July 2021 - Podman - Podman List Archives

by Michael Ivanov

Hallo! I'm trying to run my application in podman rootless container and I stumble on following problem: my program needs /proc/sys/fs/mqueue/msg_max to be at least 256, but in running container this value is just 10. When I try to specify this parameter while running the image (--sysctl 'fs.mqueue.msg_max=256') I get the following error: Error: open /proc/sys/fs/mqueue/msg_max: Permission denied: OCI permission denied and container is not created. My host where container is being run has this parameter set to 256. How can I expose current host setting for msg_max to my container? Best regards, -- \ / | | (OvO) | Михаил Иванов | (^^^) | | \^/ | E-mail: ivans(a)isle.spb.ru | ^ ^ | |

12 months

4
10
0 / 0

Python process unable to write files

by Josh Berkus

All, I'm porting a legacy app to containers, and having an issue where apparently it can't write files while running in podman. Is there any reason why a python process, or child process, running as container-root would be unable to write to either the ephemeral filesystem of the container, or to mounted volumes? Basically, here's the situation: - pyhton app with many child processes - all of them run as container-root - app is supposed to write logs to files (yes, I know) - app does not write any logs to any files; in fact, the log-dir initialization appears to fail (no error messages, though, because it's not logging) - one other process which is supposed to write cache to a dir does not do so - all of these directories are under /app/ a directory COPYd into the image definition, not /var/ or home - have tried both with these dirs as local to the container, and as mounted volumes on the host system - if I exec in to the container as container-root, I can write files to those dirs - SELinux denial log on the host does not show any denials It is entirely possible that this is a problem with the legacy app and is not a podman thing at all. I'm asking here because I want to eliminate podman as a potential cause of the problem. -- -- Josh Berkus Kubernetes Community Architect OSPO, OCTO

3 years, 3 months

3
3
0 / 0

Why 'podman-docker' package conflicts with 'docker'

by Nishant Nayan

Hi, I have a question, why does 'podman-docker' package conflicts with docker ? I tried installing both at the same time but faced conflict. Is the conflict is by design? I have seen specification of podman-docker in the following link https://archlinux.org/packages/community/x86_64/podman-docker/ It says it conflicts with docker, but I want to know the reason for such spec. I would like to know why 'podman-docker' and 'docker' can't coexist? It would be really helpful. Regards Nishant Nayan

3 years, 3 months

2
1
0 / 0

podman slirp4netns IPv6

by Hendrik Haddorp

Hi, I'm using podman 2.2.1 rootless with slirp4netns and IPv6 enabled (--network slirp4netns:enable_ipv6=true). Straight after starting my container the code inside tries to connect to a server using IPv6 but fails due to the network being unreachable. However if I add a small delay before trying to connect it works. If I use IPv4 this seems to work right after the container is started, which of course still takes a few ms until the code is started. I can actually easily recreate the using podman 3.1.2 as well. this works: podman run -it --network slirp4netns:enable_ipv6=true --entrypoint bash fedora:34 -c "curl -v -4 https://www.google.com" this fails: podman run -it --network slirp4netns:enable_ipv6=true --entrypoint bash fedora:34 -c "curl -v -6 https://www.google.com" but works with a delay: podman run -it --network slirp4netns:enable_ipv6=true --entrypoint bash fedora:34 -c "sleep 2; curl -v -6 https://www.google.com" Is the network setup done after the container is already started and thus this needs to be expected? thanks, Hendrik

