search

containers / podman

Podman: A tool for managing OCI containers and pods.
https://podman.io
Apache License 2.0
23.58k stars 2.4k forks source link

"podman build" after startx fails with "error running container: error from /usr/bin/crun creating container for [/bin/sh -c /bin/true]: sd-bus call: Process org.freedesktop.systemd1 exited with status 1: Input/output error" #13429

Closed eriksjolund closed 2 years ago

eriksjolund commented 2 years ago

Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)

/kind bug

Description

podman build fails after opening a virtual console and running startx. The error message is:

error running container: error from /usr/bin/crun creating container for [/bin/sh -c /bin/true]: sd-bus call: Process org.freedesktop.systemd1 exited with status 1: Input/output error
: exit status 1
ERRO[0008] did not get container create message from subprocess: read |0: i/o timeout 
Error: error building at STEP "RUN /bin/true": error while running runtime: exit status 1
WARN[0009] Failed to add pause process to systemd sandbox cgroup: Process org.freedesktop.systemd1 exited with status 1

The same Dockerfile builds successfully if startx is not run before.

Steps to reproduce the issue:

  1. As root run

    [root@laptop ~]# useradd test103
[root@laptop ~]# passwd test103
Changing password for user test103.
New password: 
Retype new password: 
passwd: all authentication tokens updated successfully.
[root@laptop ~]#

  2. Switch to a virtual console by pressing Ctrl-Alt-F3

  3. Log in with the user test103

  4. Run startx

    [test103@laptop ~]$ startx

  5. Open gnome-terminal

  6. Create the file /tmp/e/Dockerfile with the content

    FROM docker.io/library/alpine
RUN /bin/true

    by running these commands

    [test103@laptop ~]$ mkdir /tmp/e
[test103@laptop ~]$ emacs /tmp/e/Dockerfile
[test103@laptop ~]$ cat /tmp/e/Dockerfile
FROM docker.io/library/alpine
RUN /bin/true
[test103@laptop ~]$

  7. Build the container image

    [test103@laptop ~]$ podman build -t test /tmp/e 
STEP 1/2: FROM docker.io/library/alpine
Trying to pull docker.io/library/alpine:latest...
Getting image source signatures
Copying blob 59bf1c3509f3 done  
Copying config c059bfaa84 done  
Writing manifest to image destination
Storing signatures
STEP 2/2: RUN /bin/true
error running container: error from /usr/bin/crun creating container for [/bin/sh -c /bin/true]: sd-bus call: Process org.freedesktop.systemd1 exited with status 1: Input/output error
: exit status 1
ERRO[0008] did not get container create message from subprocess: read |0: i/o timeout 
Error: error building at STEP "RUN /bin/true": error while running runtime: exit status 1
WARN[0009] Failed to add pause process to systemd sandbox cgroup: Process org.freedesktop.systemd1 exited with status 1 
[test103@laptop ~]$

Describe the results you received:

The error message 

error running container: error from /usr/bin/crun creating container for [/bin/sh -c /bin/true]: sd-bus call: Process org.freedesktop.systemd1 exited with status 1: Input/output error
: exit status 1
ERRO[0008] did not get container create message from subprocess: read |0: i/o timeout 
Error: error building at STEP "RUN /bin/true": error while running runtime: exit status 1
WARN[0009] Failed to add pause process to systemd sandbox cgroup: Process org.freedesktop.systemd1 exited with status 1

Describe the results you expected:

No error message

Additional information you deem important (e.g. issue happens only occasionally):

