Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[fc31,rootless] podman pod create: permission denied #4164

Closed
edsantiago opened this issue Oct 1, 2019 · 2 comments · Fixed by #4166
Closed

[fc31,rootless] podman pod create: permission denied #4164

edsantiago opened this issue Oct 1, 2019 · 2 comments · Fixed by #4166
Labels
locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments.

Comments

@edsantiago
Copy link
Member 

$ podman pod create
Error: unable to create pod: unable to create pod cgroup for pod aa6e1f01ed9e08277d1e534eaac8f57cb4aeb05662b8b4cd2ed829da18b9ddf0: error creating cgroup user.slice/user-libpod_pod_aa6e1f01ed9e08277d1e534eaac8f57cb4aeb05662b8b4cd2ed829da18b9ddf0.slice: dial unix /run/user/0/bus: connect: permission denied

Versions:

$ rpm -qa|egrep 'podman|runc|crun|slirp|iptables|conmon|systemd'|sort
conmon-2.0.1-1.fc31.x86_64
crun-0.10-1.fc31.x86_64
iptables-1.8.3-5.fc31.x86_64
iptables-libs-1.8.3-5.fc31.x86_64
podman-1.6.1-0.4.dev.git7a56963.fc32.x86_64
podman-manpages-1.5.1-3.git0005792.fc31.noarch
podman-tests-1.6.1-0.4.dev.git7a56963.fc32.x86_64
python3-systemd-234-9.fc31.x86_64
python-systemd-doc-234-9.fc31.x86_64
rpm-plugin-systemd-inhibit-4.15.0-0.beta.2.fc31.2.x86_64
slirp4netns-0.4.0-20.1.dev.gitbbd6f25.fc31.x86_64
systemd-243~rc2-1.fc31.x86_64
systemd-bootchart-233-5.fc31.x86_64
systemd-libs-243~rc2-1.fc31.x86_64
systemd-pam-243~rc2-1.fc31.x86_64
systemd-rpm-macros-243~rc2-1.fc31.noarch
systemd-udev-243~rc2-1.fc31.x86_64

$ uname -r
5.3.0-0.rc5.git0.1.fc31.x86_64
@edsantiago edsantiago mentioned this issue Oct 1, 2019
Closed
@mheon
Copy link
Member

mheon commented Oct 1, 2019

From 4162 -

"""
My bet is that it's using EUID to decide what bus to connect to, which will be 0 (we've already join a user namespace, but not the mount/other namespaces, by the time we try to talk to the bus).
"""

@giuseppe giuseppe mentioned this issue Oct 1, 2019
Merged
giuseppe added a commit to giuseppe/libpod that referenced this issue Oct 2, 2019
@giuseppe
rootless: set DBUS_SESSION_BUS_ADDRESS if it is not set
57f4149 
if the variable is not set, make sure it has a sane value so that
go-dbus won't try to connect to the wrong user session.

Closes: containers#4162
Closes: containers#4164

Signed-off-by: Giuseppe Scrivano <[email protected]>
@edsantiago
Copy link
Member Author

For benefit of anyone encountering this bug, the workaround is:

$ export DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/$(id -u)/bus

@github-actions github-actions bot added the locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments. label Sep 23, 2023
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Sep 23, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

rootless: set DBUS_SESSION_BUS_ADDRESS if it is not set giuseppe/libpod
2 participants
@edsantiago @mheon