Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

podman list fails in rawhide #2935

Closed
matthiasclasen opened this issue Apr 15, 2019 · 11 comments · Fixed by #2950
Closed

podman list fails in rawhide #2935

matthiasclasen opened this issue Apr 15, 2019 · 11 comments · Fixed by #2950
Labels
locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments. rootless

Comments

@matthiasclasen
Copy link

$ rpm -q podman
podman-1.3.0-11.dev.git387d601.fc31.x86_64
$ podman list
ERRO[0000] open /run/user/1000/overlay-containers/0781aa62f52996e65e0eeea8dd18934c16dc53b448db2c03e253faf4e1ecb200/userdata/conmon.pid: permission denied 
@mheon
Copy link
Member

mheon commented Apr 15, 2019

@giuseppe PTAL

@giuseppe
Copy link
Member

this is probably caused by the recent change of using only one namespace.

@matthiasclasen how many containers for the user are running? I think it is required to stop them first, and then restarting them will ensure they are in the same user namespace

@matthiasclasen
Copy link
Author

none are running. this is after rebooting into a new silverblue image

@giuseppe
Copy link
Member

giuseppe commented Apr 15, 2019

/run/user/1000/overlay-containers should be empty after a reboot. How was the container 0781aa62f52996e65e0eeea8dd18934c16dc53b448db2c03e253faf4e1ecb200 created?

Can you please show the output for: sudo ls -l /run/user/1000/overlay-containers/0781aa62f52996e65e0eeea8dd18934c16dc53b448db2c03e253faf4e1ecb200 /run/user/1000/overlay-containers/0781aa62f52996e65e0eeea8dd18934c16dc53b448db2c03e253faf4e1ecb200/userdata?

@matthiasclasen
Copy link
Author

$ sudo ls -l /run/user/1000/overlay-containers/0781aa62f52996e65e0eeea8dd18934c16dc53b448db2c03e253faf4e1ecb200 /run/user/1000/overlay-containers/0781aa62f52996e65e0eeea8dd18934c16dc53b448db2c03e253faf4e1ecb200/userdata
/run/user/1000/overlay-containers/0781aa62f52996e65e0eeea8dd18934c16dc53b448db2c03e253faf4e1ecb200:
total 0
drwx------. 2 100000 100000 160 Apr 14 22:21 userdata

/run/user/1000/overlay-containers/0781aa62f52996e65e0eeea8dd18934c16dc53b448db2c03e253faf4e1ecb200/userdata:
total 20
-rw-r--r--. 1 mclasen mclasen   4 Apr 14 22:21 conmon.pid
-rw-r--r--. 1  100000  100000   7 Apr 14 22:21 hostname
-rw-r--r--. 1  100000  100000 158 Apr 14 22:21 hosts
-rw-r--r--. 1 mclasen mclasen   4 Apr 14 22:21 pidfile
-rw-r--r--. 1 mclasen mclasen  35 Apr 14 22:21 resolv.conf

@giuseppe
Copy link
Member

so the issue we are hitting here was fixed by 6c6a865, unfortunately the fix doesn't work for containers that were created without the fix.

I wonder if we can add a command like "system rootless-restore" that stops all the containers, changes the configuration for the conmon pid file to be in the static directory and then restart the containers.

Matt, would it be ok? What about changing the configuration?

@matthiasclasen
Copy link
Author

I don't know anything about podman configuration. You will have to tell me what I need to change.

@giuseppe
Copy link
Member

sorry, the "Matt" was for @mheon :-)

@mheon
Copy link
Member

mheon commented Apr 15, 2019

Hm. We have the core mechanism to do that from system renumber...

@giuseppe I'd call the command podman system migrate or something similar. There are a few other things that will require that.

@mheon
Copy link
Member

mheon commented Apr 15, 2019

But no fundamental objection to adding a command that will migrate container configurations to change things like this, as long as we guarantee the containers are down when we make the changes.

@giuseppe
Copy link
Member

opened a PR here: #2950

I've currently marked it as WIP as I'll continue working on it

giuseppe added a commit to giuseppe/libpod that referenced this issue Apr 26, 2019
it is useful to migrate existing containers to a new version of
podman.  Currently, it is needed to migrate rootless containers that
were created with podman <= 1.2 to a newer version which requires all
containers to be running in the same user namespace.

Closes: containers#2935

Signed-off-by: Giuseppe Scrivano <[email protected]>
debarshiray added a commit to containers/toolbox that referenced this issue May 20, 2019
This was triggered by changes to rootless Podman containers in
podman-1.3.0 [1]. Containers created with version 1.2.0 or older need
to be migrated.

[1] containers/podman#2935
debarshiray added a commit to containers/toolbox that referenced this issue May 20, 2019
This was triggered by changes to rootless Podman containers in
podman-1.3.0 [1]. Containers created with version 1.2.0 or older need
to be migrated.

[1] containers/podman#2935

https://github.com/debarshiray/toolbox/pull/166
@github-actions github-actions bot added the locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments. label Sep 24, 2023
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Sep 24, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments. rootless
Projects
None yet
Development

Successfully merging a pull request may close this issue.

3 participants