[test103@laptop ~]$ env | sort
}
BASH_FUNC_which%%=() {  ( alias;
COLORTERM=truecolor
DBUS_SESSION_BUS_ADDRESS=unix:abstract=/tmp/dbus-gEJPMRXYEB,guid=7065dd2893eb5caf9bfcfccd6223689a
DEBUGINFOD_URLS=https://debuginfod.fedoraproject.org/ 
DISPLAY=:3
EDITOR=/usr/bin/nano
 eval ${which_declare} ) | /usr/bin/which --tty-only --read-alias --read-functions --show-tilde --show-dot "$@"
GNOME_TERMINAL_SCREEN=/org/gnome/Terminal/screen/4e5d92fb_1b81_4eea_8fed_8c5c005930dd
GNOME_TERMINAL_SERVICE=:1.67
HISTCONTROL=ignoredups
HISTSIZE=1000
HOME=/home/test103
HOSTNAME=laptop
LANG=en_US.UTF-8
LESSOPEN=||/usr/bin/lesspipe.sh %s
LOGNAME=test103
LS_COLORS=rs=0:di=01;34:ln=01;36:mh=00:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:mi=01;37;41:su=37;41:sg=30;43:ca=30;41:tw=30;42:ow=34;42:st=37;44:ex=01;32:*.tar=01;31:*.tgz=01;31:*.arc=01;31:*.arj=01;31:*.taz=01;31:*.lha=01;31:*.lz4=01;31:*.lzh=01;31:*.lzma=01;31:*.tlz=01;31:*.txz=01;31:*.tzo=01;31:*.t7z=01;31:*.zip=01;31:*.z=01;31:*.dz=01;31:*.gz=01;31:*.lrz=01;31:*.lz=01;31:*.lzo=01;31:*.xz=01;31:*.zst=01;31:*.tzst=01;31:*.bz2=01;31:*.bz=01;31:*.tbz=01;31:*.tbz2=01;31:*.tz=01;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.war=01;31:*.ear=01;31:*.sar=01;31:*.rar=01;31:*.alz=01;31:*.ace=01;31:*.zoo=01;31:*.cpio=01;31:*.7z=01;31:*.rz=01;31:*.cab=01;31:*.wim=01;31:*.swm=01;31:*.dwm=01;31:*.esd=01;31:*.jpg=01;35:*.jpeg=01;35:*.mjpg=01;35:*.mjpeg=01;35:*.gif=01;35:*.bmp=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.svg=01;35:*.svgz=01;35:*.mng=01;35:*.pcx=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.m2v=01;35:*.mkv=01;35:*.webm=01;35:*.webp=01;35:*.ogm=01;35:*.mp4=01;35:*.m4v=01;35:*.mp4v=01;35:*.vob=01;35:*.qt=01;35:*.nuv=01;35:*.wmv=01;35:*.asf=01;35:*.rm=01;35:*.rmvb=01;35:*.flc=01;35:*.avi=01;35:*.fli=01;35:*.flv=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.yuv=01;35:*.cgm=01;35:*.emf=01;35:*.ogv=01;35:*.ogx=01;35:*.aac=01;36:*.au=01;36:*.flac=01;36:*.m4a=01;36:*.mid=01;36:*.midi=01;36:*.mka=01;36:*.mp3=01;36:*.mpc=01;36:*.ogg=01;36:*.ra=01;36:*.wav=01;36:*.oga=01;36:*.opus=01;36:*.spx=01;36:*.xspf=01;36:
MAIL=/var/spool/mail/test103
MOZ_GMP_PATH=/usr/lib64/mozilla/plugins/gmp-gmpopenh264/system-installed
PATH=/home/test103/.local/bin:/home/test103/bin:/usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin
PWD=/home/test103
QT_IM_MODULE=ibus
SESSION_MANAGER=local/unix:@/tmp/.ICE-unix/21162,unix/unix:/tmp/.ICE-unix/21162
SHELL=/bin/bash
SHLVL=0
SSH_AGENT_PID=21205
SSH_AUTH_SOCK=/run/user/1050/keyring/ssh
SYSTEMD_EXEC_PID=19545
TERM=xterm-256color
USER=test103
_=/usr/bin/env
VTE_VERSION=6602
which_declare=declare -f
WINDOWPATH=4
XAUTHORITY=/home/test103/.Xauthority
XDG_CURRENT_DESKTOP=GNOME
XDG_DATA_DIRS=/home/test103/.local/share/flatpak/exports/share:/var/lib/flatpak/exports/share:/usr/local/share:/usr/share
XDG_MENU_PREFIX=gnome-
XDG_RUNTIME_DIR=/run/user/1050
XDG_SESSION_CLASS=user
XDG_SESSION_TYPE=tty
XMODIFIERS=@im=ibus
XORG_RUN_AS_USER_OK=1
[test103@laptop ~]$ 
[test103@laptop ~]$ ps axuw | grep test103
root       19545  0.0  0.0  15400  8088 ?        Ss   14:41   0:00 login -- test103
test103    20983  0.0  0.0  21632 14108 ?        Ss   14:41   0:00 /usr/lib/systemd/systemd --user
test103    20988  0.0  0.0 191984  6844 ?        S    14:41   0:00 (sd-pam)
test103    21014  0.0  0.0 224200  5484 tty4     Ss   14:41   0:00 -bash
test103    21069  0.0  0.0 222652  3896 tty4     S+   14:41   0:00 /usr/bin/sh /usr/bin/startx
test103    21091  0.0  0.0   4148  1436 tty4     S+   14:41   0:00 xinit /etc/X11/xinit/xinitrc -- /usr/bin/X :3 vt4 -keeptty -auth /home/test103/.serverauth.21069
test103    21093  1.0  0.2 1394268 90028 tty4    Sl   14:41   0:12 /usr/libexec/Xorg :3 vt4 -keeptty -auth /home/test103/.serverauth.21069
test103    21162  0.0  0.0 736384 20064 ?        Ssl  14:41   0:00 /usr/libexec/gnome-session-binary
test103    21174  0.0  0.0   8064  1768 ?        S    14:41   0:00 dbus-launch --sh-syntax --exit-with-session
test103    21176  0.0  0.0  10068  3692 ?        Ss   14:41   0:00 /usr/bin/dbus-daemon --syslog --fork --print-pid 5 --print-address 7 --session
test103    21205  0.0  0.0   6140   456 ?        Ss   14:41   0:00 /usr/bin/ssh-agent /etc/X11/xinit/Xclients
test103    21224  0.0  0.0 308536  7760 ?        Sl   14:41   0:00 /usr/libexec/at-spi-bus-launcher
test103    21229  0.0  0.0   9208  4896 ?        S    14:41   0:00 /usr/bin/dbus-daemon --config-file=/usr/share/defaults/at-spi2/accessibility.conf --nofork --print-address 3
test103    21233  0.0  0.0 452172  7712 ?        Sl   14:41   0:00 /usr/libexec/gvfsd
test103    21238  0.0  0.0 379920  6188 ?        Sl   14:41   0:00 /usr/libexec/gvfsd-fuse /run/user/1050/gvfs -f
test103    21261  0.0  0.0 452464  6036 ?        Sl   14:41   0:00 /usr/bin/gnome-keyring-daemon --start --components=ssh
test103    21271  0.9  0.6 5303908 198720 ?      Sl   14:41   0:11 /usr/bin/gnome-shell
test103    21303  0.0  0.0 527360 12152 ?        Sl   14:41   0:00 ibus-daemon --panel disable --xim
test103    21307  0.0  0.0 449072  6972 ?        Sl   14:41   0:00 /usr/libexec/ibus-dconf
test103    21308  0.1  0.1 597144 34364 ?        Sl   14:41   0:01 /usr/libexec/ibus-extension-gtk3
test103    21310  0.0  0.0 517600 28868 ?        Sl   14:41   0:00 /usr/libexec/ibus-x11 --kill-daemon
test103    21312  0.0  0.0 449028  6392 ?        Sl   14:41   0:00 /usr/libexec/ibus-portal
test103    21321  0.0  0.0 447908  5056 ?        Sl   14:41   0:00 /usr/libexec/xdg-permission-store
test103    21325  0.0  0.0 584324 21996 ?        Sl   14:41   0:00 /usr/libexec/gnome-shell-calendar-server
test103    21332  0.0  0.0 161580  7716 ?        Sl   14:41   0:00 /usr/libexec/at-spi2-registryd --use-gnome-session
test103    21339  0.0  0.0 605672 26792 ?        Sl   14:41   0:00 /usr/libexec/evolution-source-registry
test103    21347  0.0  0.0 156020  5656 ?        Sl   14:41   0:00 /usr/libexec/dconf-service
test103    21353  0.0  0.1 897856 39972 ?        Sl   14:41   0:00 /usr/libexec/goa-daemon
test103    21357  0.0  0.0 1061572 31312 ?       Sl   14:41   0:00 /usr/libexec/evolution-calendar-factory
test103    21358  0.0  0.0 329028 17480 ?        S<sl 14:41   0:00 /usr/bin/pipewire
test103    21359  0.0  0.0 544756 17508 ?        S<sl 14:41   0:00 /usr/bin/wireplumber
test103    21360  0.0  0.0 251084 13628 ?        S<sl 14:41   0:00 /usr/bin/pipewire-pulse
test103    21375  0.0  0.0 529724  9128 ?        Sl   14:41   0:00 /usr/libexec/goa-identity-service
test103    21396  0.0  0.0 956108 29052 ?        Sl   14:41   0:00 /usr/libexec/evolution-addressbook-factory
test103    21402  0.0  0.0 533124 10976 ?        Sl   14:41   0:00 /usr/libexec/gvfs-udisks2-volume-monitor
test103    21406  0.0  0.0  10444  4244 ?        Ss   14:41   0:00 /usr/bin/dbus-broker-launch --scope user
test103    21412  0.0  0.0   4844  1340 ?        S    14:41   0:00 dbus-broker --log 4 --controller 9 --machine-id c341780e88a04800982a41eea47639d3 --max-bytes 100000000000000 --max-fds 25000000000000 --max-matches 5000000000
test103    21425  0.0  0.0 448220  6312 ?        Sl   14:41   0:00 /usr/libexec/gvfs-mtp-volume-monitor
test103    21433  0.0  0.0 450200  7424 ?        Sl   14:41   0:00 /usr/libexec/gvfs-gphoto2-volume-monitor
test103    21441  0.0  0.0 448288  6240 ?        Sl   14:41   0:00 /usr/libexec/gvfs-goa-volume-monitor
test103    21447  0.0  0.0 526464  7792 ?        Sl   14:41   0:00 /usr/libexec/gvfs-afc-volume-monitor
test103    21469  0.0  0.0 3128196 26620 ?       Sl   14:41   0:00 /usr/bin/gjs /usr/share/gnome-shell/org.gnome.Shell.Notifications
test103    21486  0.0  0.0 528820  8636 ?        Sl   14:41   0:00 /usr/libexec/gsd-wwan
test103    21493  0.0  0.0 671536  7352 ?        Sl   14:41   0:00 /usr/libexec/gsd-usb-protection
test103    21498  0.0  0.0 875052 31508 ?        Sl   14:41   0:00 /usr/libexec/gsd-media-keys
test103    21499  0.0  0.0 669620  6308 ?        Sl   14:41   0:00 /usr/libexec/gsd-rfkill
test103    21502  0.0  0.0 522180  6320 ?        Sl   14:41   0:00 /usr/libexec/gsd-a11y-settings
test103    21505  0.0  0.0 591432 28764 ?        Sl   14:41   0:00 /usr/libexec/gsd-wacom
test103    21507  0.0  0.0 739740 30100 ?        Sl   14:41   0:00 /usr/libexec/gsd-power
test103    21509  0.0  0.0 448040  5976 ?        Sl   14:41   0:00 /usr/libexec/gsd-screensaver-proxy
test103    21511  0.0  0.0 825612 30912 ?        Sl   14:41   0:00 /usr/libexec/gsd-color
test103    21514  0.0  0.0 665492 28924 ?        Sl   14:41   0:00 /usr/libexec/gsd-xsettings
test103    21515  0.0  0.0 465544 13144 ?        Sl   14:41   0:00 /usr/libexec/gsd-print-notifications
test103    21517  0.0  0.0 677900 10080 ?        Sl   14:41   0:00 /usr/libexec/gsd-sharing
test103    21520  0.0  0.0 593704 18572 ?        Sl   14:41   0:00 /usr/libexec/gsd-datetime
test103    21522  0.0  0.0 608296 13380 ?        Sl   14:41   0:00 /usr/libexec/gsd-smartcard
test103    21524  0.0  0.0 524564  7500 ?        Sl   14:41   0:00 /usr/libexec/gsd-housekeeping
test103    21527  0.0  0.0 530612  8920 ?        Sl   14:41   0:00 /usr/libexec/gsd-sound
test103    21530  0.0  0.0 664892 28868 ?        Sl   14:41   0:00 /usr/libexec/gsd-keyboard
test103    21580  0.0  0.0 3128212 26648 ?       Sl   14:41   0:00 /usr/bin/gjs /usr/share/gnome-shell/org.gnome.ScreenSaver
test103    21654  0.0  0.0 232172  6420 ?        Sl   14:41   0:00 /usr/libexec/gsd-disk-utility-notify
test103    21665  0.2  0.6 1314360 211328 ?      Sl   14:41   0:02 /usr/bin/gnome-software --gapplication-service
test103    21683  0.0  0.0 874416 28816 ?        SNl  14:41   0:00 /usr/libexec/tracker-miner-fs-3
test103    21686  0.0  0.0 527408 24424 ?        Sl   14:41   0:00 /usr/bin/abrt-applet --gapplication-service
test103    21687  0.0  0.2 914708 65744 ?        Sl   14:41   0:00 /usr/libexec/evolution-data-server/evolution-alarm-notify
test103    21743  0.0  0.0 375244  6956 ?        Sl   14:41   0:00 /usr/libexec/ibus-engine-simple
test103    21788  0.0  0.0 597404 19856 ?        Sl   14:41   0:00 /usr/libexec/gsd-printer
test103    21839  0.0  0.0 374876  6264 ?        Sl   14:41   0:00 /usr/libexec/gvfsd-metadata
test103    22116  0.2  0.1 692560 53284 ?        Sl   14:41   0:03 /usr/libexec/gnome-terminal-server
test103    22135  0.0  0.0 224216  5724 pts/5    Ss+  14:41   0:00 bash
test103    22216  0.0  0.0   1084     4 ?        S    14:42   0:00 catatonit -P
test103    22458  0.0  0.0 224216  5800 pts/6    Ss   14:43   0:00 bash
test103    22526  0.0  0.0 224216  5724 pts/7    Ss+  14:44   0:00 bash
test103    23679  0.0  0.0 224216  5768 pts/8    Ss+  14:47   0:00 bash
test103    27486  0.0  0.0 225292  3572 pts/6    R+   15:01   0:00 ps axuw
test103    27487  0.0  0.0 221800  2268 pts/6    S+   15:01   0:00 grep --color=auto test103
[test103@laptop ~]$ 
[test103@laptop ~]$ rpm -q systemd
systemd-249.9-1.fc35.x86_64
[test103@laptop ~]$ rpm -q podman
podman-4.0.2-1.fc35.x86_64
[test103@laptop ~]$ rpm -q crun
crun-1.4.2-1.fc35.x86_64
[test103@laptop ~]$

I also tried creating the new user test104 and logged in to another virtual console. I skipped running startx and instead ran podman build -t test /tmp/e directly. It worked.