3 years, 3 months

3
3
0 / 0

podman images | head crashes

by Manvendra Bhangui

Not a big deal. podman crashes when output is fed to any program that closes input before reading the full output from podman Maybe SIGPIPE needs to be handled $ podman images|head REPOSITORY TAG IMAGE ID CREATED SIZE localhost/tinydnssec alpine d28977cc2347 40 minutes ago 98.5 MB localhost/indimail alpine 9c520b04ccda 2 days ago 547 MB localhost/indimail-mta alpine 3ced90144c5b 3 days ago 252 MB localhost/indimail-mta tumbleweed 999a86c2bc61 12 days ago 413 MB localhost/indimail-mta leap15.3 899596f466a1 12 days ago 500 MB localhost/indimail-mta debian10 f3a8194282d7 3 weeks ago 306 MB registry.opensuse.org/opensuse/leap 15.3 accc3d285fe7 3 weeks ago 108 MB registry.opensuse.org/opensuse/leap latest accc3d285fe7 3 weeks ago 108 MB docker.io/library/almalinux 8 7a497d63e726 3 weeks ago 216 MB signal 13 received but handler not on signal stack fatal error: non-Go code set up signal handler without SA_ONSTACK flag runtime stack: runtime.throw(0x558c5d761f18, 0x39) /usr/lib/golang/src/runtime/panic.go:1117 +0x74 fp=0xc000658cb8 sp=0xc000658c88 pc=0x558c5c3a9d34 runtime.sigNotOnStack(0xd) /usr/lib/golang/src/runtime/signal_unix.go:918 +0x85 fp=0xc000658cd8 sp=0xc000658cb8 pc=0x558c5c3c1e65 runtime.adjustSignalStack(0xc00000000d, 0xc000184400, 0xc000658d58, 0x558c5dc4bf00) /usr/lib/golang/src/runtime/signal_unix.go:509 +0x285 fp=0xc000658d30 sp=0xc000658cd8 pc=0x558c5c3c0d05 runtime.sigtrampgo(0xd, 0xc000658f30, 0xc000658e00) /usr/lib/golang/src/runtime/signal_unix.go:449 +0x13f fp=0xc000658da8 sp=0xc000658d30 pc=0x558c5c3c097f runtime: unexpected return pc for runtime.sigtramp called from 0x7f08d4cf1320 stack: frame={sp:0xc000658da8, fp:0xc000658e00} stack=[0xc000650cd8,0xc0006590d8) 000000c000658ca8: 000000c000658cc8 0000558c5c3c1e65 <runtime.sigNotOnStack+133> 000000c000658cb8: 0000558c5d761f18 0000000000000039 Full output here https://termbin.com/x7gr -- Regards Manvendra - http://www.indimail.org GPG Pub Key http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC7CBC760014D250C

3 years, 4 months

5
6
0 / 0

What is podman-plugins?

by fugkco

Hi, I'm just looking through my system and I'm curious what the packages podman-plugin and podman-machine-cni are. I have them both installed but the only thing they contain is some docs. $ dpkg -S podman-machine-cni podman-plugins podman-machine-cni: /usr/share/doc/podman-machine-cni/changelog.Debian.gz podman-machine-cni: /usr/share/doc/podman-machine-cni podman-machine-cni: /usr/share/doc/podman-machine-cni/copyright podman-plugins: /usr/share/doc/podman-plugins/changelog.Debian.gz podman-plugins: /usr/share/doc/podman-plugins podman-plugins: /usr/share/doc/podman-plugins/copyright More importantly, I'm currently scripting some script that auto compiles podman et al (reason being the Kubic repos tend to be a little bit behind), and trying to figure out what it is that I would need to install for those two packages (if at all). Thanks

3 years, 4 months

2
2
0 / 0

named pipes doing a disappearing act

by Manvendra Bhangui

I have created images for my software using the podman build command. My application uses named pipes to communicate. So during installation I create the fifo using the mkfifo command. But when I start the container I find all named pipes missing. Every time I start the container, I have to re-create the pipes using mkfifo. I have tried images from fedora, debian, ubuntu, opensuse and the problem is being faced on all. Apart from named pipes, other types of files are getting saved. As a workaround, I run a script using docker-entrypoint to recreate the named pipes. This is not happening if I use docker command to run the image. Even images built by the docker build command, when I use podman to run the image, the named pipes go missing. This is all I did to simulate the issue 1 podman pull someimage 2 podman run --name test -ti imageid bash cd /root mkfifo test 3 podman save test test 4 podman stop test 5 podman run --name test -ti newimageid bash cd /root ls -l # this shows that the file is missing and didn't get saved I have pasted the result of the test using podman and docker here https://termbin.com/7s5u Is there anything special I need to do to have these files seen and accessible? -- Regards Manvendra - http://www.indimail.org GPG Pub Key http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC7CBC760014D250C

3 years, 4 months

3
3
1 / 0

Looking for Topics - Podman Community Meeting August 5, 2021 11:00 a.m. EDT (UTC-4)

by Tom Sweeney

Hi All, The next Podman Community Meeting is just under two weeks away and at the moment I do not have a single topic. If there's something that you'd like to present, or a topic that you'd like one of the maintainers talk more about, please reply to this email. Remember, topics don't have to be just about Podman. We're happy to consider topics from anything related to containers, including your own project, especially if they have a tie with Buildah, Podman or Skopeo. Thanks! t

3 years, 4 months

5
4
0 / 0

Recommended way to manage events.log file

by Dale Baley

Hi, we rely on podman events via file for our workflows. Is there a recommended way to truncate/rotate/move the events.log file without losing potential event logs while doing so? journald isn't an option. Thanks in advance

3 years, 4 months

2
1
0 / 0

Podman community Community Cabal meeting tomorrow.

by Daniel Walsh

This months Containers/Podman community Cabal is going to be designing a new feature of Podman, tomorrow. Where Podman copies images from one containers/storage to another over ssh connections. Come and give your input. Also going to discuss new features of podman play kube. https://github.com/containers/podman/discussions/10670

3 years, 4 months

3
6
0 / 0

2024

2023

2022

2021

2020

2019

Podman July 2021