View Issue Details

IDProjectCategoryView StatusLast Update
0018269CentOS-8-OTHERpublic2021-08-06 15:30
Reporterivanov17 Assigned To 
PriorityurgentSeveritycrashReproducibilityalways
Status newResolutionopen 
Platformx86_64OSCentOSOS Version8.4
Product Version8.4.2105 
Summary0018269: Run a container with a volume created with uid/gid options fails
DescriptionIf I run a container with a volume created with uid and gid options, it is being created, but the run fails. Containers with volumes that have no uid/gid options are running successfully. It happens with podman 3.0.2-dev on CentOS 8.4, but not with podman 3.2.3 on the last Fedora release. It seems that newer podman versions haven't this bug, and it needs to be fixed by a backport.
Steps To Reproduce1. Create a podman volume with uid and gid options
2. Try to run a container with the created volume

Actual results:

# podman volume create --opt "o=uid=65534,gid=65534" testvol
testvol

# podman run -dt --name testcnt --volume testvol:/srv/test quay.io/centos/centos:stream8 /bin/bash
Error: error mounting volume testvol for container a943c5b1426e3500e731815ca3380b25987935605c28e0a2ef2e0c87cd4e90fc: error mounting volume testvol: mount: /var/lib/containers/storage/volumes/testvol/_data: wrong fs type, bad option, bad superblock on , missing codepage or helper program, or other error.
Additional Information# podman inspect testcnt
[
    {
        "Id": "a943c5b1426e3500e731815ca3380b25987935605c28e0a2ef2e0c87cd4e90fc",
        "Created": "2021-08-05T15:07:31.635801626+03:00",
        "Path": "/bin/bash",
        "Args": [
            "/bin/bash"
        ],
        "State": {
            "OciVersion": "1.0.2-dev",
            "Status": "configured",
            "Running": false,
            "Paused": false,
            "Restarting": false,
            "OOMKilled": false,
            "Dead": false,
            "Pid": 0,
            "ExitCode": 0,
            "Error": "",
            "StartedAt": "0001-01-01T00:00:00Z",
            "FinishedAt": "0001-01-01T00:00:00Z",
            "Healthcheck": {
                "Status": "",
                "FailingStreak": 0,
                "Log": null
            }
        },
        "Image": "de9f931101663e496d80c8bb453dfebfb072b8ecc806ce002bc118ff0b9ce9fe",
        "ImageName": "quay.io/centos/centos:stream8",
        "Rootfs": "",
        "Pod": "",
        "ResolvConfPath": "",
        "HostnamePath": "",
        "HostsPath": "",
        "StaticDir": "/var/lib/containers/storage/overlay-containers/a943c5b1426e3500e731815ca3380b25987935605c28e0a2ef2e0c87cd4e90fc/userdata",
        "OCIRuntime": "runc",
        "ConmonPidFile": "/var/run/containers/storage/overlay-containers/a943c5b1426e3500e731815ca3380b25987935605c28e0a2ef2e0c87cd4e90fc/userdata/conmon.pid",
        "Name": "testcnt",
        "RestartCount": 0,
        "Driver": "overlay",
        "MountLabel": "system_u:object_r:container_file_t:s0:c192,c632",
        "ProcessLabel": "system_u:system_r:container_t:s0:c192,c632",
        "AppArmorProfile": "",
        "EffectiveCaps": [
            "CAP_NET_RAW",
            "CAP_CHOWN",
            "CAP_DAC_OVERRIDE",
            "CAP_FOWNER",
            "CAP_FSETID",
            "CAP_KILL",
            "CAP_NET_BIND_SERVICE",
            "CAP_SETFCAP",
            "CAP_SETGID",
            "CAP_SETPCAP",
            "CAP_SETUID",
            "CAP_SYS_CHROOT"
        ],
        "BoundingCaps": [
            "CAP_NET_RAW",
            "CAP_CHOWN",
            "CAP_DAC_OVERRIDE",
            "CAP_FOWNER",
            "CAP_FSETID",
            "CAP_KILL",
            "CAP_NET_BIND_SERVICE",
            "CAP_SETFCAP",
            "CAP_SETGID",
            "CAP_SETPCAP",
            "CAP_SETUID",
            "CAP_SYS_CHROOT"
        ],
        "ExecIDs": [],
        "GraphDriver": {
            "Name": "overlay",
            "Data": {
                "LowerDir": "/var/lib/containers/storage/overlay/2c0b6c59511dfdb30a03bde30cd9bc3f28f0a50f600f3554bcd26bd924780eb5/diff:/var/lib/containers/storage/overlay/7779655ad20bf01cfb461c3cc98fb8a0b50fa07cd0656b13ba55be6b3d2a71f7/diff:/var/lib/containers/storage/overlay/92538e92de2938d7c4e279f871107b835bf0c8cc76a5a1655d66855706da18b0/diff",
                "UpperDir": "/var/lib/containers/storage/overlay/20e114cab4b80a3c5b4775a382beb0a0297c2d2995380ba35f3dbd82f7fac5da/diff",
