Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

podman 1.9: regression for rootless containers started via systemd #479

Closed
dustymabe opened this issue May 13, 2020 · 5 comments · Fixed by coreos/fedora-coreos-config#396
Closed

podman 1.9: regression for rootless containers started via systemd #479

dustymabe opened this issue May 13, 2020 · 5 comments · Fixed by coreos/fedora-coreos-config#396

Comments

@dustymabe
Copy link
Member

There was a regression introduced in podman 1.9 that causes an issue for a subset of use cases where podman is called in a rootless context before some user specific directories exist. This includes starting podman as a non-root user during systemd units like I do for my IRC client that runs on an FCOS node. A very simple reproducer for this problem is:

variant: fcos
version: 1.0.0
systemd:
  units:
    - name: serial-getty@ttyS0.service
      dropins:
      - name: autologin-core.conf
        contents: |
          [Service]
          # Override Execstart in main unit
          ExecStart=
          # Add new Execstart with `-` prefix to ignore failure
          ExecStart=-/usr/sbin/agetty --autologin core --noclear %I $TERM
          TTYVTDisallocate=no
    - name: bug.service
      enabled: true
      contents: |
        [Unit]
        Description=Test Volumes
        After=network-online.target
        Wants=network-online.target
        [Service]
        User=core
        ExecStart=podman info
        RemainAfterExit=true
        [Install]
        WantedBy=multi-user.target

After logging in the user will then see errors for any podman operation:

[core@localhost ~]$ podman ps -a
Error: could not get runtime: database libpod temporary files directory (tmpdir) "/tmp/run-1000/libpod/tmp" does not match our libpod temporary files directory (tmpdir) "/run/user/1000/libpod/tmp": database configuration mismatch

The problem is documented upstream in containers/podman#5950 and fixed in containers/podman#6125. The fix will be in the podman 1.9.2 release that is coming out today.

The problem exists in all of our current streams of FCOS. As of this writing that is:

  • 32.20200505.1.0 (next)
  • 31.20200505.2.0 (testing)
  • 31.20200420.3.0 (stable)
@dustymabe
Copy link
Member Author

To be clear, the problem is a race condition and running rootless containers via systemd is one way to trigger it. systemd is not part of the bug.

@dustymabe
Copy link
Member Author

In the FCOS meeting today we decided that we'd like to do a new spin of testing to get some soak time on the fix and have it ship to our users in the next stable release (scheduled for next week).

13:29:44        dustymabe | #action dustymabe to get new podman release into testing release so we can fix stable in next weeks releases

This was referenced May 13, 2020
Closed
Merged
dustymabe added a commit to dustymabe/fedora-coreos-config that referenced this issue May 13, 2020
@dustymabe
overrides: bump podman and friends to fix podman 1.9 regression
7235ca0 
This bumps podman, conmon, and containernetworking-plugins. podman 1.9.2
is a bugfix release and fixes coreos/fedora-coreos-tracker#479
among other things.
@dustymabe dustymabe mentioned this issue May 13, 2020
Merged
dustymabe added a commit to dustymabe/fedora-coreos-config that referenced this issue May 13, 2020
@dustymabe
overrides: bump podman and friends to fix podman 1.9 regression
f974a1f 
This bumps podman, conmon, and containernetworking-plugins. podman 1.9.2
is a bugfix release and fixes coreos/fedora-coreos-tracker#479
among other things.
dustymabe added a commit to dustymabe/fedora-coreos-config that referenced this issue May 13, 2020
@dustymabe
overrides: bump podman and friends to fix podman 1.9 regression
2263f78 
This bumps podman, conmon, and containernetworking-plugins. podman 1.9.2
is a bugfix release and fixes coreos/fedora-coreos-tracker#479
among other things.

(cherry picked from commit f974a1f)
dustymabe added a commit to coreos/fedora-coreos-config that referenced this issue May 13, 2020
@dustymabe
overrides: bump podman and friends to fix podman 1.9 regression
3751c4d 
This bumps podman, conmon, and containernetworking-plugins. podman 1.9.2
is a bugfix release and fixes coreos/fedora-coreos-tracker#479
among other things.
dustymabe added a commit to dustymabe/fedora-coreos-config that referenced this issue May 13, 2020
@dustymabe
overrides: bump podman and friends to fix podman 1.9 regression
db1b624 
This bumps podman, conmon, and containernetworking-plugins. podman 1.9.2
is a bugfix release and fixes coreos/fedora-coreos-tracker#479
among other things.

(cherry picked from commit 3751c4d)
@dustymabe dustymabe mentioned this issue May 13, 2020
Closed
33 tasks
dustymabe added a commit to coreos/fedora-coreos-config that referenced this issue May 13, 2020
@dustymabe
overrides: bump podman and friends to fix podman 1.9 regression
277dc28 
This bumps podman, conmon, and containernetworking-plugins. podman 1.9.2
is a bugfix release and fixes coreos/fedora-coreos-tracker#479
among other things.

(cherry picked from commit 3751c4d)
@dustymabe
Copy link
Member Author

PR for testing release at coreos/fedora-coreos-config#397

@dustymabe
Copy link
Member Author

The fix for this went into testing stream release 31.20200505.2.1. Please try out the new release and report issues.

@dustymabe dustymabe added the status/pending-stable-release Fixed upstream and in testing. Waiting on stable release. label May 14, 2020
dustymabe added a commit to dustymabe/fedora-coreos-config that referenced this issue May 15, 2020
@dustymabe
overrides: bump podman and friends to fix podman 1.9 regression
a0b4a79 
This bumps podman, conmon, and containernetworking-plugins. podman 1.9.2
is a bugfix release and fixes coreos/fedora-coreos-tracker#479
among other things.

(cherry picked from commit 3751c4d)
@dustymabe dustymabe mentioned this issue May 15, 2020
Merged
jlebon pushed a commit to coreos/fedora-coreos-config that referenced this issue May 15, 2020
@dustymabe @jlebon
overrides: bump podman and friends to fix podman 1.9 regression
e511adc 
This bumps podman, conmon, and containernetworking-plugins. podman 1.9.2
is a bugfix release and fixes coreos/fedora-coreos-tracker#479
among other things.

(cherry picked from commit 3751c4d)
@dustymabe
Copy link
Member Author

The fix for this went into stable stream release 31.20200505.3.0.

@dustymabe dustymabe removed the status/pending-stable-release Fixed upstream and in testing. Waiting on stable release. label May 20, 2020
@dustymabe dustymabe mentioned this issue May 29, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

overrides: bump podman and friends to fix podman 1.9 regression dustymabe/fedora-coreos-config
1 participant
@dustymabe