search

containers / podman

Podman: A tool for managing OCI containers and pods.
https://podman.io
Apache License 2.0
23.27k stars 2.37k forks source link

crun: make `/home/user/.local/share/containers/storage/overlay/a44a139e0dd7eac4b89ff1f25981686eac96664123d6759b89cddb8ba8c4c2b5/merged` private: Permission denied: OCI permission denied #21319

Closed muhdsalm closed 8 months ago

muhdsalm commented 8 months ago

Issue Description

I'm trying to use distrobox on a fresh OpenSuse MicroOS install (with a reused home partition) and I am trying to run a container. I've seen issues on distrobox which led me to find out that the issue is with podman itself. I've looked at other issues on this repo and from what I've found none of the circumstances are the same as mine (if there are please lead me to it and apologies in advance). I've tried this after running podman system reset and the issue remains.

Steps to reproduce the issue

Steps to reproduce the issue

  1. Create an Ubuntu 24.04 container using distrobox create test -i ubuntu:24.04
  2. Try entering the container using distrobox enter -v test (note distrobox enter --root works)

Describe the results you received

It gives this issue without the verbose flag: Error: unable to start container "c721ae3e952efdfd9ec0af1644631cbf51b3d12c848d5a99d1f930c6d10ba892": crun: make `/home/salman/.local/share/containers/storage/overlay/a44a139e0dd7eac4b89ff1f25981686eac96664123d6759b89cddb8ba8c4c2b5/merged` private: Permission denied: OCI permission denied

And with the verbose flag:

