October 2022 - Podman - Podman List Archives

=?utf-8?q?=5BPodman=5D?=(Meta) Security warnings for podman mailing list

by Joost Molenaar

Hi all, for ~every message posted to this list, some email clients display an error, in my case "This email has failed its domain's authentication requirements. It may be spoofed or improperly forwarded." These are the authentication results for a recent message from the list: Authentication-Results: mailin008.protonmail.ch; arc=none smtp.remote-ip=8.43.85.227 Authentication-Results: mailin008.protonmail.ch; dkim=none Authentication-Results: mailin008.protonmail.ch; spf=none smtp.mailfrom=lists.podman.io Authentication-Results: mailin008.protonmail.ch; dmarc=fail (p=none dis=none) header.from=redhat.com If I understand correctly, Mailman has an option[1] to change the From: header in the email and add the original sender's name and address to the Reply-To: header, which leads to a slightly worse user experience, but is better for security because it reduces the number of false positives we get exposed to. So my question is, could we enable DMARC mitigation to reduce warning fatigue? Regards, Joost Molenaar [1]: https://docs.mailman3.org/projects/mailman/en/latest/src/mailman/handlers...

2 months, 2 weeks

4
4
0 / 0

Using Eclipse with Podman Engine on Linux

by Mehdi Haghgoo

I want to use Eclipse with Podman backend on Windows. I have Podman Desktop installed and the podman context is: Name URI Identity Default podman-machine-default ssh://user@localhost:64926/run/user/1000/podman/podman.sock C:\Users\me\.ssh\podman-machine-default true podman-machine-default-root ssh://root@localhost:64926/run/podman/podman.sock C:\Users\me\.ssh\podman-machine-default false Eclipse's Docker tooling has a setting for Container engine like the following: It takes either a unix socket or a TCP connection, but none of them accept the value specified by Podman URI like ssh://user@localhost:64926/run/user/1000/podman/podman.sock. Is there a workaround I can connect Eclipse to Podman engine on Windows?

4 months, 3 weeks

3
5
0 / 0

Question about expectations when running play kube and using volumes

by Martin Jackson

Hello, Yesterday I opened https://github.com/containers/podman/issues/16348 - the heart of the issue is that when starting a pod with volumes, when the pod comes down, it can't come up again without removing the volumes. I'm open to the idea that I can improve how I'm doing the deployment; but it seems that having to remove volumes before restarting the pod does not seem like something we want to require. If we were to have another stateful service running under podman (postgres? strimzi?), having the pod fail to restart after a reboot seems like it might be a big issue. What do you think? -- Martin Jackson Sr. Principal Software Engineer, Ecosystem Engineering Red Hat <https://www.redhat.com/> mhjacks(a)redhat.com @RedHat <https://twitter.com/redhat> Red Hat <https://www.linkedin.com/company/red-hat> Red Hat <https://www.facebook.com/RedHatInc> <https://www.redhat.com/> <https://redhat.com/summit>

4 months, 3 weeks

3
3
0 / 0

podman container storage backup

by Michael Ivanov

Greetings, I make periodic backups of my laptop where I use some podman containers. To perform a backup I just invoke rsync to copy my /home/xxxx/.local/share/containers directory to nfs mounted filesystem. Containers are running, but quiescent, no real activity occurs. Is this a correct way to back up or is there anything special about container directory to be taken into account? As far as I understand some hash-named subdirectories are shared between different containers and images using special kind of mounts, can this lead to duplicate copies r inconsistencies? Underlying fs is btrfs. Thanks, -- \ / | | (OvO) | Михаил Иванов | (^^^) | | \^/ | E-mail: ivans(a)isle.spb.ru | ^ ^ | |