  1. As root run

    [root@laptop ~]# useradd test104
[root@laptop ~]# passwd test104
Changing password for user test104.
New password: 
Retype new password: 
passwd: all authentication tokens updated successfully.
[root@laptop ~]#

  2. Switch to a virtual console by pressing Ctrl-Alt-F4

  3. Log in with the user test104

  4. Build the container image

    [test104@laptop ~]$ podman build -t test /tmp/e

The command succeeded.

Output of podman version:

podman version 4.0.2

Output of podman info --debug:

host:
  arch: amd64
  buildahVersion: 1.24.1
  cgroupControllers:
  - memory
  - pids
  cgroupManager: systemd
  cgroupVersion: v2
  conmon:
    package: conmon-2.1.0-2.fc35.x86_64
    path: /usr/bin/conmon
    version: 'conmon version 2.1.0, commit: '
  cpus: 8
  distribution:
    distribution: fedora
    variant: workstation
    version: "35"
  eventLogger: journald
  hostname: laptop
  idMappings:
    gidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 65536
    uidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 65536
  kernel: 5.16.11-200.fc35.x86_64
  linkmode: dynamic
  logDriver: journald
  memFree: 23948242944
  memTotal: 33452261376
  networkBackend: netavark
  ociRuntime:
    name: crun
    package: crun-1.4.2-1.fc35.x86_64
    path: /usr/bin/crun
    version: |-
      crun version 1.4.2
      commit: f6fbc8f840df1a414f31a60953ae514fa497c748
      spec: 1.0.0
      +SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +CRIU +YAJL
  os: linux
  remoteSocket:
    path: /run/user/1000/podman/podman.sock
  security:
    apparmorEnabled: false
    capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
    rootless: true
    seccompEnabled: true
    seccompProfilePath: /usr/share/containers/seccomp.json
    selinuxEnabled: true
  serviceIsRemote: false
  slirp4netns:
    executable: /usr/bin/slirp4netns
    package: slirp4netns-1.1.12-2.fc35.x86_64
    version: |-
      slirp4netns version 1.1.12
      commit: 7a104a101aa3278a2152351a082a6df71f57c9a3
      libslirp: 4.6.1
      SLIRP_CONFIG_VERSION_MAX: 3
      libseccomp: 2.5.3
  swapFree: 9124700160
  swapTotal: 9124700160
  uptime: 2h 31m 20.12s (Approximately 0.08 days)
plugins:
  log:
  - k8s-file
  - none
  - passthrough
  - journald
  network:
  - bridge
  - macvlan
  volume:
  - local
registries:
  search:
  - registry.fedoraproject.org
  - registry.access.redhat.com
  - docker.io
  - quay.io
store:
  configFile: /home/esjolund/.config/containers/storage.conf
  containerStore:
    number: 7
    paused: 0
    running: 0
    stopped: 7
  graphDriverName: overlay
  graphOptions: {}
  graphRoot: /home/esjolund/.local/share/containers/storage
  graphStatus:
    Backing Filesystem: xfs
    Native Overlay Diff: "true"
    Supports d_type: "true"
    Using metacopy: "false"
  imageCopyTmpDir: /var/tmp
  imageStore:
    number: 7
  runRoot: /run/user/1000/containers
  volumePath: /home/esjolund/.local/share/containers/storage/volumes
version:
  APIVersion: 4.0.2
  Built: 1646319416
  BuiltTime: Thu Mar  3 15:56:56 2022
  GitCommit: ""
  GoVersion: go1.16.14
  OsArch: linux/amd64
  Version: 4.0.2

Package info (e.g. output of rpm -q podman or apt list podman):

podman-4.0.2-1.fc35.x86_64

Have you tested with the latest version of Podman and have you checked the Podman Troubleshooting Guide? (https://github.com/containers/podman/blob/main/troubleshooting.md)

Yes

eriksjolund commented 2 years ago

Observation 1: I repeated the first test (i.e. see user test103 above) but now with --log-level=debug. The command systemd-cgls --no-pager -u user-$(id -u).slice was also run.

