Thank you, Brian, for the update. I was confused about what I might be doing wrong.

--
Chintan Mishra

On 22 September 2020 3:45:04 am IST, Brian Smith <briasmit@redhat.com> wrote:
Sorry, please disregard my previous email.  I went back and re-read your original email and I had misread it the first time.  

Thanks,
Brian

On Mon, Sep 21, 2020 at 1:24 PM Brian Smith <briasmit@redhat.com> wrote:

On Mon, Sep 21, 2020 at 12:45 PM Chintan from Rebhu <chintan@rebhu.com> wrote:

Hello!!

I am starting a container using the following command

`sudo podman run -p 80:80 -v ./envoy.yaml:/etc/envoy/envoy.yaml:Z --name dev-envoy --network dev --security-opt label=type:envoy.process envoyproxy/envoy:v1.15.0`

The application starts but exits. It cannot bind to container's port 80. Here is an excerpt from logs:

`cannot bind '0.0.0.0:80': Permission denied`

The SEModule policy was generated using Udica. It can be reviewed here. Steps for this process are discussed in an earlier thread named 'Logs show permission denied error'.

The containerfile used to created this container image executes the application as a non-root user. As the container exits right after it starts, it is impossible to access the container's terminal and attempt elementary troubleshooting steps.

How to bind to HTTP(S) and other lower ports in a rootful container when the application executes as a non-root user?


Thank you.

--
Chintan Mishra
_______________________________________________
Podman mailing list -- podman@lists.podman.io
To unsubscribe send an email to podman-leave@lists.podman.io

--
Sent from my Android device with K-9 Mail. Please excuse my brevity.