5 months, 1 week

3
2
0 / 0

runtime/cgo: pthread_create failed: Resource temporarily unavailable SIGABRT: abort

by GHui Wu

$ podman images runtime/cgo: pthread_create failed: Resource temporarily unavailable SIGABRT: abort PC=0x2b9fff366387 m=0 sigcode=18446744073709551610 goroutine 0 [idle]: runtime: unknown pc 0x2b9fff366387 stack: frame={sp:0x7ffe6e195d58, fp:0x0} stack=[0x7ffe6df97128,0x7ffe6e196160) 00007ffe6e195c58: 2f7374726f707865 762f3a6572616873 00007ffe6e195c68: 662f62696c2f7261 652f6b617074616c 00007ffe6e195c78: 732f7374726f7078 73752f3a65726168 00007ffe6e195c88: 2f6c61636f6c2f72 752f3a6572616873 00007ffe6e195c98: 65726168732f7273 0000000000000000 00007ffe6e195ca8: 0000000000000000 0000000000000000 00007ffe6e195cb8: 0000000000000000 2e656d69746e7572 00007ffe6e195cc8: 6e65766163736762 0000000000000000 00007ffe6e195cd8: 0000000000000000 2f3a65726168732f 00007ffe6e195ce8: 2f62696c2f726176 0000000074616c66 00007ffe6e195cf8: 2f7374726f707865 0000000000000002 00007ffe6e195d08: 0000000000000000 0000000000000000 00007ffe6e195d18: 0000000000000000 0000000000000000 00007ffe6e195d28: 00002b9fff6f8868 00000000020600ae 00007ffe6e195d38: 0000000003ff0080 0000000000000000 00007ffe6e195d48: 0000000001f8b1e0 0000000000000000 00007ffe6e195d58: <00002b9fff367a78 0000000000000020 00007ffe6e195d68: 0000000000000000 0000000000000000 00007ffe6e195d78: 0000000000000000 0000000000000000 00007ffe6e195d88: 0000000000000000 0000000000000000 00007ffe6e195d98: 0000000000000000 0000000000000000 00007ffe6e195da8: 0000000000000000 0000000000000000 00007ffe6e195db8: 0000000000000000 0000000000000000 00007ffe6e195dc8: 0000000000000000 0000000000000000 00007ffe6e195dd8: 0000000000000000 0000000000000000 00007ffe6e195de8: 0000000000000000 0000000000000000 00007ffe6e195df8: 0000000000000000 0000000000000000 00007ffe6e195e08: 0000000000000000 0000000000000000 00007ffe6e195e18: 0000000000000000 0000000000000000 00007ffe6e195e28: 0000000000000000 0000000000000000 00007ffe6e195e38: 0000000000000000 0000000003ff0080 00007ffe6e195e48: 0000000000000000 0000000001f8b1e0 runtime: unknown pc 0x2b9fff366387 stack: frame={sp:0x7ffe6e195d58, fp:0x0} stack=[0x7ffe6df97128,0x7ffe6e196160) 00007ffe6e195c58: 2f7374726f707865 762f3a6572616873 00007ffe6e195c68: 662f62696c2f7261 652f6b617074616c 00007ffe6e195c78: 732f7374726f7078 73752f3a65726168 00007ffe6e195c88: 2f6c61636f6c2f72 752f3a6572616873 00007ffe6e195c98: 65726168732f7273 0000000000000000 00007ffe6e195ca8: 0000000000000000 0000000000000000 00007ffe6e195cb8: 0000000000000000 2e656d69746e7572 00007ffe6e195cc8: 6e65766163736762 0000000000000000 00007ffe6e195cd8: 0000000000000000 2f3a65726168732f 00007ffe6e195ce8: 2f62696c2f726176 0000000074616c66 00007ffe6e195cf8: 2f7374726f707865 0000000000000002 00007ffe6e195d08: 0000000000000000 0000000000000000 00007ffe6e195d18: 0000000000000000 0000000000000000 00007ffe6e195d28: 00002b9fff6f8868 00000000020600ae 00007ffe6e195d38: 0000000003ff0080 0000000000000000 00007ffe6e195d48: 0000000001f8b1e0 0000000000000000 00007ffe6e195d58: <00002b9fff367a78 0000000000000020 00007ffe6e195d68: 0000000000000000 0000000000000000 00007ffe6e195d78: 0000000000000000 0000000000000000 00007ffe6e195d88: 0000000000000000 0000000000000000 00007ffe6e195d98: 0000000000000000 0000000000000000 00007ffe6e195da8: 0000000000000000 0000000000000000 00007ffe6e195db8: 0000000000000000 0000000000000000 00007ffe6e195dc8: 0000000000000000 0000000000000000 00007ffe6e195dd8: 0000000000000000 0000000000000000 00007ffe6e195de8: 0000000000000000 0000000000000000 00007ffe6e195df8: 0000000000000000 0000000000000000 00007ffe6e195e08: 0000000000000000 0000000000000000 00007ffe6e195e18: 0000000000000000 0000000000000000 00007ffe6e195e28: 0000000000000000 0000000000000000 00007ffe6e195e38: 0000000000000000 0000000003ff0080 00007ffe6e195e48: 0000000000000000 0000000001f8b1e0 goroutine 1 [running, locked to thread]: runtime.asmcgocall(0x18ea9a0, 0xc0000986f8) /usr/lib/golang/src/runtime/asm_amd64.s:652 +0x42 fp=0xc0000986e0 sp=0xc0000986d8 pc=0x47e302 runtime.newm1(0xc000100400) /usr/lib/golang/src/runtime/proc.go:2139 +0xa5 fp=0xc000098720 sp=0xc0000986e0 pc=0x44a685 runtime.newm(0x1de1bc0, 0x0, 0xffffffffffffffff) /usr/lib/golang/src/runtime/proc.go:2123 +0xa6 fp=0xc000098758 sp=0xc000098720 pc=0x44a526 runtime.startTemplateThread() /usr/lib/golang/src/runtime/proc.go:2164 +0xb2 fp=0xc000098788 sp=0xc000098758 pc=0x44a7b2 runtime.main() /usr/lib/golang/src/runtime/proc.go:204 +0x1d9 fp=0xc0000987e0 sp=0xc000098788 pc=0x446719 runtime.goexit() /usr/lib/golang/src/runtime/asm_amd64.s:1371 +0x1 fp=0xc0000987e8 sp=0xc0000987e0 pc=0x47e6c1 rax 0x0 rbx 0x2b9fff6f8868 rcx 0xffffffffffffffff rdx 0x6 rdi 0x121b rsi 0x121b rbp 0x20600ae rsp 0x7ffe6e195d58 r8 0xa r9 0x2b9ffe04d840 r10 0x8 r11 0x206 r12 0x3ff0080 r13 0x0 r14 0x1f8b1e0 r15 0x0 rip 0x2b9fff366387 rflags 0x206 cs 0x33 fs 0x0 gs 0x0

