September 2023 - Podman - Podman List Archives

by lejeczek

Hi guys. Do you use # in your envs? I wonder if it's just me having issues with those. For a test, to reproduce the issue, 'ghost' web solution would be easy & quick: -> $ podman run -dt ...................... --env database__client=mysql --env database__connection__host=11.1.0.1 --env database__connection__user=ghostadm --env database__connection__password='xyz#admghost' --env database__connection__database=ghost_xyz --env url=https://ghost.xyz So far all I've tried with 'database__connection__password' failed, quoting &| escaping. I often use # - does anybody have a way to make it work? many thanks, L.

2 months

3
3
0 / 0

RunRoot & mistaken IDs

by lejeczek

Hi guys. I experience this: -> $ podman images WARN[0000] RunRoot is pointing to a path (/run/user/1007/containers) which is not writable. Most likely podman will fail. Error: creating events dirs: mkdir /run/user/1007: permission denied -> $ id uid=2001(podmania) gid=2001(podmania) groups=2001(podmania) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 I think it might have something to do with the fact that I changed UID for the user, but why would this be? How troubleshoot & fix it, ideally without system reboot? many thanks, L.

3 months, 1 week

4
11
1 / 0

shouldn't the current directory be the default context for "podman build"?

by Robert P. J. Day

"man podman-build" suggests that the context argument is optional: SYNOPSIS podman build [options] [context] podman image build [options] [context] ... If no context directory is specified, then Podman will assume the current working directory as the build context, which should contain the Containerfile. but if i have a directory with nothing but a Containerfile, i get: $ podman build Error: no context directory specified, and no containerfile specified $ OTOH, specifying context of current directory: $ podman build . STEP 1: FROM alpine:latest ... etc etc ... thoughts? rday

10 months

4
5
0 / 0

mqueue msg_max in rootless container

by Michael Ivanov

Hallo! I'm trying to run my application in podman rootless container and I stumble on following problem: my program needs /proc/sys/fs/mqueue/msg_max to be at least 256, but in running container this value is just 10. When I try to specify this parameter while running the image (--sysctl 'fs.mqueue.msg_max=256') I get the following error: Error: open /proc/sys/fs/mqueue/msg_max: Permission denied: OCI permission denied and container is not created. My host where container is being run has this parameter set to 256. How can I expose current host setting for msg_max to my container? Best regards, -- \ / | | (OvO) | Михаил Иванов | (^^^) | | \^/ | E-mail: ivans(a)isle.spb.ru | ^ ^ | |

1 year, 10 months

4
10
0 / 0

Podman Community Meeting - Tues October 3, 2023, 11:00 am EDT (UTC-4)

by Tom Sweeney

Hi All! The next Podman Community Meeting is happening in just over 5 days from now, on next Tuesday Oct 3, 2023, at 11:00am EDT(UTC-4). We'll have a demo on Quadlet, one on Modules, and room for more if you have topics. Agenda with Conference link: https://hackmd.io/fc1zraYdS0-klJ2KJcfC7w Hope to see you there! t

2 years

3
2
0 / 0

[Announcement] New Podman release: v4.7.0

by Lokesh Mandvekar

We’re excited to announce that Podman v4.7.0 has been released! This release includes over 40 features and over 30 bugfixes. Some highlights include: - Modules feature on Linux: A module is a containers.conf file located at a specific directory. Stay tuned for an upcoming blog post explaining this feature in detail. - Docker Compose bugfix: We fixed a bug with resource limits that caused Docker Compose to be unable to run containers due to being unable to set oom_score_adj when the most recent crun version was used as OCI runtime. - Better Quadlet: Support for DNS, ShmSize, PidsLimit and Ulimit options. For a full list of features, bugfixes and changes, check out the v4.7.0 release page https://github.com/containers/podman/releases/tag/v4.7.0 Try it out and let us know what you think! -- Lokesh Libera, GitLab, GitHub, Fedora: lsm5 Matrix: @lsm5:lsm5.ems.host GPG: 9E33DD8704CC03E2DEB84D9A1C1EDD7CC7C3A0DD https://keybase.io/lsm5