                "WorkDir": "/var/lib/containers/storage/overlay/20e114cab4b80a3c5b4775a382beb0a0297c2d2995380ba35f3dbd82f7fac5da/work"
            }
        },
        "Mounts": [
            {
                "Type": "volume",
                "Name": "testvol",
                "Source": "/var/lib/containers/storage/volumes/testvol/_data",
                "Destination": "/srv/test",
                "Driver": "local",
                "Mode": "",
                "Options": [
                    "nosuid",
                    "nodev",
                    "rbind"
                ],
                "RW": true,
                "Propagation": "rprivate"
            }
        ],
        "Dependencies": [],
        "NetworkSettings": {
            "EndpointID": "",
            "Gateway": "",
            "IPAddress": "",
            "IPPrefixLen": 0,
            "IPv6Gateway": "",
            "GlobalIPv6Address": "",
            "GlobalIPv6PrefixLen": 0,
            "MacAddress": "",
            "Bridge": "",
            "SandboxID": "",
            "HairpinMode": false,
            "LinkLocalIPv6Address": "",
            "LinkLocalIPv6PrefixLen": 0,
            "Ports": {},
            "SandboxKey": "",
            "Networks": {
                "podman": {
                    "EndpointID": "",
                    "Gateway": "",
                    "IPAddress": "",
                    "IPPrefixLen": 0,
                    "IPv6Gateway": "",
                    "GlobalIPv6Address": "",
                    "GlobalIPv6PrefixLen": 0,
                    "MacAddress": "",
                    "NetworkID": "podman",
                    "DriverOpts": null,
                    "IPAMConfig": null,
                    "Links": null
                }
            }
        },
        "ExitCommand": [
            "/usr/bin/podman",
            "--root",
            "/var/lib/containers/storage",
            "--runroot",
            "/var/run/containers/storage",
            "--log-level",
            "warning",
            "--cgroup-manager",
            "systemd",
            "--tmpdir",
            "/var/run/libpod",
            "--runtime",
            "runc",
            "--storage-driver",
            "overlay",
            "--storage-opt",
            "overlay.mountopt=nodev,metacopy=on",
            "--events-backend",
            "file",
            "container",
            "cleanup",
            "a943c5b1426e3500e731815ca3380b25987935605c28e0a2ef2e0c87cd4e90fc"
        ],
        "Namespace": "",
        "IsInfra": false,
        "Config": {
            "Hostname": "a943c5b1426e",
            "Domainname": "",
            "User": "",
            "AttachStdin": false,
            "AttachStdout": false,
            "AttachStderr": false,
            "Tty": true,
            "OpenStdin": false,
            "StdinOnce": false,
            "Env": [
                "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
                "TERM=xterm",
                "container=oci"
            ],
            "Cmd": [
                "/bin/bash"
            ],
            "Image": "quay.io/centos/centos:stream8",
            "Volumes": null,
            "WorkingDir": "/",
            "Entrypoint": "",
            "OnBuild": null,
            "Labels": {
                "architecture": "x86_64",
                "build-date": "2020-12-10T01:59:40.343735",
                "com.redhat.build-host": "cpt-1002.osbs.prod.upshift.rdu2.redhat.com",
                "com.redhat.component": "centos-stream-container",
                "com.redhat.license_terms": "https://centos.org/legal/licensing-policy/",
                "description": "CentOS Stream is a continuously delivered distro that tracks just ahead of Red Hat Enterprise Linux development. This image takes the Red Hat UBI and layers on content from CentOS Stream",
                "distribution-scope": "public",
                "io.buildah.version": "1.19.2",
                "io.k8s.description": "The Universal Base Image is designed and engineered to be the base layer for all of your containerized applications, middleware and utilities. This base image is freely redistributable, but Red Hat only supports Red Hat technologies through subscriptions for Red Hat products. This image is maintained by Red Hat and updated regularly.",
                "io.k8s.display-name": "CentOS Stream 8",
