search

containers / podman

Podman: A tool for managing OCI containers and pods.
https://podman.io
Apache License 2.0
23.43k stars 2.38k forks source link

CMD exec version does not work #16561

Closed muellert closed 1 year ago

muellert commented 1 year ago

Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)

/kind bug

Description

Container with valid Dockerfile builds without error message, but resulting container does not work. To reproduce, make a minimal "hello world" style flask application, then use a Dockerfile like this:

FROM python:3.9-alpine

RUN mkdir -p /app
ADD . /app
WORKDIR /app
RUN python -m venv .env && source ./.env/bin/activate && pip install -U pip && pip install flask
VOLUME ['/app/instance']
EXPOSE 8123

CMD ['python', 'app.py']

This container works with podman 3.0, but not with podman 4.3.1. With 4.3.1, I get the following result:

$ podman build .
...
STEP 7/8: EXPOSE 8123
--> f5f6f70006c
STEP 8/8: CMD ['python', 'app.py']
COMMIT
--> 85d25aaeb75
85d25aaeb75250bc9e8ec3adaebd8c4fd1eeceaa8ea766b2dd9c112a5f63b53d
$ podman run 85d25aaeb75250bc9e8ec3adaebd8c4fd1eeceaa8ea766b2dd9c112a5f63b53d
/bin/sh: [python,: not found

Steps to reproduce the issue:

  1. Create "hello world" style minimal Flask app.

  2. Build the container with the Dockerfile given above, using podman 4.3.1

  3. Try to run the resulting container and observe the error message shown above.

Describe the results you received:

Container does not run:

$ podman run 85d25aaeb75250bc9e8ec3adaebd8c4fd1eeceaa8ea766b2dd9c112a5f63b53d /bin/sh: [python,: not found

Describe the results you expected:

I expected the container to run.

Additional information you deem important (e.g. issue happens only occasionally):

Output of podman version:

$ podman version
Client:       Podman Engine
Version:      4.3.1
API Version:  4.3.1
Go Version:   go1.19.3
Built:        Thu Jan  1 01:00:00 1970
OS/Arch:      linux/amd64

Output of podman info:

host:
  arch: amd64
  buildahVersion: 1.28.0
  cgroupControllers:
  - cpu
  - memory
  - pids
  cgroupManager: systemd
  cgroupVersion: v2
  conmon:
    package: conmon_2.1.3+ds1-1_amd64
    path: /usr/bin/conmon
    version: 'conmon version 2.1.3, commit: unknown'
  cpuUtilization:
    idlePercent: 99.9
    systemPercent: 0.03
    userPercent: 0.07
  cpus: 4
  distribution:
    codename: bookworm
    distribution: debian
    version: unknown
  eventLogger: journald
  hostname: debian-testing
  idMappings:
    gidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 65536
    uidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 65536
  kernel: 6.0.0-4-amd64
linkmode: dynamic
  logDriver: journald
  memFree: 18841600
  memTotal: 493772800
  networkBackend: netavark
  ociRuntime:
    name: crun
    package: crun_1.5+dfsg-1+b1_amd64
    path: /usr/bin/crun
    version: |-
      crun version 1.5
      commit: 54ebb8ca8bf7e6ddae2eb919f5b82d1d96863dea
      spec: 1.0.0
      +SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +YAJL
  os: linux
  remoteSocket:
    path: /run/user/1000/podman/podman.sock
  security:
    apparmorEnabled: false
    capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
    rootless: true
    seccompEnabled: true
    seccompProfilePath: /usr/share/containers/seccomp.json
    selinuxEnabled: false
  serviceIsRemote: false
  slirp4netns:
    executable: /bin/slirp4netns
    package: Unknown
    version: |-
      slirp4netns version 1.2.0
      commit: 656041d45cfca7a4176f6b7eed9e4fe6c11e8383
      libslirp: 4.7.0
      SLIRP_CONFIG_VERSION_MAX: 4
      libseccomp: 2.5.4
  swapFree: 738791424
  swapTotal: 1022357504
  uptime: 148h 52m 2.00s (Approximately 6.17 days)
plugins:
authorization: null
  log:
  - k8s-file
  - none
  - passthrough
  - journald
  network:
  - bridge
  - macvlan
  volume:
  - local
registries: {}
store:
  configFile: /home/bofh/.config/containers/storage.conf
  containerStore:
    number: 2
    paused: 0
    running: 0
    stopped: 2
  graphDriverName: vfs
  graphOptions: {}
  graphRoot: /home/bofh/.local/share/containers/storage
  graphRootAllocated: 20449329152
  graphRootUsed: 17306058752
  graphStatus: {}
  imageCopyTmpDir: /var/tmp
  imageStore:
    number: 14
  runRoot: /run/user/1000/containers
  volumePath: /home/bofh/.local/share/containers/storage/volumes
version:
  APIVersion: 4.3.1
  Built: 0
  BuiltTime: Thu Jan  1 01:00:00 1970
  GitCommit: ""
  GoVersion: go1.19.3
  Os: linux
  OsArch: linux/amd64
  Version: 4.3.1

Package info (e.g. output of rpm -q podman or apt list podman or brew info podman):

$ apt list podman
Listing... Done
podman/experimental,now 4.3.1+ds1-2 amd64 [installed]

Have you tested with the latest version of Podman and have you checked the Podman Troubleshooting Guide? (https://github.com/containers/podman/blob/main/troubleshooting.md)

Yes

Additional environment details (AWS, VirtualBox, physical, etc.):

I tried inside a VM, which runs on top of KVM/Qemu.

I think this version of the command should run, according to

https://docs.docker.com/engine/reference/builder/#cmd

baude commented 1 year ago

single quotes in RUN and VOLUME are meaningful. Switching to regular (double) quote will work as you intended.