Hello everyone!!

I found this GitHub issue (https://github.com/containers/podman/issues/4490).

There were two recommended actions

  1. Add `--security-opt label=disable` while starting the container
  2. Add `--group-add tty` while starting the container

The first one worked for me while running Envoyproxy 1.15.0. I would like to understand the security implications of this flag.

--
Chintan Mishra

On 08/09/20 10:18 am, Chintan from Rebhu wrote:

Hello everyone!!

I am trying to run Envoyproxy using podman.

I have tried running the application in rootful and rootless mode but in either of these I get the same error.

As mentioned in the Envoyproxy's documentation, I run the following command:

podman run -d -p 10000:10000 envoyproxy/envoy:v1.15.0

However, the container exits and the logs show following errors:

chown: changing ownership of '/dev/stdout': Permission denied
chown: changing ownership of '/dev/stderr': Permission denied

This is the complete output returned from podman logs.

The same error is not present when I switch from v1.15.0 to v1.14.4 of Envoyproxy.

I am out of my wits about this. Please tell me how I should find a solution.

We only use Podman in our infrastructure.

Here are some more details that might be helpful:

Thank you.

--
Chintan Mishra
Rebhu Computing
 
_______________________________________________
Podman mailing list -- podman@lists.podman.io
To unsubscribe send an email to podman-leave@lists.podman.io