                "io.openshift.expose-services": "",
                "io.openshift.tags": "base centos centos-stream",
                "maintainer": "The CentOS Project",
                "name": "centos-stream",
                "release": "227",
                "summary": "Provides a CentOS Stream container based on the Red Hat Universal Base Image",
                "url": "https://access.redhat.com/containers/#/registry.access.redhat.com/ubi8/images/8.3-227",
                "vcs-ref": "3652f52021079930cba3bf90d27d9f191b18115b",
                "vcs-type": "git",
                "vendor": "Red Hat, Inc.",
                "version": "8"
            },
            "Annotations": {
                "io.kubernetes.cri-o.TTY": "true",
                "io.podman.annotations.autoremove": "FALSE",
                "io.podman.annotations.init": "FALSE",
                "io.podman.annotations.privileged": "FALSE",
                "io.podman.annotations.publish-all": "FALSE"
            },
            "StopSignal": 15,
            "CreateCommand": [
                "podman",
                "run",
                "-dt",
                "--name",
                "testcnt",
                "--volume",
                "testvol:/srv/test",
                "quay.io/centos/centos:stream8",
                "/bin/bash"
            ],
            "Umask": "0022"
        },
        "HostConfig": {
            "Binds": [
                "testvol:/srv/test:rw,rprivate,nosuid,nodev,rbind"
            ],
            "CgroupManager": "systemd",
            "CgroupMode": "host",
            "ContainerIDFile": "",
            "LogConfig": {
                "Type": "k8s-file",
                "Config": null,
                "Path": "/var/lib/containers/storage/overlay-containers/a943c5b1426e3500e731815ca3380b25987935605c28e0a2ef2e0c87cd4e90fc/userdata/ctr.log",
                "Tag": "",
                "Size": "0B"
            },
            "NetworkMode": "bridge",
            "PortBindings": {},
            "RestartPolicy": {
                "Name": "",
                "MaximumRetryCount": 0
            },
            "AutoRemove": false,
            "VolumeDriver": "",
            "VolumesFrom": null,
            "CapAdd": [],
            "CapDrop": [
                "CAP_AUDIT_WRITE",
                "CAP_MKNOD"
            ],
            "Dns": [],
            "DnsOptions": [],
            "DnsSearch": [],
            "ExtraHosts": [],
            "GroupAdd": [],
            "IpcMode": "private",
            "Cgroup": "",
            "Cgroups": "default",
            "Links": null,
            "OomScoreAdj": 0,
            "PidMode": "private",
            "Privileged": false,
            "PublishAllPorts": false,
            "ReadonlyRootfs": false,
            "SecurityOpt": [],
            "Tmpfs": {},
            "UTSMode": "private",
            "UsernsMode": "",
            "ShmSize": 65536000,
            "Runtime": "oci",
            "ConsoleSize": [
                0,
                0
            ],
            "Isolation": "",
            "CpuShares": 0,
            "Memory": 0,
            "NanoCpus": 0,
            "CgroupParent": "",
            "BlkioWeight": 0,
            "BlkioWeightDevice": null,
            "BlkioDeviceReadBps": null,
            "BlkioDeviceWriteBps": null,
            "BlkioDeviceReadIOps": null,
            "BlkioDeviceWriteIOps": null,
            "CpuPeriod": 0,
            "CpuQuota": 0,
            "CpuRealtimePeriod": 0,
            "CpuRealtimeRuntime": 0,
            "CpusetCpus": "",
            "CpusetMems": "",
            "Devices": [],
            "DiskQuota": 0,
            "KernelMemory": 0,
            "MemoryReservation": 0,
            "MemorySwap": 0,
            "MemorySwappiness": 0,
            "OomKillDisable": false,
            "PidsLimit": 2048,
            "Ulimits": [
                {
                    "Name": "RLIMIT_NOFILE",
                    "Soft": 1048576,
                    "Hard": 1048576
                },
                {
                    "Name": "RLIMIT_NPROC",
                    "Soft": 4194304,
                    "Hard": 4194304
                }
            ],
            "CpuCount": 0,
            "CpuPercent": 0,
            "IOMaximumIOps": 0,
            "IOMaximumBandwidth": 0,
            "CgroupConf": null
        }
    }
]

