Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Error when importing a checkpoint of a container with --ipc host #12042

Closed
carlhoerberg opened this issue Oct 19, 2021 · 2 comments · Fixed by #12088
Closed

Error when importing a checkpoint of a container with --ipc host #12042

carlhoerberg opened this issue Oct 19, 2021 · 2 comments · Fixed by #12088
Labels
kind/bug Categorizes issue or PR as related to a bug. locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments.

Comments

@carlhoerberg
Copy link

/kind bug

Description

Importing a checkpoint of a container with --ipc host causes an error. Somehow related to #10635?

Steps to reproduce the issue:

podman run -d --ipc host docker.io/alpine sleep 3600
podman container checkpoint --latest --export dump.tarz
podman rm --latest
podman container restore --import dump.tarz

Describe the results you received:

Error: error creating container storage: ProcessLabel and Mountlabel must either not be specified or both specified

Additional information you deem important (e.g. issue happens only occasionally):

Only problem when exported and then imported, if restored in place it works.

Have you tested with the latest version of Podman and have you checked the Podman Troubleshooting Guide? (https://github.com/containers/podman/blob/master/troubleshooting.md)

Yes

Additional environment details (AWS, VirtualBox, physical, etc.):

Fedora 34
@openshift-ci openshift-ci bot added the kind/bug Categorizes issue or PR as related to a bug. label Oct 19, 2021
@mheon
Copy link
Member

mheon commented Oct 20, 2021

@adrianreber @rhatdan PTAL, this definitely does look similar to #10635

@adrianreber
Copy link
Collaborator

adrianreber commented Oct 20, 2021
edited
Loading

Yes, #10635 was the same error message. Looking at podman inspect I see:

        "Driver": "overlay",
        "MountLabel": "system_u:object_r:container_file_t:s0:c1022,c1023",
        "ProcessLabel": "",
        "AppArmorProfile": "",

which is the same as running with --privileged. Which means the fix in #10635 is not totally correct. I will provide a fix.

Checking if a container is --privileged during restore is not enough. I need to do it differently.

@adrianreber adrianreber mentioned this issue Oct 25, 2021
Merged
@github-actions github-actions bot added the locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments. label Sep 21, 2023
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Sep 21, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
kind/bug Categorizes issue or PR as related to a bug. locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Allow 'container restore' with '--ipc host' adrianreber/libpod
3 participants
@carlhoerberg @mheon @adrianreber