --runtime-arg --log --runtime-arg=/run/user/1000/overlay-containers/be92d127ecb98869863e376ce42c2f8d07fa80d281eb92d9ca8aa26443a9b38f/userdata/oci-log -t --conmon-pidfile /run/user/1000/overlay-containers/be92d127ecb98869863e376ce42c2f8d07fa80d281eb92d9ca8aa26443a9b38f/userdata/conmon.pid --exit-command /usr/bin/podman --exit-command-arg --root --exit-command-arg /home/mattias/.local/share/containers/storage --exit-command-arg --runroot --exit-command-arg /run/user/1000 --exit-command-arg --log-level --exit-command-arg trace --exit-command-arg --cgroup-manager --exit-command-arg systemd --exit-command-arg --tmpdir --exit-command-arg /run/user/1000/libpod/tmp --exit-command-arg --runtime --exit-command-arg crun --exit-command-arg --storage-driver --exit-command-arg overlay --exit-command-arg --storage-opt --exit-command-arg overlay.mount_program=/usr/bin/fuse-overlayfs --exit-command-arg --storage-opt --exit-command-arg overlay.mount_program=/usr/bin/fuse-overlayfs --exit-command-arg --events-backend --exit-command-arg journald --exit-command-arg --syslog --exit-command-arg container --exit-command-arg cleanup --exit-command-arg --rm --exit-command-arg be92d127ecb98869863e376ce42c2f8d07fa80d281eb92d9ca8aa26443a9b38f]"
INFO[0000] Running conmon under slice user.slice and unitName libpod-conmon-be92d127ecb98869863e376ce42c2f8d07fa80d281eb92d9ca8aa26443a9b38f.scope 
DEBU[0000] Received: -1                                 
DEBU[0000] Cleaning up container be92d127ecb98869863e376ce42c2f8d07fa80d281eb92d9ca8aa26443a9b38f 
DEBU[0000] Tearing down network namespace at /run/user/1000/netns/cni-1d2c402d-6f8d-586f-6993-e064da384428 for container be92d127ecb98869863e376ce42c2f8d07fa80d281eb92d9ca8aa26443a9b38f 
DEBU[0000] unmounted container "be92d127ecb98869863e376ce42c2f8d07fa80d281eb92d9ca8aa26443a9b38f" 
DEBU[0000] Removing container be92d127ecb98869863e376ce42c2f8d07fa80d281eb92d9ca8aa26443a9b38f 
DEBU[0000] Removing all exec sessions for container be92d127ecb98869863e376ce42c2f8d07fa80d281eb92d9ca8aa26443a9b38f 
DEBU[0000] Cleaning up container be92d127ecb98869863e376ce42c2f8d07fa80d281eb92d9ca8aa26443a9b38f 
DEBU[0000] Network is already cleaned up, skipping...   
DEBU[0000] Container be92d127ecb98869863e376ce42c2f8d07fa80d281eb92d9ca8aa26443a9b38f storage is already unmounted, skipping... 
DEBU[0000] Container be92d127ecb98869863e376ce42c2f8d07fa80d281eb92d9ca8aa26443a9b38f storage is already unmounted, skipping... 
DEBU[0000] ExitCode msg: "open /proc/sys/net/ipv4/ping_group_range : no such file or directory: oci runtime attempted to invoke a command that was not found" 
Error: OCI runtime attempted to invoke a command that was not found
open /proc/sys/net/ipv4/ping_group_range : No such file or directory
github.com/containers/podman/v3/libpod.getOCIRuntimeError
	libpod/oci_util.go:126
github.com/containers/podman/v3/libpod.readConmonPipeData
	libpod/oci_conmon_linux.go:1497
github.com/containers/podman/v3/libpod.(*ConmonOCIRuntime).createOCIContainer
	libpod/oci_conmon_linux.go:1166
github.com/containers/podman/v3/libpod.(*ConmonOCIRuntime).CreateContainer
	libpod/oci_conmon_linux.go:252
github.com/containers/podman/v3/libpod.(*Container).init
	libpod/container_internal.go:1071
github.com/containers/podman/v3/libpod.(*Container).prepareToStart
	libpod/container_internal.go:831
github.com/containers/podman/v3/libpod.(*Container).StartAndAttach
	libpod/container_api.go:114
github.com/containers/podman/v3/pkg/domain/infra/abi/terminal.StartAttachCtr
	pkg/domain/infra/abi/terminal/terminal_linux.go:91
github.com/containers/podman/v3/pkg/domain/infra/abi.(*ContainerEngine).ContainerRun
	pkg/domain/infra/abi/containers.go:898
github.com/containers/podman/v3/cmd/podman/containers.run
	cmd/podman/containers/run.go:188
github.com/spf13/cobra.(*Command).execute
	vendor/github.com/spf13/cobra/command.go:852
github.com/spf13/cobra.(*Command).ExecuteC
	vendor/github.com/spf13/cobra/command.go:960
github.com/spf13/cobra.(*Command).Execute
	vendor/github.com/spf13/cobra/command.go:897
github.com/spf13/cobra.(*Command).ExecuteContext
	vendor/github.com/spf13/cobra/command.go:890
main.Execute
	cmd/podman/root.go:90
main.main
	cmd/podman/main.go:38
runtime.main
	go/src/runtime/proc.go:225
runtime.goexit
	go/src/runtime/asm_amd64.s:1371
$ cat /proc/sys/net/ipv4/ping_group_range                      
0	2147483647

Describe the results you expected:

An interactive shell session inside the created container.