5 months, 1 week

2
2
0 / 0

Cancelled! Podman Community Cabal Meeting on October 20, 2022 at 11:00 am EDT (UTC-5)

by Tom Sweeney

Hi All, A large number of the regular attendees will be involved in another meeting at the same time next week, including myself. Given that and the fact that we currently have no topics for the meeting, we have decided to cancel the Podman Community Cabal meeting next Thursday October 20, 2022. The next Podman Community Cabal Meeting will be on Thursday November 17, 2022 at 11:00 a.m. EST (UTC-4). Please note that the US will be rolling back our clocks an hour between then and now. If you have any topics that you'd like to discuss, please let me know. Thanks all! t

5 months, 2 weeks

1
0
0 / 0

Podman Community meeting tomorrow, Tues Oct 4, 2022 at 11:00 a.m. EDT (UTC-5)

by Tom Sweeney

Hi All, In just under 21 hours from now, at 11:00 a.m. EDT (UTC-5) on Tues Oct 4, the Podman Community Meeting will be starting up. We'll have demos on Distrobox, the Vault Test Suite, and an open forum for any questions and answers. Free to attend virtually, meeting info ison the agenda: https://podman.io/community/meeting/agenda/ <https://t.co/tEqURz2atf> Hope to see you there! t

5 months, 3 weeks

1
0
0 / 0

2023

2022

2021

2020

2019

Podman October 2022