Jan,
Try the sebool described here:
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux_at...
<
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux_at...
<
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux_at...
Best Regards
Scott M
On Tue, Jan 19, 2021 at 9:40 AM Jan Hutař <jhutar(a)redhat.com
<mailto:jhutar@redhat.com>> wrote:
Hello!
I have issue with running "ubi7-init" based container. When I base
mine
container on "fedora", it works fine:
$ cat Containerfile
FROM fedora
RUN dnf -y install httpd; dnf clean all; systemctl enable httpd
EXPOSE 80
CMD [ "/sbin/init" ]
and then:
$ sudo podman build -f Containerfile
$ sudo podman run -ti -p 80:80
20185593d0f96c4dee56e351eae4754cdd429679c1b645dae1b6f24880ce33fc
systemd v246.6-3.fc33 running in system mode. (+PAM +AUDIT
+SELINUX +IMA -APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP
+GCRYPT +GNUTLS +ACL +XZ +LZ4 +ZSTD +SECCOMP +BLKID +ELFUTILS
+KMOD +IDN2 -IDN +PCRE2 default-hierarchy=unified)
[...]
[ OK ] Started The Apache HTTP Server.
[...]
But when I try the same with ubi7-init based container (or
rhel7-init):
$ cat Containerfile
FROM
registry.access.redhat.com/ubi7/ubi-init
<
http://registry.access.redhat.com/ubi7/ubi-init>
RUN echo -e
"[repo1]\nname=repo1\nbaseurl=http://repos.example.com/RHEL-7/7.9/Server/x86_64/os/\ngpgcheck=0\nenabled=1
<
http://repos.example.com/RHEL-7/7.9/Server/x86_64/os/%5Cngpgcheck=0%5Cnen...
>/etc/yum.repos.d/repo1.repo; yum -y install httpd; yum clean all;
systemctl enable httpd
EXPOSE 80
CMD [ "/sbin/init" ]
it fails:
$ sudo podman run -ti -p 80:80
d872b16b8d0f9718c60420e3569cb4d5ddd16053fb72903e70d7b62ba3f34964
Failed to mount cgroup at /sys/fs/cgroup/systemd: Operation
not permitted
[!!!!!!] Failed to mount API filesystems, freezing.
And same with privileged:
$ sudo podman run -ti -p 80:80 --privileged=true
d872b16b8d0f9718c60420e3569cb4d5ddd16053fb72903e70d7b62ba3f34964
Failed to mount cgroup at /sys/fs/cgroup/systemd: Operation
not permitted
[!!!!!!] Failed to mount API filesystems, freezing.
I have these versions:
$ rpm -q fedora-release-common podman
fedora-release-common-33-3.noarch
podman-2.2.1-1.fc33.x86_64
$ sudo podman version
Version: 2.2.1
API Version: 2.1.0
Go Version: go1.15.5
Built: Tue Dec 8 15:37:50 2020
OS/Arch: linux/amd64
Please, any idea on what I'm doing wrong?
Thank you in advance and happy new year!
Regards,
Jan
--
Jan Hutar Performance Engineering
jhutar(a)redhat.com <mailto:jhutar@redhat.com> Red Hat, Inc.
_______________________________________________
Podman mailing list -- podman(a)lists.podman.io
<mailto:podman@lists.podman.io>
To unsubscribe send an email to podman-leave(a)lists.podman.io
<mailto:podman-leave@lists.podman.io>
--
--
The Delicate Art of Product Management with Open
Source:http://crunchtools.com/open-source-in-business-2020/
<
http://crunchtools.com/open-source-in-business-2020/>
--
Scott McCarty Product Management - Containers, Red Hat Enterprise
Linux & OpenShift Email: smccarty(a)redhat.com
<mailto:smccarty@redhat.com> Phone: 312-660-3535 Cell: 330-807-1043
Web:
http://crunchtools.com <
http://crunchtools.com>
_______________________________________________
Podman mailing list -- podman(a)lists.podman.io
To unsubscribe send an email to podman-leave(a)lists.podman.io