# podman volume inspect testvol
[
    {
        "Name": "testvol",
        "Driver": "local",
        "Mountpoint": "/var/lib/containers/storage/volumes/testvol/_data",
        "CreatedAt": "2021-08-05T15:07:31.330092488+03:00",
        "Labels": {},
        "Scope": "local",
        "Options": {
            "GID": "65534",
            "UID": "65534",
            "o": "uid=65534,gid=65534"
        },
        "UID": 65534,
        "GID": 65534
    }
]

# podman info --debug
host:
  arch: amd64
  buildahVersion: 1.19.8
  cgroupManager: systemd
  cgroupVersion: v1
  conmon:
    package: conmon-2.0.26-3.module_el8.4.0+830+8027e1c4.x86_64
    path: /usr/bin/conmon
    version: 'conmon version 2.0.26, commit: 9dea73702793340168deaa5a0d21ca5ce1fcb5d7'
  cpus: 2
  distribution:
    distribution: '"centos"'
    version: "8"
  eventLogger: file
  hostname: centos.lan
  idMappings:
    gidmap: null
    uidmap: null
  kernel: 4.18.0-305.10.2.el8_4.x86_64
  linkmode: dynamic
  memFree: 113541120
  memTotal: 1905274880
  ociRuntime:
    name: runc
    package: runc-1.0.0-73.rc93.module_el8.4.0+830+8027e1c4.x86_64
    path: /usr/bin/runc
    version: |-
      runc version spec: 1.0.2-dev
      go: go1.15.7
      libseccomp: 2.5.1
  os: linux
  remoteSocket:
    exists: true
    path: /run/podman/podman.sock
  security:
    apparmorEnabled: false
    capabilities: CAP_NET_RAW,CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
    rootless: false
    seccompEnabled: true
    selinuxEnabled: true
  slirp4netns:
    executable: ""
    package: ""
    version: ""
  swapFree: 1073737728
  swapTotal: 1073737728
  uptime: 2h 35m 30.17s (Approximately 0.08 days)
registries:
  localhost:5000:
    Blocked: false
    Insecure: true
    Location: localhost:5000
    MirrorByDigestOnly: false
    Mirrors: []
    Prefix: localhost:5000
  search:
  - registry.access.redhat.com
  - registry.centos.org
  - registry.fedoraproject.org
  - registry.opensuse.org
  - docker.io
  - quay.io
store:
  configFile: /etc/containers/storage.conf
  containerStore:
    number: 24
    paused: 0
    running: 24
    stopped: 0
  graphDriverName: overlay
  graphOptions:
    overlay.mountopt: nodev,metacopy=on
  graphRoot: /var/lib/containers/storage
  graphStatus:
    Backing Filesystem: xfs
    Native Overlay Diff: "false"
    Supports d_type: "true"
    Using metacopy: "true"
  imageStore:
    number: 12
  runRoot: /var/run/containers/storage
  volumePath: /var/lib/containers/storage/volumes
version:
  APIVersion: 3.0.0
  Built: 1623427124
  BuiltTime: Fri Jun 11 18:58:44 2021
  GitCommit: ""
  GoVersion: go1.15.7
  OsArch: linux/amd64
  Version: 3.0.2-dev

# rpm -q podman
podman-3.0.1-7.module_el8.4.0+830+8027e1c4.x86_64

# uname -r
4.18.0-305.10.2.el8_4.x86_64
Tags8.4.2105, containers, podman

Activities

There are no notes attached to this issue.

Issue History

Date Modified Username Field Change
2021-08-05 13:56 ivanov17 New Issue
2021-08-05 13:56 ivanov17 Tag Attached: 8.4.2105
2021-08-05 13:56 ivanov17 Tag Attached: containers
2021-08-05 13:56 ivanov17 Tag Attached: podman