rootless config files are not created

[gatoniel]

Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)

/kind bug

Description

The config files ~/.config/containers/storage.conf and ~/.config/containers/libpod.conf do not exist. But podman info --debug refers to them. But the rootless tutorial indicates that they should exist. Is there some step, that I miss, to create these files? Or is the tutorial outdated? From this discussion I get, that podman info should create the config files?

My $XDG_CONFIG_HOME is not set by default on my server. So ${XDG_CONFIG_HOME}/containers becomes /containers, where normal users do not have any rights. But I tested with a new user, where I added export XDG_CONFIG_HOME=/home/netter2/.config to the .bashrc before the first login. podman info did not create anything. I also tried to create the folder .config/containers beforehand, which did not work either.

Is there maybe some global config, that forbids rootless to create their own config files?

Steps to reproduce the issue:

1. Create a new user and login with that user

2. run podman info

3. check whether .config/containers/storage.conf exists or does not exist

Describe the results you received:
~/.config/containers/storage.conf and ~/.config/containers/libpod.conf do not exist

Describe the results you expected:
~/.config/containers/storage.conf and ~/.config/containers/libpod.conf should exist and be populated with a standard configuration.

Additional information you deem important (e.g. issue happens only occasionally):

Output of podman version:

Version:      2.0.0
API Version:  1
Go Version:   go1.13.4
Built:        Thu Jan  1 01:00:00 1970
OS/Arch:      linux/amd64

Output of podman info --debug:

host:
  arch: amd64
  buildahVersion: 1.15.0
  cgroupVersion: v1
  conmon:
    package: conmon-2.0.18-1.el8.x86_64
    path: /usr/bin/conmon
    version: 'conmon version 2.0.18, commit: 3f215ac67ed650ab6a44f8c036bcbd692afdc21e'
  cpus: 32
  distribution:
    distribution: '"centos"'
    version: "8"
  eventLogger: file
  hostname: ****
  idMappings:
    gidmap:
    - container_id: 0
      host_id: 1039
      size: 1
    - container_id: 1
      host_id: 951968
      size: 65536
    uidmap:
    - container_id: 0
      host_id: 1037
      size: 1
    - container_id: 1
      host_id: 951968
      size: 65536
  kernel: 4.18.0-147.8.1.el8_1.x86_64
  linkmode: dynamic
  memFree: 20184137728
  memTotal: 270112145408
  ociRuntime:
    name: runc
    package: runc-1.0.0-15.5.el8.x86_64
    path: /usr/bin/runc
    version: |-
      runc version 1.0.0-rc10
      commit: ffb456f24bd637cec53c611f309d89abb027b1d3
      spec: 1.0.1-dev
  os: linux
  remoteSocket:
    path: /run/user/1037/podman/podman.sock
  rootless: true
  slirp4netns:
    executable: /usr/bin/slirp4netns
    package: slirp4netns-1.1.1-1.el8.x86_64
    version: |-
      slirp4netns version 1.1.1
      commit: bbf27c5acd4356edb97fa639b4e15e0cd56a39d5
      libslirp: 4.2.0
      SLIRP_CONFIG_VERSION_MAX: 2
  swapFree: 3010519040
  swapTotal: 4294963200
  uptime: 410h 28m 20.54s (Approximately 17.08 days)
registries: {}
store:
  configFile: /home/myuser/.config/containers/storage.conf
  containerStore:
    number: 2
    paused: 0
    running: 0
    stopped: 2
  graphDriverName: overlay
  graphOptions:
    overlay.mount_program:
      Executable: /usr/bin/fuse-overlayfs
      Package: fuse-overlayfs-1.1.1-1.el8.x86_64
      Version: |-
        fusermount3 version: 3.2.1
        fuse-overlayfs: version 1.1.0
        FUSE library version 3.2.1
        using FUSE kernel interface version 7.26
  graphRoot: /home/myuser/.local/share/containers/storage
  graphStatus:
    Backing Filesystem: xfs
    Native Overlay Diff: "false"
    Supports d_type: "true"
    Using metacopy: "false"
  imageStore:
    number: 1
  runRoot: /run/user/1037/containers
  volumePath: /home/myuser/.local/share/containers/storage/volumes
version:
  APIVersion: 1
  Built: 0
  BuiltTime: Thu Jan  1 01:00:00 1970
  GitCommit: ""
  GoVersion: go1.13.4
  OsArch: linux/amd64
  Version: 2.0.0

Package info (e.g. output of rpm -q podman or apt list podman):

Installierte Pakete
podman.x86_64        2.0.0-2.el8                                                                  @devel_kubic_libcontainers_stable
Verfügbare Pakete
podman.aarch64        2.0.0-2.el8                                                                  devel_kubic_libcontainers_stable
podman.src        2.0.0-2.el8                                                                  devel_kubic_libcontainers_stable

Additional environment details (AWS, VirtualBox, physical, etc.):
CentOS 8 on a physical workstation.