Additional information you deem important (e.g. issue happens only occasionally):

It worked fine before. Already tried to downgrade the podman package itself (first to 3.2.2, then 3.2.1 without success)

Output of podman version:

Version:      3.2.3
API Version:  3.2.3
Go Version:   go1.16.7
Git Commit:   1e6fd46e91b21342f9454cf8105a92b90e398c52
Built:        Fri Aug  6 23:35:59 2021
OS/Arch:      linux/amd64

Output of podman info --debug:

host:
  arch: amd64
  buildahVersion: 1.21.3
  cgroupControllers: []
  cgroupManager: systemd
  cgroupVersion: v2
  conmon:
    package: /usr/bin/conmon is owned by conmon 1:2.0.29-1
    path: /usr/bin/conmon
    version: 'conmon version 2.0.29, commit: 7e6de6678f6ed8a18661e1d5721b81ccee293b9b'
  cpus: 4
  distribution:
    distribution: arch
    version: unknown
  eventLogger: journald
  hostname: gintonic
  idMappings:
    gidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 65536
    uidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 65536
  kernel: 5.13.9-arch1-1
  linkmode: dynamic
  memFree: 11830337536
  memTotal: 16629522432
  ociRuntime:
    name: crun
    package: /usr/bin/crun is owned by crun 0.21-1
    path: /usr/bin/crun
    version: |-
      crun version 0.21
      commit: c4c3cdf2ce408ed44a9e027c618473e6485c635b
      spec: 1.0.0
      +SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +YAJL
  os: linux
  remoteSocket:
    path: /run/user/1000/podman/podman.sock
  security:
    apparmorEnabled: false
    capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
    rootless: true
    seccompEnabled: true
    seccompProfilePath: /etc/containers/seccomp.json
    selinuxEnabled: false
  serviceIsRemote: false
  slirp4netns:
    executable: /usr/bin/slirp4netns
    package: /usr/bin/slirp4netns is owned by slirp4netns 1.1.12-1
    version: |-
      slirp4netns version 1.1.12
      commit: 7a104a101aa3278a2152351a082a6df71f57c9a3
      libslirp: 4.6.1
      SLIRP_CONFIG_VERSION_MAX: 3
      libseccomp: 2.5.1
  swapFree: 0
  swapTotal: 0
  uptime: 29m 52.71s
registries:
  search:
  - docker.io
store:
  configFile: /home/mattias/.config/containers/storage.conf
  containerStore:
    number: 4
    paused: 0
    running: 0
    stopped: 4
  graphDriverName: overlay
  graphOptions:
    overlay.mount_program:
      Executable: /usr/bin/fuse-overlayfs
      Package: /usr/bin/fuse-overlayfs is owned by fuse-overlayfs 1.7.1-1
      Version: |-
        fusermount3 version: 3.10.4
        fuse-overlayfs: version 1.7.1
        FUSE library version 3.10.4
        using FUSE kernel interface version 7.31
  graphRoot: /home/mattias/.local/share/containers/storage
  graphStatus:
    Backing Filesystem: extfs
    Native Overlay Diff: "false"
    Supports d_type: "true"
    Using metacopy: "false"
  imageStore:
    number: 62
  runRoot: /run/user/1000
  volumePath: /home/mattias/.local/share/containers/storage/volumes
version:
  APIVersion: 3.2.3
  Built: 1628285759
  BuiltTime: Fri Aug  6 23:35:59 2021
  GitCommit: 1e6fd46e91b21342f9454cf8105a92b90e398c52
  GoVersion: go1.16.7
  OsArch: linux/amd64
  Version: 3.2.3

Package info (e.g. output of rpm -q podman or apt list podman):

$ pacman -Qi podman
Name            : podman
Version         : 3.2.3-1
Description     : Tool and library for running OCI-based containers in pods
Architecture    : x86_64
URL             : https://github.com/containers/libpod
Licenses        : Apache
Groups          : None
Provides        : None
Depends On      : cni-plugins  conmon  containers-common  device-mapper  iptables  libseccomp  crun  slirp4netns  libsystemd  fuse-overlayfs  libgpgme.so=11-64
Optional Deps   : podman-docker: for Docker-compatible CLI [installed]
                  btrfs-progs: support btrfs backend devices [installed]
                  catatonit: --init flag support
                  crun: support for unified cgroupsv2 [installed]
Required By     : ansible-bender  podman-compose-git  podman-docker  toolbox
Optional For    : None
Conflicts With  : None
Replaces        : None
Installed Size  : 72.39 MiB
Packager        : Morten Linderud <[email protected]>
Build Date      : Fri 06 Aug 2021 11:35:59 PM CEST
Install Date    : Thu 12 Aug 2021 11:34:41 AM CEST
Install Reason  : Explicitly installed
Install Script  : No
Validated By    : Signature

Have you tested with the latest version of Podman and have you checked the Podman Troubleshooting Guide? (https://github.com/containers/podman/blob/master/troubleshooting.md)

Yes

Additional environment details (AWS, VirtualBox, physical, etc.):

This is all happening on a physical box.
@openshift-ci openshift-ci bot added the kind/bug Categorizes issue or PR as related to a bug. label Aug 12, 2021
@Luap99 Luap99 mentioned this issue Aug 12, 2021
Merged
@Luap99
Copy link
Member

Luap99 commented Aug 12, 2021

Duplicate of containers/common#723, look there for a workaround.

@Luap99 Luap99 closed this as completed Aug 12, 2021
@github-actions github-actions bot added the locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments. label Sep 21, 2023
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Sep 21, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
kind/bug Categorizes issue or PR as related to a bug. locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mattiascockburn @Luap99