2 years

1
0
0 / 0

systemctl status during podman build

by etc＠balosh.net

Hi, question that I don't understand, I'd be grateful for explaining or reference to what I should read to get it. Why during Podman build command `systemctl enable httpd` is working but `systemctl status httpd` is not working? Dockerfile not working: ``` FROM registry.access.redhat.com/ubi8/ubi-init RUN yum -y install httpd; yum clean all; RUN systemctl enable httpd; RUN systemctl status httpd; ``` output of `podman build .`: ``` STEP 2/4: RUN yum -y install httpd; yum clean all; STEP 1/4: FROM registry.access.redhat.com/ubi8/ubi-init Build output: --> 02f6efde590f --> Using cache 02f6efde590f9fec989c04a01a661d2650b462aeb8e61ad3c0e00aae1b16b1ef --> Using cache 4f85f566fdee4fd8f5e8058dbf39c5ec9be95a4879d4d9a8c7a77f5b9cadf8a7 STEP 3/4: RUN systemctl enable httpd; STEP 4/4: RUN systemctl status httpd; --> 4f85f566fdee System has not been booted with systemd as init system (PID 1). Can't operate. Failed to connect to bus: Host is down ``` But! If I exec into the container when he is running both of them are working. Working Dockerfile: ``` FROM registry.access.redhat.com/ubi8/ubi-init RUN yum -y install httpd; yum clean all; RUN systemctl enable httpd; ``` command: `podman build . -t x ; podman run -d --name x x ; podman exec -ti x bash -c "systemctl status httpd"` runs with success ``` STEP 1/3: FROM registry.access.redhat.com/ubi8/ubi-init STEP 2/3: RUN yum -y install httpd; yum clean all; --> Using cache 02f6efde590f9fec989c04a01a661d2650b462aeb8e61ad3c0e00aae1b16b1ef --> 02f6efde590f STEP 3/3: RUN systemctl enable httpd; --> Using cache 4f85f566fdee4fd8f5e8058dbf39c5ec9be95a4879d4d9a8c7a77f5b9cadf8a7 COMMIT x --> 4f85f566fdee Successfully tagged localhost/x:latest 4f85f566fdee4fd8f5e8058dbf39c5ec9be95a4879d4d9a8c7a77f5b9cadf8a7 214ee56866fc0e7d71b6d152749bdcb65d4e5aadb95dafcebb5661ee20770619 [root@214ee56866fc /]# systemctl status httpd ● httpd.service - The Apache HTTP Server Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled) Active: active (running) since Tue 2023-09-19 20:07:22 UTC; 6s ago Docs: man:httpd.service(8) Main PID: 30 (httpd) Status: "Started, listening on: port 80" Tasks: 213 (limit: 1638) Memory: 22.3M CGroup: /system.slice/httpd.service ├─30 /usr/sbin/httpd -DFOREGROUND ├─34 /usr/sbin/httpd -DFOREGROUND ├─35 /usr/sbin/httpd -DFOREGROUND ├─36 /usr/sbin/httpd -DFOREGROUND └─37 /usr/sbin/httpd -DFOREGROUND versions: podman version 4.6.2 on macos ventura 13.5.2

2 years

3
5
0 / 0

Re: Can user override registries.conf?

by Valentin Rothberg

On Fri, Sep 22, 2023 at 9:01 PM Rahaman, Ronald O <rrahaman6(a)gatech.edu> wrote: > Hi all, > > > > Can you confirm that, in rootless, users cannot override > /etc/containers/registries.conf with ~/.config/containers/registries.conf > ? We’d like to be able to whitelist registries for our site. > Yes, users can override system configurations in their home directory. As outlined in the man pages [1], the config in the home directory will be loaded _instead_ of the system configuration in /etc. That means it will override and not add to the system configuration. Kind regards, Valentin [1] https://github.com/containers/image/blob/main/docs/containers-registries.... > As an example, suppose I have this in /etc/containers/registries.conf. > The intent is to blacklist all of docker.io; and whitelilst > docker.io/ubuntu. I’ve found it works as intended. > > > > [[registry]] > > location="docker.io" > > blocked=true > > > > [[registry]] > > location="docker.io/ubuntu" > > blocked=false > > > > I want to confirm that a user can’t whitelist additional registries in > ~/.config/containers/registries.conf with something like > > > > [[registry]] > > location="docker.io/unsafe-namespace" > > blocked=false > > > > I’ve tested this myself, and it seems like users can’t override. But I’d > like to be 100% sure. > > > > Thanks, > > Ron > > > > -------- > > Ron Rahaman > > Research Scientist II, Research Software Engineer > > Partnership for an Advanced Computing Environment (PACE) > > Georgia Institute of Technology > _______________________________________________ > Podman mailing list -- podman(a)lists.podman.io > To unsubscribe send an email to podman-leave(a)lists.podman.io >

2 years

1
0
0 / 0

Can user override registries.conf?

by Rahaman, Ronald O

Hi all, Can you confirm that, in rootless, users cannot override /etc/containers/registries.conf with ~/.config/containers/registries.conf ? We’d like to be able to whitelist registries for our site. As an example, suppose I have this in /etc/containers/registries.conf. The intent is to blacklist all of docker.io; and whitelilst docker.io/ubuntu. I’ve found it works as intended. [[registry]] location="docker.io" blocked=true [[registry]] location="docker.io/ubuntu" blocked=false I want to confirm that a user can’t whitelist additional registries in ~/.config/containers/registries.conf with something like [[registry]] location="docker.io/unsafe-namespace" blocked=false I’ve tested this myself, and it seems like users can’t override. But I’d like to be 100% sure. Thanks, Ron -------- Ron Rahaman Research Scientist II, Research Software Engineer Partnership for an Advanced Computing Environment (PACE) Georgia Institute of Technology

2 years

1
0
0 / 0

Quay.io Images are now available again

by Tom Sweeney

Hi All, The Podman, Buildah, and Skopeo container images for all of the versions on Quay.iohave now been restored. If one is missing, please create an issue in GitHub. Thanks for the patience, apologies for any inconvenience, and details at: https://github.com/containers/podman/discussions/19796#discussioncomment-... Thanks! t

2 years

2
1
0 / 0

2025

2024

2023

2022

2021

2020

2019

Podman September 2023