Click to expand! ``` [test114@laptop ~]$ systemd-cgls --no-pager -u user-$(id -u).slice Unit user-1074.slice (/user.slice/user-1074.slice): ├─session-25.scope │ ├─ 7337 login -- test114 │ ├─22609 -bash │ ├─22668 /usr/bin/sh /usr/bin/startx │ ├─22690 xinit /etc/X11/xinit/xinitrc -- /usr/bin/X :3 vt4 -keeptty -auth /home/test114/.serverauth.22668 │ ├─22691 /usr/libexec/Xorg :3 vt4 -keeptty -auth /home/test114/.serverauth.22668 │ ├─22757 /usr/libexec/gnome-session-binary │ ├─22770 dbus-launch --sh-syntax --exit-with-session │ ├─22772 /usr/bin/dbus-daemon --syslog --fork --print-pid 5 --print-address 7 --session │ ├─22805 /usr/bin/ssh-agent /etc/X11/xinit/Xclients │ ├─22824 /usr/libexec/at-spi-bus-launcher │ ├─22829 /usr/bin/dbus-daemon --config-file=/usr/share/defaults/at-spi2/accessibility.conf --nofork --print-address 3 │ ├─22833 /usr/libexec/gvfsd │ ├─22838 /usr/libexec/gvfsd-fuse /run/user/1074/gvfs -f │ ├─22861 /usr/bin/gnome-keyring-daemon --start --components=ssh │ ├─22871 /usr/bin/gnome-shell │ ├─22908 ibus-daemon --panel disable --xim │ ├─22911 /usr/libexec/xdg-permission-store │ ├─22915 /usr/libexec/gnome-shell-calendar-server │ ├─22923 /usr/libexec/evolution-source-registry │ ├─22929 /usr/libexec/dconf-service │ ├─22934 /usr/libexec/goa-daemon │ ├─22940 /usr/libexec/evolution-calendar-factory │ ├─22958 /usr/libexec/goa-identity-service │ ├─22990 /usr/libexec/gvfs-udisks2-volume-monitor │ ├─22992 /usr/libexec/gvfsd-metadata │ ├─23003 /usr/libexec/evolution-addressbook-factory │ ├─23010 /usr/libexec/gvfs-mtp-volume-monitor │ ├─23019 /usr/libexec/gvfs-gphoto2-volume-monitor │ ├─23029 /usr/libexec/gvfs-goa-volume-monitor │ ├─23040 /usr/libexec/gvfs-afc-volume-monitor │ ├─23055 /usr/libexec/ibus-dconf │ ├─23056 /usr/libexec/ibus-extension-gtk3 │ ├─23058 /usr/libexec/ibus-x11 --kill-daemon │ ├─23060 /usr/libexec/ibus-portal │ ├─23075 /usr/bin/gjs /usr/share/gnome-shell/org.gnome.Shell.Notifications │ ├─23077 /usr/libexec/at-spi2-registryd --use-gnome-session │ ├─23097 /usr/libexec/gsd-wwan │ ├─23103 /usr/libexec/gsd-usb-protection │ ├─23109 /usr/libexec/gsd-media-keys │ ├─23112 /usr/libexec/gsd-rfkill │ ├─23114 /usr/libexec/gsd-a11y-settings │ ├─23118 /usr/libexec/gsd-wacom │ ├─23120 /usr/libexec/gsd-power │ ├─23122 /usr/libexec/gsd-screensaver-proxy │ ├─23123 /usr/libexec/gsd-color │ ├─23125 /usr/libexec/gsd-xsettings │ ├─23128 /usr/libexec/gsd-print-notifications │ ├─23130 /usr/libexec/gsd-sharing │ ├─23131 /usr/libexec/gsd-datetime │ ├─23133 /usr/libexec/gsd-smartcard │ ├─23135 /usr/libexec/gsd-housekeeping │ ├─23138 /usr/libexec/gsd-sound │ ├─23141 /usr/libexec/gsd-keyboard │ ├─23208 /usr/bin/gjs /usr/share/gnome-shell/org.gnome.ScreenSaver │ ├─23271 /usr/libexec/gsd-disk-utility-notify │ ├─23285 /usr/bin/gnome-software --gapplication-service │ ├─23302 /usr/libexec/tracker-miner-fs-3 │ ├─23304 /usr/libexec/evolution-data-server/evolution-alarm-notify │ ├─23309 /usr/bin/abrt-applet --gapplication-service │ ├─23333 /usr/libexec/gsd-printer │ ├─23432 /usr/libexec/ibus-engine-simple │ ├─23751 /usr/libexec/gnome-terminal-server │ ├─23770 bash │ └─24330 systemd-cgls --no-pager -u user-1074.slice └─user@1074.service ├─session.slice │ ├─dbus-broker.service │ │ ├─22973 /usr/bin/dbus-broker-launch --scope user │ │ └─22976 dbus-broker --log 4 --controller 9 --machine-id c341780e88a04800982a41eea47639d3 --max-bytes 100000000000000 --max-fds 25000000000000 --max-matches 5000000000 │ ├─pipewire-pulse.service │ │ └─22942 /usr/bin/pipewire-pulse │ ├─wireplumber.service │ │ └─22941 /usr/bin/wireplumber │ └─pipewire.service │ └─22938 /usr/bin/pipewire └─init.scope ├─22577 /usr/lib/systemd/systemd --user └─22582 (sd-pam) [test114@laptop ~]$ [test114@laptop ~]$ podman --log-level=debug build -t test /tmp/e INFO[0000] podman filtering at log level debug DEBU[0000] Called build.PersistentPreRunE(podman --log-level=debug build -t test /tmp/e) DEBU[0000] Merged system config "/usr/share/containers/containers.conf" DEBU[0000] Using conmon: "/usr/bin/conmon" DEBU[0000] Initializing boltdb state at /home/test114/.local/share/containers/storage/libpod/bolt_state.db DEBU[0000] Using graph driver overlay DEBU[0000] Using graph root /home/test114/.local/share/containers/storage DEBU[0000] Using run root /run/user/1074/containers DEBU[0000] Using static dir /home/test114/.local/share/containers/storage/libpod DEBU[0000] Using tmp dir /run/user/1074/libpod/tmp DEBU[0000] Using volume path /home/test114/.local/share/containers/storage/volumes DEBU[0000] Set libpod namespace to "" DEBU[0000] Not configuring container store DEBU[0000] Initializing event backend journald DEBU[0000] Configured OCI runtime kata initialization failed: no valid executable found for OCI runtime kata: invalid argument DEBU[0000] Configured OCI runtime runsc initialization failed: no valid executable found for OCI runtime runsc: invalid argument DEBU[0000] Configured OCI runtime krun initialization failed: no valid executable found for OCI runtime krun: invalid argument DEBU[0000] Using OCI runtime "/usr/bin/crun" INFO[0000] podman filtering at log level debug DEBU[0000] Called build.PersistentPreRunE(podman --log-level=debug build -t test /tmp/e) DEBU[0000] Cached value indicated that overlay is supported DEBU[0000] Merged system config "/usr/share/containers/containers.conf" DEBU[0000] Cached value indicated that overlay is supported DEBU[0000] Using conmon: "/usr/bin/conmon" DEBU[0000] Initializing boltdb state at /home/test114/.local/share/containers/storage/libpod/bolt_state.db DEBU[0000] Using graph driver overlay DEBU[0000] Using graph root /home/test114/.local/share/containers/storage DEBU[0000] Using run root /run/user/1074/containers DEBU[0000] Using static dir /home/test114/.local/share/containers/storage/libpod DEBU[0000] Using tmp dir /run/user/1074/libpod/tmp DEBU[0000] Using volume path /home/test114/.local/share/containers/storage/volumes DEBU[0000] Cached value indicated that overlay is supported DEBU[0000] Set libpod namespace to "" DEBU[0000] [graphdriver] trying provided driver "overlay" DEBU[0000] Cached value indicated that overlay is supported DEBU[0000] overlay: test mount indicated that metacopy is not being used DEBU[0000] backingFs=xfs, projectQuotaSupported=false, useNativeDiff=true, usingMetacopy=false DEBU[0000] Initializing event backend journald DEBU[0000] Configured OCI runtime kata initialization failed: no valid executable found for OCI runtime kata: invalid argument DEBU[0000] Configured OCI runtime runsc initialization failed: no valid executable found for OCI runtime runsc: invalid argument DEBU[0000] Configured OCI runtime krun initialization failed: no valid executable found for OCI runtime krun: invalid argument DEBU[0000] Using OCI runtime "/usr/bin/crun" DEBU[0000] Successfully loaded 1 networks DEBU[0000] Initialized SHM lock manager at path /libpod_rootless_lock_1074 DEBU[0000] Podman detected system restart - performing state refresh INFO[0000] Setting parallel job count to 25 DEBU[0000] Failed to add podman to systemd sandbox cgroup: Process org.freedesktop.systemd1 exited with status 1 DEBU[0000] base for stage 0: "docker.io/library/alpine" DEBU[0000] FROM "docker.io/library/alpine" STEP 1/2: FROM docker.io/library/alpine DEBU[0000] Pulling image docker.io/library/alpine (policy: missing) DEBU[0000] Looking up image "docker.io/library/alpine" in local containers storage DEBU[0000] Normalized platform linux/amd64 to {amd64 linux [] } DEBU[0000] Trying "docker.io/library/alpine" ... DEBU[0000] Trying "docker.io/library/alpine:latest" ... DEBU[0000] Trying "docker.io/library/alpine:latest" ... DEBU[0000] Loading registries configuration "/etc/containers/registries.conf" DEBU[0000] Loading registries configuration "/etc/containers/registries.conf.d/000-shortnames.conf" DEBU[0000] Normalized platform linux/amd64 to {amd64 linux [] } DEBU[0000] Attempting to pull candidate docker.io/library/alpine:latest for docker.io/library/alpine DEBU[0000] parsed reference into "[overlay@/home/test114/.local/share/containers/storage+/run/user/1074/containers]docker.io/library/alpine:latest" Trying to pull docker.io/library/alpine:latest... DEBU[0000] Copying source image //alpine:latest to destination image [overlay@/home/test114/.local/share/containers/storage+/run/user/1074/containers]docker.io/library/alpine:latest DEBU[0000] Trying to access "docker.io/library/alpine:latest" DEBU[0000] No credentials matching docker.io/library/alpine found in /run/user/1074/containers/auth.json DEBU[0000] No credentials matching docker.io/library/alpine found in /home/test114/.config/containers/auth.json DEBU[0000] No credentials matching docker.io/library/alpine found in /home/test114/.docker/config.json DEBU[0000] No credentials matching docker.io/library/alpine found in /home/test114/.dockercfg DEBU[0000] No credentials for docker.io/library/alpine found DEBU[0000] Using registries.d directory /etc/containers/registries.d for sigstore configuration DEBU[0000] Using "default-docker" configuration DEBU[0000] No signature storage configuration found for docker.io/library/alpine:latest, using built-in default file:///home/test114/.local/share/containers/sigstore DEBU[0000] Looking for TLS certificates and private keys in /etc/docker/certs.d/docker.io DEBU[0000] GET https://registry-1.docker.io/v2/ DEBU[0000] Ping https://registry-1.docker.io/v2/ status 401 DEBU[0000] GET https://auth.docker.io/token?scope=repository%3Alibrary%2Falpine%3Apull&service=registry.docker.io DEBU[0000] GET https://registry-1.docker.io/v2/library/alpine/manifests/latest DEBU[0001] Content-Type from manifest GET is "application/vnd.docker.distribution.manifest.list.v2+json" DEBU[0001] Using blob info cache at /home/test114/.local/share/containers/cache/blob-info-cache-v1.boltdb DEBU[0001] Source is a manifest list; copying (only) instance sha256:e7d88de73db3d3fd9b2d63aa7f447a10fd0220b7cbf39803c803f2af9ba256b3 for current system DEBU[0001] GET https://registry-1.docker.io/v2/library/alpine/manifests/sha256:e7d88de73db3d3fd9b2d63aa7f447a10fd0220b7cbf39803c803f2af9ba256b3 DEBU[0001] Content-Type from manifest GET is "application/vnd.docker.distribution.manifest.v2+json" DEBU[0001] IsRunningImageAllowed for image docker:docker.io/library/alpine:latest DEBU[0001] Using default policy section DEBU[0001] Requirement 0: allowed DEBU[0001] Overall: allowed DEBU[0001] Downloading /v2/library/alpine/blobs/sha256:c059bfaa849c4d8e4aecaeb3a10c2d9b3d85f5165c66ad3a4d937758128c4d18 DEBU[0001] GET https://registry-1.docker.io/v2/library/alpine/blobs/sha256:c059bfaa849c4d8e4aecaeb3a10c2d9b3d85f5165c66ad3a4d937758128c4d18 Getting image source signatures DEBU[0002] Reading /home/test114/.local/share/containers/sigstore/library/alpine@sha256=e7d88de73db3d3fd9b2d63aa7f447a10fd0220b7cbf39803c803f2af9ba256b3/signature-1 DEBU[0002] Manifest has MIME type application/vnd.docker.distribution.manifest.v2+json, ordered candidate list [application/vnd.docker.distribution.manifest.v2+json, application/vnd.docker.distribution.manifest.v1+prettyjws, application/vnd.oci.image.manifest.v1+json, application/vnd.docker.distribution.manifest.v1+json] DEBU[0002] ... will first try using the original manifest unmodified DEBU[0002] Failed to retrieve partial blob: blob type not supported for partial retrieval DEBU[0002] Downloading /v2/library/alpine/blobs/sha256:59bf1c3509f33515622619af21ed55bbe26d24913cedbca106468a5fb37a50c3 DEBU[0002] GET https://registry-1.docker.io/v2/library/alpine/blobs/sha256:59bf1c3509f33515622619af21ed55bbe26d24913cedbca106468a5fb37a50c3 DEBU[0003] Detected compression format gzip DEBU[0003] Using original blob without modification Copying blob 59bf1c3509f3 done DEBU[0003] Applying tar in /home/test114/.local/share/containers/storage/overlay/8d3ac3489996423f53d6087c81180006263b79f206d3fdec9e66f0e27ceb8759/diff DEBU[0003] No compression detected DEBU[0003] Using original blob without modification Copying config c059bfaa84 done Writing manifest to image destination Storing signatures DEBU[0003] setting image creation date to 2021-11-24 20:19:40.483367546 +0000 UTC DEBU[0003] created new image ID "c059bfaa849c4d8e4aecaeb3a10c2d9b3d85f5165c66ad3a4d937758128c4d18" DEBU[0003] saved image metadata "{\"signatures-sizes\":{\"sha256:e7d88de73db3d3fd9b2d63aa7f447a10fd0220b7cbf39803c803f2af9ba256b3\":[]}}" DEBU[0003] set names of image "c059bfaa849c4d8e4aecaeb3a10c2d9b3d85f5165c66ad3a4d937758128c4d18" to [docker.io/library/alpine:latest] DEBU[0003] Pulled candidate docker.io/library/alpine:latest successfully DEBU[0003] Looking up image "c059bfaa849c4d8e4aecaeb3a10c2d9b3d85f5165c66ad3a4d937758128c4d18" in local containers storage DEBU[0003] Normalized platform linux/amd64 to {amd64 linux [] } DEBU[0003] Trying "c059bfaa849c4d8e4aecaeb3a10c2d9b3d85f5165c66ad3a4d937758128c4d18" ... DEBU[0003] parsed reference into "[overlay@/home/test114/.local/share/containers/storage+/run/user/1074/containers]@c059bfaa849c4d8e4aecaeb3a10c2d9b3d85f5165c66ad3a4d937758128c4d18" DEBU[0003] Found image "c059bfaa849c4d8e4aecaeb3a10c2d9b3d85f5165c66ad3a4d937758128c4d18" as "c059bfaa849c4d8e4aecaeb3a10c2d9b3d85f5165c66ad3a4d937758128c4d18" in local containers storage DEBU[0003] Found image "c059bfaa849c4d8e4aecaeb3a10c2d9b3d85f5165c66ad3a4d937758128c4d18" as "c059bfaa849c4d8e4aecaeb3a10c2d9b3d85f5165c66ad3a4d937758128c4d18" in local containers storage ([overlay@/home/test114/.local/share/containers/storage+/run/user/1074/containers]@c059bfaa849c4d8e4aecaeb3a10c2d9b3d85f5165c66ad3a4d937758128c4d18) DEBU[0003] exporting opaque data as blob "sha256:c059bfaa849c4d8e4aecaeb3a10c2d9b3d85f5165c66ad3a4d937758128c4d18" DEBU[0003] [graphdriver] trying provided driver "overlay" DEBU[0003] Cached value indicated that overlay is supported DEBU[0003] Cached value indicated that metacopy is not being used DEBU[0003] backingFs=xfs, projectQuotaSupported=false, useNativeDiff=true, usingMetacopy=false DEBU[0003] overlay: test mount indicated that volatile is being used DEBU[0003] overlay: mount_data=,lowerdir=/home/test114/.local/share/containers/storage/overlay/l/C4QHPZT2X2IZ5RU6LA5AWRIUJR,upperdir=/home/test114/.local/share/containers/storage/overlay/04857666a48d100f290c79656067242393e4ddb26389f665227f51b33a2efcdc/diff,workdir=/home/test114/.local/share/containers/storage/overlay/04857666a48d100f290c79656067242393e4ddb26389f665227f51b33a2efcdc/work,userxattr,volatile,context="system_u:object_r:container_file_t:s0:c202,c949" DEBU[0003] Container ID: 77034a40f8cc9914516710b1de133cd7889cc949991c7dc85c8824de5e0527f3 DEBU[0003] Parsed Step: {Env:[PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin] Command:run Args:[/bin/true] Flags:[] Attrs:map[] Message:RUN /bin/true Original:RUN /bin/true} STEP 2/2: RUN /bin/true DEBU[0003] parsed reference into "[overlay@/home/test114/.local/share/containers/storage+/run/user/1074/containers]@c059bfaa849c4d8e4aecaeb3a10c2d9b3d85f5165c66ad3a4d937758128c4d18" DEBU[0003] exporting opaque data as blob "sha256:c059bfaa849c4d8e4aecaeb3a10c2d9b3d85f5165c66ad3a4d937758128c4d18" DEBU[0003] RUN