search

NixOS / nixpkgs

Nix Packages collection & NixOS
MIT License
18.19k stars 14.2k forks source link

buildah: newgidmap not found - missing dependency on uidmap? #238070

Open a-h opened 1 year ago

a-h commented 1 year ago

Describe the bug

I'm using Ubuntu 22.04.2 LTS with home-manager, configured with nixpkgs 23.05.

When I run nix shell nixpkgs#buildah and then run buildah, I get the following error.

Error during setresgid(0): Invalid argument                                                               
ERRO[0000] finding newgidmap: exec: "newgidmap": executable file not found in $PATH                       
ERRO[0000] (Unable to determine exit status)

It's possible to workaround this by installing the uidmap in Ubuntu using sudo apt-get install uidmap.

Steps To Reproduce

As above.

Expected behavior

I wouldn't expect to have to install the uidmap package on my base Ubuntu operating system, I'd expect it to be supported via the distribution.

Notify maintainers

@Profpatsch

Metadata

[user@system:~]$ nix-shell -p nix-info --run "nix-info -m"
this path will be fetched (0.00 MiB download, 0.00 MiB unpacked):
  /nix/store/szznid54xdgn4idxym2dsg166swah5dc-nix-info
copying path '/nix/store/szznid54xdgn4idxym2dsg166swah5dc-nix-info' from 'https://cache.nixos.org'...
 - system: `"x86_64-linux"`
 - host os: `Linux 5.19.0-43-generic, Ubuntu, 22.04.2 LTS (Jammy Jellyfish), nobuild`
 - multi-user?: `yes`
 - sandbox: `yes`
 - version: `nix-env (Nix) 2.12.0`
 - channels(root): `"nixpkgs"`
 - channels(adrian-hesketh): `"home-manager-22.11.tar.gz"`
 - nixpkgs: `/nix/var/nix/profiles/per-user/root/channels/nixpkgs`
andrewzheng-varian commented 1 year ago

please fix this, otherwise buildah is not functional.

workaround is mentioned is working.

qrilka commented 8 months ago

Got the same error using podman compose. Found newidmap in pkgs.shadow but it fails:

podman compose -f docker-compose-dev.yaml up -d
ERRO[0000] running `/nix/store/9lnr32dcgidlzjhkqc6qlmz6pn2abilz-shadow-4.14.2/bin/newuidmap 452432 0 1000 1 1 100000 65536`: newuidmap: write to uid_map failed: Operation not permitted 
Error: cannot set up namespace using "/nix/store/9lnr32dcgidlzjhkqc6qlmz6pn2abilz-shadow-4.14.2/bin/newuidmap": should have setuid or have filecaps setuid: exit status 1
Semnodime commented 7 months ago

Gathering related issues: https://github.com/containers/podman/discussions/19346 https://github.com/containers/podman/issues/8929

112902

138423

138423

215332

221084

238070

Semnodime commented 7 months ago

Podman's Troubleshooting Guide regarding missing newuidmap for rootless containers: https://github.com/containers/podman/blob/main/troubleshooting.md#9-newuidmap-missing-when-running-rootless-podman-commands