If you set up postgrey to listen on 127.0.0.1 I cannot be reached from the
outside, make sure to listen on 0.0.0.0:10023 in the container.
Also I assume you changed the ip here and that you use your actual local ip
there and not 188.8.131.52.
On Thu, Jan 13, 2022 at 3:50 PM Daniel Walsh <dwalsh(a)redhat.com> wrote:
On 1/12/22 16:59, Ranbir wrote:
> On Wed, 2022-01-12 at 15:25 -0500, Daniel Walsh wrote:
>> Try the container in --privileged mode, to see if this is causing the
> That didn't help. :(
>> If it still crashes, then I figure it is something with the user
> The container doesn't crash. It actually runs and I can see postgrey
> running in the container. The problem is when I do a telnet test from
> the host or from another server to the postgrey port I exposed, the
> telnet connection doesn't stay up and instead drops immediately. If the
> container is running rootfull, the telnet test is established and
> doesn't disconnect.
>> Do you have an image I could try?
> It's not uploaded anywhere. I'm turning some of my KVMs into containers
> because I wanted to learn podman and get familiar with it. I've only
> been doing container stuff in general since August of last year.
> Hmmm...can I dump the Containerfile for each image here? They're not
> big. The Rocky Linux 8 Dockerfile is copied directly from their docker
> image page on dockerhub.
> There's some wrapping.
> Here's the latest run command I used:
> "CreateCommand": [
> The volume doesn't matter. I'm just preserving data from my KVM.
> Below are the Containerfile, config file and Dockerfile.
> FROM local/rocky8-systemd
> RUN dnf -y update && \
> dnf -y install epel-release && \
> dnf -y --nodocs install postgrey telnet && \
> dnf clean all && \
> systemctl enable postgrey
> COPY postgrey /etc/sysconfig/
> CMD ["/usr/sbin/init"]
> postgrey sysconfig file
> # Postgrey offers 2 listening types, --inet and --unix. As default,
> # postgrey works under UNIX socket, but, changing to TCP socket on
> # is also available, for instance, let it work at 10023 port of
> # --inet=10023
> # To be more detailed, there is another way if you still run it at
> # --inet=127.0.0.1:10023
> # If postgrey works under UNIX socket way, PID file can be specified to
> # custom location, note that no need to set this if postgrey is working
> # under TCP socket way.
> # Name of group which postgrey belongs, default is postgrey
> # Name of user which postgrey belongs, default is postgrey
> # DELAY
> # For more options can be used, please read manpage or execute `postgrey
> # Custom options.
> rocky linux 8
> FROM rockylinux/rockylinux:latest
> ENV container docker
> RUN (cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i
> == \
> systemd-tmpfiles-setup.service ] || rm -f $i; done); \
> rm -f /lib/systemd/system/multi-user.target.wants/*;\
> rm -f /etc/systemd/system/*.wants/*;\
> rm -f /lib/systemd/system/local-fs.target.wants/*; \
> rm -f /lib/systemd/system/sockets.target.wants/*udev*; \
> rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \
> rm -f /lib/systemd/system/basic.target.wants/*;\
> rm -f /lib/systemd/system/anaconda.target.wants/*;
> VOLUME [ "/sys/fs/cgroup" ]
> CMD ["/usr/sbin/init"]
Giuseppe, Paul, Matt Do you think this is slirp4netns related?
Ranbir could you try with --net=hosts