imagebuilder.Run{Shell:true, Args:[]string{"/bin/true"}, Mounts:[]string(nil)}, docker.Config{Hostname:"", Domainname:"", User:"", Memory:0, MemorySwap:0, MemoryReservation:0, KernelMemory:0, CPUShares:0, CPUSet:"", PortSpecs:[]string(nil), ExposedPorts:map[docker.Port]struct {}{}, PublishService:"", StopSignal:"", StopTimeout:0, Env:[]string{"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"}, Cmd:[]string{"/bin/sh"}, Shell:[]string{}, Healthcheck:(*docker.HealthConfig)(nil), DNS:[]string(nil), Image:"", Volumes:map[string]struct {}{}, VolumeDriver:"", WorkingDir:"", MacAddress:"", Entrypoint:[]string{}, SecurityOpts:[]string(nil), OnBuild:[]string{}, Mounts:[]docker.Mount(nil), Labels:map[string]string{}, AttachStdin:false, AttachStdout:false, AttachStderr:false, ArgsEscaped:false, Tty:false, OpenStdin:false, StdinOnce:false, NetworkDisabled:false, VolumesFrom:""} DEBU[0003] using "/var/tmp/buildah715766979" to hold bundle data DEBU[0003] Forcing use of an IPC namespace. DEBU[0003] Forcing use of a PID namespace. DEBU[0003] Forcing use of a user namespace. DEBU[0003] Resources: &define.CommonBuildOptions{AddHost:[]string{}, CgroupParent:"", CPUPeriod:0x0, CPUQuota:0, CPUShares:0x0, CPUSetCPUs:"", CPUSetMems:"", HTTPProxy:true, Memory:0, DNSSearch:[]string{}, DNSServers:[]string{}, DNSOptions:[]string{}, MemorySwap:0, LabelOpts:[]string(nil), OmitTimestamp:false, SeccompProfilePath:"/usr/share/containers/seccomp.json", ApparmorProfile:"", ShmSize:"65536k", Ulimit:[]string{}, Volumes:[]string{}, Secrets:[]string{}, SSHSources:[]string{}} DEBU[0003] [graphdriver] trying provided driver "overlay" DEBU[0003] Cached value indicated that overlay is supported DEBU[0003] Cached value indicated that metacopy is not being used DEBU[0003] backingFs=xfs, projectQuotaSupported=false, useNativeDiff=true, usingMetacopy=false DEBU[0003] adding slirp4netns 10.0.2.3 built-in DNS server DEBU[0003] /etc/system-fips does not exist on host, not mounting FIPS mode subscription DEBU[0000] bind mounted "/home/test114/.local/share/containers/storage/overlay/04857666a48d100f290c79656067242393e4ddb26389f665227f51b33a2efcdc/merged" to "/var/tmp/buildah715766979/mnt/rootfs" DEBU[0000] bind mounted "/home/test114/.local/share/containers/storage/overlay-containers/77034a40f8cc9914516710b1de133cd7889cc949991c7dc85c8824de5e0527f3/userdata/run/secrets" to "/var/tmp/buildah715766979/mnt/buildah-bind-target-3" DEBU[0000] config = {"ociVersion":"1.0.2-dev","process":{"user":{"uid":0,"gid":0,"additionalGids":[0,1,2,3,4,6,10,11,20,26,27]},"args":["/bin/sh","-c","/bin/true"],"env":["PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin","HOSTNAME=77034a40f8cc"],"cwd":"/","capabilities":{"bounding":["CAP_CHOWN","CAP_DAC_OVERRIDE","CAP_FOWNER","CAP_FSETID","CAP_KILL","CAP_NET_BIND_SERVICE","CAP_SETFCAP","CAP_SETGID","CAP_SETPCAP","CAP_SETUID","CAP_SYS_CHROOT"],"effective":["CAP_CHOWN","CAP_DAC_OVERRIDE","CAP_FOWNER","CAP_FSETID","CAP_KILL","CAP_NET_BIND_SERVICE","CAP_SETFCAP","CAP_SETGID","CAP_SETPCAP","CAP_SETUID","CAP_SYS_CHROOT"],"inheritable":["CAP_CHOWN","CAP_DAC_OVERRIDE","CAP_FOWNER","CAP_FSETID","CAP_KILL","CAP_NET_BIND_SERVICE","CAP_SETFCAP","CAP_SETGID","CAP_SETPCAP","CAP_SETUID","CAP_SYS_CHROOT"],"permitted":["CAP_CHOWN","CAP_DAC_OVERRIDE","CAP_FOWNER","CAP_FSETID","CAP_KILL","CAP_NET_BIND_SERVICE","CAP_SETFCAP","CAP_SETGID","CAP_SETPCAP","CAP_SETUID","CAP_SYS_CHROOT"],"ambient":["CAP_CHOWN","CAP_DAC_OVERRIDE","CAP_FOWNER","CAP_FSETID","CAP_KILL","CAP_NET_BIND_SERVICE","CAP_SETFCAP","CAP_SETGID","CAP_SETPCAP","CAP_SETUID","CAP_SYS_CHROOT"]},"rlimits":[{"type":"RLIMIT_NOFILE","hard":1024,"soft":1024}],"selinuxLabel":"system_u:system_r:container_t:s0:c202,c949"},"root":{"path":"/var/tmp/buildah715766979/mnt/rootfs"},"hostname":"77034a40f8cc","mounts":[{"destination":"/sys","type":"sysfs","source":"sysfs","options":["nosuid","noexec","nodev","ro"]},{"destination":"/proc","type":"proc","source":"proc","options":["nosuid","noexec","nodev"]},{"destination":"/dev","type":"tmpfs","source":"tmpfs","options":["nosuid","noexec","strictatime","mode=755","size=65536k"]},{"destination":"/run/secrets","type":"bind","source":"/var/tmp/buildah715766979/mnt/buildah-bind-target-3","options":["bind","rprivate"]},{"destination":"/run/.containerenv","type":"bind","source":"/var/tmp/buildah715766979/run/.containerenv","options":["rbind"]},{"destination":"/etc/hosts","type":"bind","source":"/var/tmp/buildah715766979/hosts","options":["rbind"]},{"destination":"/dev/pts","type":"devpts","source":"devpts","options":["nosuid","noexec","newinstance","ptmxmode=0666","mode=0620","gid=5"]},{"destination":"/dev/shm","type":"tmpfs","source":"shm","options":["nosuid","noexec","nodev","mode=1777","size=65536k"]},{"destination":"/dev/mqueue","type":"mqueue","source":"mqueue","options":["nosuid","noexec","nodev"]},{"destination":"/etc/resolv.conf","type":"bind","source":"/var/tmp/buildah715766979/resolv.conf","options":["rbind"]},{"destination":"/sys/fs/cgroup","type":"cgroup","source":"cgroup","options":["nosuid","noexec","nodev","relatime","ro"]}],"linux":{"uidMappings":[{"containerID":0,"hostID":0,"size":1},{"containerID":1,"hostID":1,"size":65536}],"gidMappings":[{"containerID":0,"hostID":0,"size":1},{"containerID":1,"hostID":1,"size":65536}],"resources":{"devices":[{"allow":false,"access":"rwm"}]},"namespaces":[{"type":"pid"},{"type":"network"},{"type":"ipc"},{"type":"uts"},{"type":"mount"},{"type":"cgroup"},{"type":"user"}],"seccomp":{"defaultAction":"SCMP_ACT_ERRNO","defaultErrnoRet":38,"architectures":["SCMP_ARCH_X86_64","SCMP_ARCH_X86","SCMP_ARCH_X32"],"syscalls":[{"names":["bdflush","io_pgetevents","kexec_file_load","kexec_load","migrate_pages","move_pages","nfsservctl","nice","oldfstat","oldlstat","oldolduname","oldstat","olduname","pciconfig_iobase","pciconfig_read","pciconfig_write","sgetmask","ssetmask","swapcontext","swapoff","swapon","sysfs","uselib","userfaultfd","ustat","vm86","vm86old","vmsplice"],"action":"SCMP_ACT_ERRNO","errnoRet":1},{"names":["_llseek","_newselect","accept","accept4","access","adjtimex","alarm","bind","brk","capget","capset","chdir","chmod","chown","chown32","clock_adjtime","clock_adjtime64","clock_getres","clock_getres_time64","clock_gettime","clock_gettime64","clock_nanosleep","clock_nanosleep_time64","clone","clone3","close","close_range","connect","copy_file_range","creat","dup","dup2","dup3","epoll_create","epoll_create1","epoll_ctl","epoll_ctl_old","epoll_pwait","epoll_pwait2","epoll_wait","epoll_wait_old","eventfd","eventfd2","execve","execveat","exit","exit_group","faccessat","faccessat2","fadvise64","fadvise64_64","fallocate","fanotify_mark","fchdir","fchmod","fchmodat","fchown","fchown32","fchownat","fcntl","fcntl64","fdatasync","fgetxattr","flistxattr","flock","fork","fremovexattr","fsconfig","fsetxattr","fsmount","fsopen","fspick","fstat","fstat64","fstatat64","fstatfs","fstatfs64","fsync","ftruncate","ftruncate64","futex","futex_time64","futimesat","get_robust_list","get_thread_area","getcpu","getcwd","getdents","getdents64","getegid","getegid32","geteuid","geteuid32","getgid","getgid32","getgroups","getgroups32","getitimer","get_mempolicy","getpeername","getpgid","getpgrp","getpid","getppid","getpriority","getrandom","getresgid","getresgid32","getresuid","getresuid32","getrlimit","getrusage","getsid","getsockname","getsockopt","gettid","gettimeofday","getuid","getuid32","getxattr","inotify_add_watch","inotify_init","inotify_init1","inotify_rm_watch","io_cancel","io_destroy","io_getevents","io_setup","io_submit","