[mheon]

storage.conf should still exist (@rhatdan or @giuseppe would know for sure), but we've changed to no longer creating a libpod.conf or containers.conf by default for rootless users. We need to update the tutorial to reflect this.

[giuseppe]

We have fixed storage.conf as well and it is not created automatically anymore.

There are a few different conf files we read in order to get to the rootless configuration, but I think it still makes sense to show the rootless override file in podman info.

We need to update the tutorial. @gatoniel since you recently went through it, would you like to open a PR changing the parts that you think are not valid anymore?

[gatoniel]

We need to update the tutorial. @gatoniel since you recently went through it, would you like to open a PR changing the parts that you think are not valid anymore?

Yes, I am happy to do that. But there are some infos I would like to put in there, that I do not know yet:

1. Which config files are read in and in which order? Is this behavior documented anywhere?
2. How can an admin create default configs for all users? I think there are a lot of different ways. But maybe there should be one way, that is encuoraged by podman.
3. Is there a command to manually create a default config file?

Especially the last point is important: In my case, I just want to add a additionalimagestore. But when I create a storage.conf in .config/containers with the following content

additionalimagestores = [
"/mnt/datahdd/readonly/container_store",
]

and then run podman info --debug I get the following error message:

ERRO[0000] 'overlay' is not supported over xfs at "/home/myuser/.local/share/containers/storage/overlay"
Error: kernel does not support overlay fs: 'overlay' is not supported over xfs at "/home/myuser/.local/share/containers/storage/overlay": backing file system is unsupported for this graph driver

So I think the default config values for the graph driver (maybe other configs, too) differ, when there exists a .config/containers/storage.conf with singular config commands and when having no storage.conf at all. This seems wrong, unless it is easy to create the default config files.

[rhatdan]

What did you storage.conf file look like. I think this is a bug, I was doing a demo yesterday, and had similar issues.
I had to add the driver and the mount_program in to get rootless podman to work

I wanted to just add just ignore_chown_errors for a demo I was doing with some HPC People

[storage]
[storage.options.overlay]
ignore_chown_errors = "false"

But this blew up and I ended up having to make my config look like

[storage]
driver="overlay"
[storage.options.overlay]
ignore_chown_errors = "false"
mount_program = "/usr/bin/fuse-overlayfs"

[gatoniel]

What did you storage.conf file look like. I think this is a bug, I was doing a demo yesterday, and had similar issues.

Thanks for the pointer! It had just the above mentioned three lines. I forgot to add [storage] and [Storage.options]. My storage.conf is now:

[storage]
driver="overlay"

[storage.options]
additionalimagestores = [
"/mnt/datahdd/readonly/container_store",
 ]

[storage.options.overlay]
mount_program = "/usr/bin/fuse-overlayfs"

This gives the following output of podman info --debug:

host:
  arch: amd64
  buildahVersion: 1.15.0
  cgroupVersion: v1
  conmon:
    package: conmon-2.0.18-1.el8.x86_64
    path: /usr/bin/conmon
    version: 'conmon version 2.0.18, commit: 3f215ac67ed650ab6a44f8c036bcbd692afdc21e'
  cpus: 32
  distribution:
    distribution: '"centos"'
    version: "8"
  eventLogger: file
  hostname: picard.Physik.Uni-Marburg.DE
  idMappings:
    gidmap:
    - container_id: 0
      host_id: 1039
      size: 1
    - container_id: 1
      host_id: 951968
      size: 65536
    uidmap:
    - container_id: 0
      host_id: 1037
      size: 1
    - container_id: 1
      host_id: 951968
      size: 65536
  kernel: 4.18.0-147.8.1.el8_1.x86_64
  linkmode: dynamic
  memFree: 3135856640
  memTotal: 270112145408
  ociRuntime:
    name: runc
    package: runc-1.0.0-15.5.el8.x86_64
    path: /usr/bin/runc
    version: |-
      runc version 1.0.0-rc10
      commit: ffb456f24bd637cec53c611f309d89abb027b1d3
      spec: 1.0.1-dev
  os: linux
  remoteSocket:
    path: /run/user/1037/podman/podman.sock
  rootless: true
  slirp4netns:
    executable: /usr/bin/slirp4netns
    package: slirp4netns-1.1.1-1.el8.x86_64
    version: |-
      slirp4netns version 1.1.1
      commit: bbf27c5acd4356edb97fa639b4e15e0cd56a39d5
      libslirp: 4.2.0
      SLIRP_CONFIG_VERSION_MAX: 2
  swapFree: 2997936128
  swapTotal: 4294963200
  uptime: 429h 5m 13.99s (Approximately 17.88 days)
registries: {}
store:
  configFile: /home/myuser/.config/containers/storage.conf
  containerStore:
    number: 2
    paused: 0
    running: 0
    stopped: 2
  graphDriverName: overlay
  graphOptions:
    overlay.imagestore: /mnt/datahdd/readonly/container_store
    overlay.mount_program:
      Executable: /usr/bin/fuse-overlayfs
      Package: fuse-overlayfs-1.1.1-1.el8.x86_64
      Version: |-
        fusermount3 version: 3.2.1
        fuse-overlayfs: version 1.1.0
        FUSE library version 3.2.1
        using FUSE kernel interface version 7.26
  graphRoot: /home/myuser/.local/share/containers/storage
  graphStatus:
    Backing Filesystem: xfs
    Native Overlay Diff: "false"
    Supports d_type: "true"
    Using metacopy: "false"
  imageStore:
    number: 24
  runRoot: /run/user/1037/containers
  volumePath: /home/myuser/.local/share/containers/storage/volumes
version:
  APIVersion: 1
  Built: 0
  BuiltTime: Thu Jan  1 01:00:00 1970
  GitCommit: ""
  GoVersion: go1.13.4
  OsArch: linux/amd64
  Version: 2.0.0

So it seems to work.

[gatoniel]

Yes, I am happy to do that. But there are some infos I would like to put in there, that I do not know yet:

1. Which config files are read in and in which order? Is this behavior documented anywhere?
2. How can an admin create default configs for all users? I think there are a lot of different ways. But maybe there should be one way, that is encuoraged by podman.
3. Is there a command to manually create a default config file?

Could you point me to some ressource that clarifies on these questions. Otherwise I cant really change the tutorial.

[rhatdan]

I am about to write a blog on containers.conf.
Podman reads
/usr/share/containers/containers.conf, /etc/containers/containers.conf, $HOME/.config/containers/containers.conf
If they exists in that order, Each one can override the previous for particular fields.

Storage.conf
/etc/containers/storage.conf (Podman does some fancy footwork internally and ignores certain fields when rootless)
$HOME/.config/containers/storage.conf

Registries.conf
/etc/containers/registries.conf, /etc/containers/registries.d/*
$HOME/.config/containers/registries.conf

There are a few others, but these are the important ones and the ones most likely for users to edit.

[aboudzz]

so de we conclude from this conversation that rootless podman is setup by default without the need of any additional configurations?

[rhatdan]

Correct rootless Podman theoretically should work with no config files at all.
Short names would not work, though.

[joes]

The tutorial How to run Podman on Windows with WSL2 relies on podman info creating $HOME/.config/containers/libpod.conf. Is there a workaround or is the step "Rootless configuration file changes" in the tutorial simply not necessary anymore?

[rhatdan]

It should not be necessary if you use podman machine.

[theonewolf]

@rhatdan are you suggesting the use of a VM inside Microsoft's WSL2 VM (nested virtualization)?

[joes]

@rhatdan are you suggesting the use of a VM inside Microsoft's WSL2 VM (nested virtualization)?

Hoping for better news personally…

[rhatdan]

podman machine configures WSL on Windows. It does not do nested Virtualization.
@n1hility Has done some awesome work on this.

[theonewolf]

Oh wow, @rhatdan that is way better than I ever expected. I didn't realize you could natively run podman on Windows and do that! Going to try it out now.

This is really great functionality.