ioctl","ioprio_get","ioprio_set","ipc","keyctl","kill","lchown","lchown32","lgetxattr","link","linkat","listen","listxattr","llistxattr","lremovexattr","lseek","lsetxattr","lstat","lstat64","madvise","mbind","memfd_create","memfd_secret","mincore","mkdir","mkdirat","mknod","mknodat","mlock","mlock2","mlockall","mmap","mmap2","mount","move_mount","mprotect","mq_getsetattr","mq_notify","mq_open","mq_timedreceive","mq_timedreceive_time64","mq_timedsend","mq_timedsend_time64","mq_unlink","mremap","msgctl","msgget","msgrcv","msgsnd","msync","munlock","munlockall","munmap","name_to_handle_at","nanosleep","newfstatat","open","openat","openat2","open_tree","pause","pidfd_getfd","pidfd_open","pidfd_send_signal","pipe","pipe2","pivot_root","pkey_alloc","pkey_free","pkey_mprotect","poll","ppoll","ppoll_time64","prctl","pread64","preadv","preadv2","prlimit64","pselect6","pselect6_time64","pwrite64","pwritev","pwritev2","read","readahead","readdir","readlink","readlinkat","readv","reboot","recv","recvfrom","recvmmsg","recvmmsg_time64","recvmsg","remap_file_pages","removexattr","rename","renameat","renameat2","restart_syscall","rmdir","rseq","rt_sigaction","rt_sigpending","rt_sigprocmask","rt_sigqueueinfo","rt_sigreturn","rt_sigsuspend","rt_sigtimedwait","rt_sigtimedwait_time64","rt_tgsigqueueinfo","sched_get_priority_max","sched_get_priority_min","sched_getaffinity","sched_getattr","sched_getparam","sched_getscheduler","sched_rr_get_interval","sched_rr_get_interval_time64","sched_setaffinity","sched_setattr","sched_setparam","sched_setscheduler","sched_yield","seccomp","select","semctl","semget","semop","semtimedop","semtimedop_time64","send","sendfile","sendfile64","sendmmsg","sendmsg","sendto","setns","set_mempolicy","set_robust_list","set_thread_area","set_tid_address","setfsgid","setfsgid32","setfsuid","setfsuid32","setgid","setgid32","setgroups","setgroups32","setitimer","setpgid","setpriority","setregid","setregid32","setresgid","setresgid32","setresuid","setresuid32","setreuid","setreuid32","setrlimit","setsid","setsockopt","setuid","setuid32","setxattr","shmat","shmctl","shmdt","shmget","shutdown","sigaltstack","signalfd","signalfd4","sigreturn","socket","socketcall","socketpair","splice","stat","stat64","statfs","statfs64","statx","symlink","symlinkat","sync","sync_file_range","syncfs","sysinfo","syslog","tee","tgkill","time","timer_create","timer_delete","timer_getoverrun","timer_gettime","timer_gettime64","timer_settime","timer_settime64","timerfd_create","timerfd_gettime","timerfd_gettime64","timerfd_settime","timerfd_settime64","times","tkill","truncate","truncate64","ugetrlimit","umask","umount","umount2","uname","unlink","unlinkat","unshare","utime","utimensat","utimensat_time64","utimes","vfork","wait4","waitid","waitpid","write","writev"],"action":"SCMP_ACT_ALLOW"},{"names":["personality"],"action":"SCMP_ACT_ALLOW","args":[{"index":0,"value":0,"op":"SCMP_CMP_EQ"}]},{"names":["personality"],"action":"SCMP_ACT_ALLOW","args":[{"index":0,"value":8,"op":"SCMP_CMP_EQ"}]},{"names":["personality"],"action":"SCMP_ACT_ALLOW","args":[{"index":0,"value":131072,"op":"SCMP_CMP_EQ"}]},{"names":["personality"],"action":"SCMP_ACT_ALLOW","args":[{"index":0,"value":131080,"op":"SCMP_CMP_EQ"}]},{"names":["personality"],"action":"SCMP_ACT_ALLOW","args":[{"index":0,"value":4294967295,"op":"SCMP_CMP_EQ"}]},{"names":["arch_prctl"],"action":"SCMP_ACT_ALLOW"},{"names":["modify_ldt"],"action":"SCMP_ACT_ALLOW"},{"names":["open_by_handle_at"],"action":"SCMP_ACT_ERRNO","errnoRet":1},{"names":["bpf","fanotify_init","lookup_dcookie","perf_event_open","quotactl","setdomainname","sethostname","setns"],"action":"SCMP_ACT_ERRNO","errnoRet":1},{"names":["chroot"],"action":"SCMP_ACT_ALLOW"},{"names":["delete_module","init_module","finit_module","query_module"],"action":"SCMP_ACT_ERRNO","errnoRet":1},{"names":["acct"],"action":"SCMP_ACT_ERRNO","errnoRet":1},{"names":["kcmp","process_madvise","process_vm_readv","process_vm_writev","ptrace"],"action":"SCMP_ACT_ERRNO","errnoRet":1},{"names":["iopl","ioperm"],"action":"SCMP_ACT_ERRNO","errnoRet":1},{"names":["settimeofday","stime","clock_settime","clock_settime64"],"action":"SCMP_ACT_ERRNO","errnoRet":1},{"names":["vhangup"],"action":"SCMP_ACT_ERRNO","errnoRet":1},{"names":["socket"],"action":"SCMP_ACT_ERRNO","errnoRet":22,"args":[{"index":0,"value":16,"op":"SCMP_CMP_EQ"},{"index":2,"value":9,"op":"SCMP_CMP_EQ"}]},{"names":["socket"],"action":"SCMP_ACT_ALLOW","args":[{"index":2,"value":9,"op":"SCMP_CMP_NE"}]},{"names":["socket"],"action":"SCMP_ACT_ALLOW","args":[{"index":0,"value":16,"op":"SCMP_CMP_NE"}]},{"names":["socket"],"action":"SCMP_ACT_ALLOW","args":[{"index":2,"value":9,"op":"SCMP_CMP_NE"}]}]},"maskedPaths":["/proc/acpi","/proc/kcore","/proc/keys","/proc/latency_stats","/proc/timer_list","/proc/timer_stats","/proc/sched_debug","/proc/scsi","/sys/firmware","/sys/fs/selinux","/sys/dev"],"readonlyPaths":["/proc/asound","/proc/bus","/proc/fs","/proc/irq","/proc/sys","/proc/sysrq-trigger"],"mountLabel":"system_u:object_r:container_file_t:s0:c202,c949"}} DEBU[0000] Running ["/usr/bin/crun" "--systemd-cgroup" "create" "--bundle" "/var/tmp/buildah715766979" "--pid-file" "/var/tmp/buildah715766979/pid" "--no-new-keyring" "buildah-buildah715766979"] error running container: error from /usr/bin/crun creating container for [/bin/sh -c /bin/true]: sd-bus call: Process org.freedesktop.systemd1 exited with status 1: Input/output error : exit status 1 ERRO[0008] did not get container create message from subprocess: read |0: i/o timeout DEBU[0008] error building at step {Env:[PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin] Command:run Args:[/bin/true] Flags:[] Attrs:map[] Message:RUN /bin/true Original:RUN /bin/true}: error while running runtime: exit status 1 Error: error building at STEP "RUN /bin/true": error while running runtime: exit status 1 WARN[0008] Failed to add pause process to systemd sandbox cgroup: Process org.freedesktop.systemd1 exited with status 1 [test114@laptop ~]$ [test114@laptop ~]$ podman version Client: Podman Engine Version: 4.0.2 API Version: 4.0.2 Go Version: go1.16.14 Built: Thu Mar 3 15:56:56 2022 OS/Arch: linux/amd64 [test114@laptop ~]$ [test114@laptop ~]$ podman info --debug host: arch: amd64 buildahVersion: 1.24.1 cgroupControllers: - cpu - io - memory - pids cgroupManager: systemd cgroupVersion: v2 conmon: package: conmon-2.1.0-2.fc35.x86_64 path: /usr/bin/conmon version: 'conmon version 2.1.0, commit: ' cpus: 8 distribution: distribution: fedora variant: workstation version: "35" eventLogger: journald hostname: laptop idMappings: gidmap: - container_id: 0 host_id: 1074 size: 1 - container_id: 1 host_id: 5128592 size: 65536 uidmap: - container_id: 0 host_id: 1074 size: 1 - container_id: 1 host_id: 5194128 size: 65536 kernel: 5.16.12-200.fc35.x86_64 linkmode: dynamic logDriver: journald memFree: 24032808960 memTotal: 33452265472 networkBackend: netavark ociRuntime: name: crun package: crun-1.4.2-1.fc35.x86_64 path: /usr/bin/crun version: |- crun version 1.4.2 commit: f6fbc8f840df1a414f31a60953ae514fa497c748 spec: 1.0.0 +SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +CRIU +YAJL os: linux remoteSocket: path: /run/user/1074/podman/podman.sock security: apparmorEnabled: false capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT rootless: true seccompEnabled: true seccompProfilePath: /usr/share/containers/seccomp.json selinuxEnabled: true serviceIsRemote: false slirp4netns: executable: /usr/bin/slirp4netns package: slirp4netns-1.1.12-2.fc35.x86_64 version: |- slirp4netns version 1.1.12 commit: 7a104a101aa3278a2152351a082a6df71f57c9a3 libslirp: 4.6.1 SLIRP_CONFIG_VERSION_MAX: 3 libseccomp: 2.5.3 swapFree: 9124700160 swapTotal: 9124700160 uptime: 1h 39m 21.2s (Approximately 0.04 days) plugins: log: - k8s-file - none - passthrough - journald network: - bridge - macvlan volume: - local registries: search: - registry.fedoraproject.org - registry.access.redhat.com - docker.io - quay.io store: configFile: /home/test114/.config/containers/storage.conf containerStore: number: 0 paused: 0 running: 0 stopped: 0 graphDriverName: overlay graphOptions: {} graphRoot: /home/test114/.local/share/containers/storage graphStatus: Backing Filesystem: xfs Native Overlay Diff: "true" Supports d_type: "true" Using metacopy: "false" imageCopyTmpDir: /var/tmp imageStore: number: 1 runRoot: /run/user/1074/containers volumePath: /home/test114/.local/share/containers/storage/volumes version: APIVersion: 4.0.2 Built: 1646319416 BuiltTime: Thu Mar 3 15:56:56 2022 GitCommit: "" GoVersion: go1.16.14 OsArch: linux/amd64 Version: 4.0.2 [test114@laptop ~]$ rpm -q podman podman-4.0.2-1.fc35.x86_64 [test114@laptop ~]$ rpm -q systemd systemd-249.9-1.fc35.x86_64 [test114@laptop ~]$ rpm -q crun crun-1.4.2-1.fc35.x86_64 [test114@laptop ~]$ [test114@laptop ~]$ env | sort } BASH_FUNC_which%%=() { ( alias; COLORTERM=truecolor DBUS_SESSION_BUS_ADDRESS=unix:abstract=/tmp/dbus-pHkRN7Bkj7,guid=15584d52c81f35cefba5efa26224714b DEBUGINFOD_URLS=https://debuginfod.fedoraproject.org/ DISPLAY=:3 EDITOR=/usr/bin/nano eval ${which_declare} ) | /usr/bin/which --tty-only --read-alias --read-functions --show-tilde --show-dot "$@" GNOME_TERMINAL_SCREEN=/org/gnome/Terminal/screen/4f154beb_2e78_461a_a0bb_14f170554923 GNOME_TERMINAL_SERVICE=:1.67 HISTCONTROL=ignoredups HISTSIZE=1000 HOME=/home/test114 HOSTNAME=laptop LANG=en_US.UTF-8 LESSOPEN=||/usr/bin/lesspipe.sh %s LOGNAME=test114 LS_COLORS=rs=0:di=01;34:ln=01;36:mh=00:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:mi=01;37;41:su=37;41:sg=30;43:ca=30;41:tw=30;42:ow=34;42:st=37;44:ex=01;32:*.tar=01;31:*.tgz=01;31:*.arc=01;31:*.arj=01;31:*.taz=01;31:*.lha=01;31:*.lz4=01;31:*.lzh=01;31:*.lzma=01;31:*.tlz=01;31:*.txz=01;31:*.tzo=01;31:*.t7z=01;31:*.zip=01;31:*.z=01;31:*.dz=01;31:*.gz=01;31:*.lrz=01;31:*.lz=01;31:*.lzo=01;31:*.xz=01;31:*.zst=01;31:*.tzst=01;31:*.bz2=01;31:*.bz=01;31:*.tbz=01;31:*.tbz2=01;31:*.tz=01;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.war=01;31:*.ear=01;31:*.sar=01;31:*.rar=01;31:*.alz=01;31:*.ace=01;31:*.zoo=01;31:*.cpio=01;31:*.7z=01;31:*.rz=01;31:*.cab=01;31:*.wim=01;31:*.swm=01;31:*.dwm=01;31:*.esd=01;31:*.jpg=01;35:*.jpeg=01;35:*.mjpg=01;35:*.mjpeg=01;35:*.gif=01;35:*.bmp=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.svg=01;35:*.svgz=01;35:*.mng=01;35:*.pcx=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.m2v=01;35:*.mkv=01;35:*.webm=01;35:*.webp=01;35:*.ogm=01;35:*.mp4=01;35:*.m4v=01;35:*.mp4v=01;35:*.vob=01;35:*.qt=01;35:*.nuv=01;35:*.wmv=01;35:*.asf=01;35:*.rm=01;35:*.rmvb=01;35:*.flc=01;35:*.avi=01;35:*.fli=01;35:*.flv=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.yuv=01;35:*.cgm=01;35:*.emf=01;35:*.ogv=01;35:*.ogx=01;35:*.aac=01;36:*.au=01;36:*.flac=01;36:*.m4a=01;36:*.mid=01;36:*.midi=01;36:*.mka=01;36:*.mp3=01;36:*.mpc=01;36:*.ogg=01;36:*.ra=01;36:*.wav=01;36:*.oga=01;36:*.opus=01;36:*.spx=01;36:*.xspf=01;36: MAIL=/var/spool/mail/test114 MOZ_GMP_PATH=/usr/lib64/mozilla/plugins/gmp-gmpopenh264/system-installed PATH=/home/test114/.local/bin:/home/test114/bin:/usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin PWD=/home/test114 QT_IM_MODULE=ibus SESSION_MANAGER=local/unix:@/tmp/.ICE-unix/22757,unix/unix:/tmp/.ICE-unix/22757 SHELL=/bin/bash SHLVL=0 SSH_AGENT_PID=22805 SSH_AUTH_SOCK=/run/user/1074/keyring/ssh SYSTEMD_EXEC_PID=7337 TERM=xterm-256color USER=test114 _=/usr/bin/env VTE_VERSION=6602 which_declare=declare -f WINDOWPATH=4 XAUTHORITY=/home/test114/.Xauthority XDG_CURRENT_DESKTOP=GNOME XDG_DATA_DIRS=/home/test114/.local/share/flatpak/exports/share:/var/lib/flatpak/exports/share:/usr/local/share:/usr/share XDG_MENU_PREFIX=gnome- XDG_RUNTIME_DIR=/run/user/1074 XDG_SESSION_CLASS=user XDG_SESSION_TYPE=tty XMODIFIERS=@im=ibus XORG_RUN_AS_USER_OK=1 [test114@laptop ~]$ ps axuw | grep test114 root 7337 0.0 0.0 15400 8100 ? Ss 08:32 0:00 login -- test114 test114 22577 0.0 0.0 21632 13868 ? Ss 09:31 0:00 /usr/lib/systemd/systemd --user test114 22582 0.0 0.0 175552 6848 ? S 09:31 0:00 (sd-pam) test114 22609 0.0 0.0 224200 5584 tty4 Ss 09:31 0:00 -bash test114 22668 0.0 0.0 222652 3864 tty4 S+ 09:31 0:00 /usr/bin/sh /usr/bin/startx test114 22690 0.0 0.0 4148 1300 tty4 S+ 09:31 0:00 xinit /etc/X11/xinit/xinitrc -- /usr/bin/X :3 vt4 -keeptty -auth /home/test114/.serverauth.22668 test114 22691 2.3 0.2 1396456 89740 tty4 Sl 09:31 0:10 /usr/libexec/Xorg :3 vt4 -keeptty -auth /home/test114/.serverauth.22668 test114 22757 0.0 0.0 736380 19824 ? Ssl 09:31 0:00 /usr/libexec/gnome-session-binary test114 22770 0.0 0.0 8064 1784 ? S 09:31 0:00 dbus-launch --sh-syntax --exit-with-session test114 22772 0.1 0.0 10104 3416 ? Ss 09:31 0:00 /usr/bin/dbus-daemon --syslog --fork --print-pid 5 --print-address 7 --session test114 22805 0.0 0.0 6140 460 ? Ss 09:31 0:00 /usr/bin/ssh-agent /etc/X11/xinit/Xclients test114 22824 0.0 0.0 308484 8136 ? Sl 09:31 0:00 /usr/libexec/at-spi-bus-launcher test114 22829 0.0 0.0 9208 4936 ? S 09:31 0:00 /usr/bin/dbus-daemon --config-file=/usr/share/defaults/at-spi2/accessibility.conf --nofork --print-address 3 test114 22833 0.0 0.0 452168 7680 ? Sl 09:31 0:00 /usr/libexec/gvfsd test114 22838 0.0 0.0 379920 6216 ? Sl 09:31 0:00 /usr/libexec/gvfsd-fuse /run/user/1074/gvfs -f test114 22861 0.0 0.0 452468 5940 ? Sl 09:31 0:00 /usr/bin/gnome-keyring-daemon --start --components=ssh test114 22871 2.3 0.6 5509272 196160 ? Sl 09:31 0:10 /usr/bin/gnome-shell test114 22908 0.0 0.0 528572 13256 ? Sl 09:31 0:00 ibus-daemon --panel disable --xim test114 22911 0.0 0.0 447908 5060 ? Sl 09:31 0:00 /usr/libexec/xdg-permission-store test114 22915 0.0 0.0 584416 22128 ? Sl 09:31 0:00 /usr/libexec/gnome-shell-calendar-server test114 22923 0.0 0.0 605668 26944 ? Sl 09:31 0:00 /usr/libexec/evolution-source-registry test114 22929 0.0 0.0 156020 5744 ? Sl 09:31 0:00 /usr/libexec/dconf-service test114 22934 0.0 0.1 897852 40344 ? Sl 09:31 0:00 /usr/libexec/goa-daemon test114 22938 0.0 0.0 327296 15296 ? S

Observation 2: When I create a new user and log in to it in a virtual console and run startx and open gnome-terminal and run the command podman version > /tmp/version:

$ podman version > /tmp/version
WARN[0000] Failed to add pause process to systemd sandbox cgroup: Process org.freedesktop.systemd1 exited with status 1

the command prints a warning.

Observation 3: It's probably not related to crun because adding --runtime=/usr/bin/runc also fails. (i.e. podman --runtime=/usr/bin/runc build -t test /tmp/e)

Luap99 commented 2 years ago

Can you check the DBUS_SESSION_BUS_ADDRESS env var before and after startx?

eriksjolund commented 2 years ago

I created a new user test116.

Before running startx:

[test116@laptop ~]$ env | grep DBUS
DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1076/bus
[test116@laptop ~]$

After running startx:

[test116@laptop ~]$ env | grep DBUS
DBUS_SESSION_BUS_ADDRESS=unix:abstract=/tmp/dbus-DsJFFOMkeM,guid=0e60e9cba232e976ea3e5c326224bbc9
[test116@laptop ~]$
Luap99 commented 2 years ago

https://bugzilla.redhat.com/show_bug.cgi?id=1622259 This is not a podman bug.