+ '[' -z code ']'
+ '[' '!' -t 0 ']'
+ '[' '!' -t 1 ']'
+ case "${container_manager}" in
+ command -v podman
+ container_manager=podman
+ command -v podman
+ '[' 1 -ne 0 ']'
+ container_manager='podman --log-level debug'
+ '[' 0 -ne 0 ']'
+ container_home=/home/salman
+ container_path=/home/salman/.local/bin:/home/salman/bin:/home/salman/.local/bin:/usr/local/bin:/usr/bin:/bin:/home/salman/.local/bin:/home/salman/bin:/home/salman/.local/bin:/usr/local/bin:/usr/bin:/bin/kotlin/bin:/home/salman/.local/bin:/home/salman/bin:/home/salman/.local/bin:/usr/local/bin:/usr/bin:/bin:/home/salman/.local/bin:/home/salman/bin:/home/salman/.local/bin:/usr/local/bin:/usr/bin:/bin/kotlin/bin/kotlin/bin:/home/salman/.local/bin:/home/salman/bin:/home/salman/.local/bin:/usr/local/bin:/usr/bin:/bin:/home/salman/.local/bin:/home/salman/bin:/home/salman/.local/bin:/usr/local/bin:/usr/bin:/bin/kotlin/bin:/home/salman/.local/bin:/home/salman/bin:/home/salman/.local/bin:/usr/local/bin:/usr/bin:/bin:/home/salman/.local/bin:/home/salman/bin:/home/salman/.local/bin:/usr/local/bin:/usr/bin:/bin/kotlin/bin/kotlin/bin/kotlin/bin
+ '[' 0 -ne 0 ']'
+ container_status=unknown
++ podman --log-level debug inspect --type container --format 'container_status={{.State.Status}};
    {{range .Config.Env}}{{if slice . 0 5 | eq "HOME="}}container_home={{slice . 5 | printf "%q"}};{{end}}{{end}}
    {{range .Config.Env}}{{if slice . 0 5 | eq "PATH="}}container_path={{slice . 5 | printf "%q"}}{{end}}{{end}}' code
INFO[0000] podman filtering at log level debug          
DEBU[0000] Called inspect.PersistentPreRunE(podman --log-level debug inspect --type container --format container_status={{.State.Status}};
    {{range .Config.Env}}{{if slice . 0 5 | eq "HOME="}}container_home={{slice . 5 | printf "%q"}};{{end}}{{end}}
    {{range .Config.Env}}{{if slice . 0 5 | eq "PATH="}}container_path={{slice . 5 | printf "%q"}}{{end}}{{end}} code) 
DEBU[0000] Using conmon: "/usr/bin/conmon"              
INFO[0000] Using sqlite as database backend             
DEBU[0000] Using graph driver overlay                   
DEBU[0000] Using graph root /home/salman/.local/share/containers/storage 
DEBU[0000] Using run root /run/user/1000/containers     
DEBU[0000] Using static dir /home/salman/.local/share/containers/storage/libpod 
DEBU[0000] Using tmp dir /run/user/1000/libpod/tmp      
DEBU[0000] Using volume path /home/salman/.local/share/containers/storage/volumes 
DEBU[0000] Using transient store: false                 
DEBU[0000] [graphdriver] trying provided driver "overlay" 
DEBU[0000] Cached value indicated that overlay is supported 
DEBU[0000] Cached value indicated that overlay is supported 
DEBU[0000] Cached value indicated that metacopy is not being used 
DEBU[0000] Cached value indicated that native-diff is usable 
DEBU[0000] backingFs=extfs, projectQuotaSupported=false, useNativeDiff=true, usingMetacopy=false 
DEBU[0000] Initializing event backend journald          
DEBU[0000] Configured OCI runtime runc initialization failed: no valid executable found for OCI runtime runc: invalid argument 
DEBU[0000] Configured OCI runtime runj initialization failed: no valid executable found for OCI runtime runj: invalid argument 
DEBU[0000] Configured OCI runtime kata initialization failed: no valid executable found for OCI runtime kata: invalid argument 
DEBU[0000] Configured OCI runtime runsc initialization failed: no valid executable found for OCI runtime runsc: invalid argument 
DEBU[0000] Configured OCI runtime youki initialization failed: no valid executable found for OCI runtime youki: invalid argument 
DEBU[0000] Configured OCI runtime ocijail initialization failed: no valid executable found for OCI runtime ocijail: invalid argument 
DEBU[0000] Using OCI runtime "/usr/bin/crun"            
INFO[0000] Setting parallel job count to 13             
DEBU[0000] Looking up image "9069f132fbe517bb279f50327862e495782e193c284f4377635911af8c60fcb0" in local containers storage 
DEBU[0000] Trying "9069f132fbe517bb279f50327862e495782e193c284f4377635911af8c60fcb0" ... 
DEBU[0000] parsed reference into "[overlay@/home/salman/.local/share/containers/storage+/run/user/1000/containers]@9069f132fbe517bb279f50327862e495782e193c284f4377635911af8c60fcb0" 
DEBU[0000] Found image "9069f132fbe517bb279f50327862e495782e193c284f4377635911af8c60fcb0" as "9069f132fbe517bb279f50327862e495782e193c284f4377635911af8c60fcb0" in local containers storage 
DEBU[0000] Found image "9069f132fbe517bb279f50327862e495782e193c284f4377635911af8c60fcb0" as "9069f132fbe517bb279f50327862e495782e193c284f4377635911af8c60fcb0" in local containers storage ([overlay@/home/salman/.local/share/containers/storage+/run/user/1000/containers]@9069f132fbe517bb279f50327862e495782e193c284f4377635911af8c60fcb0) 
DEBU[0000] Called inspect.PersistentPostRunE(podman --log-level debug inspect --type container --format container_status={{.State.Status}};
    {{range .Config.Env}}{{if slice . 0 5 | eq "HOME="}}container_home={{slice . 5 | printf "%q"}};{{end}}{{end}}
    {{range .Config.Env}}{{if slice . 0 5 | eq "PATH="}}container_path={{slice . 5 | printf "%q"}}{{end}}{{end}} code) 
DEBU[0000] Shutting down engines                        
+ eval 'container_status=created;
    container_home="/home/salman";
    container_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"'
++ container_status=created
++ container_home=/home/salman
++ container_path=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ '[' created = unknown ']'
+ '[' created '!=' running ']'
+ podman --log-level debug start code
INFO[0000] podman filtering at log level debug          
DEBU[0000] Called start.PersistentPreRunE(podman --log-level debug start code) 
DEBU[0000] Using conmon: "/usr/bin/conmon"              
INFO[0000] Using sqlite as database backend             
DEBU[0000] Using graph driver overlay                   
DEBU[0000] Using graph root /home/salman/.local/share/containers/storage 
DEBU[0000] Using run root /run/user/1000/containers     
DEBU[0000] Using static dir /home/salman/.local/share/containers/storage/libpod 
DEBU[0000] Using tmp dir /run/user/1000/libpod/tmp      
DEBU[0000] Using volume path /home/salman/.local/share/containers/storage/volumes 
DEBU[0000] Using transient store: false                 
DEBU[0000] [graphdriver] trying provided driver "overlay" 
DEBU[0000] Cached value indicated that overlay is supported 
DEBU[0000] Cached value indicated that overlay is supported 
DEBU[0000] Cached value indicated that metacopy is not being used 
DEBU[0000] Cached value indicated that native-diff is usable 
DEBU[0000] backingFs=extfs, projectQuotaSupported=false, useNativeDiff=true, usingMetacopy=false 
DEBU[0000] Initializing event backend journald          
DEBU[0000] Configured OCI runtime youki initialization failed: no valid executable found for OCI runtime youki: invalid argument 
DEBU[0000] Configured OCI runtime runc initialization failed: no valid executable found for OCI runtime runc: invalid argument 
DEBU[0000] Configured OCI runtime runj initialization failed: no valid executable found for OCI runtime runj: invalid argument 
DEBU[0000] Configured OCI runtime ocijail initialization failed: no valid executable found for OCI runtime ocijail: invalid argument 
DEBU[0000] Configured OCI runtime kata initialization failed: no valid executable found for OCI runtime kata: invalid argument 
DEBU[0000] Configured OCI runtime runsc initialization failed: no valid executable found for OCI runtime runsc: invalid argument 
DEBU[0000] Using OCI runtime "/usr/bin/crun"            
INFO[0000] Setting parallel job count to 13             
DEBU[0000] Cached value indicated that idmapped mounts for overlay are not supported 
DEBU[0000] Check for idmapped mounts support            
DEBU[0000] overlay: mount_data=lowerdir=/home/salman/.local/share/containers/storage/overlay/l/MIDVVX3DWZ7PMX3M77P3XQGIO4:/home/salman/.local/share/containers/storage/overlay/l/MIDVVX3DWZ7PMX3M77P3XQGIO4/../diff1:/home/salman/.local/share/containers/storage/overlay/l/CVAV7ZCG5QZI55XRAJLQVLCAJ4,upperdir=/home/salman/.local/share/containers/storage/overlay/a44a139e0dd7eac4b89ff1f25981686eac96664123d6759b89cddb8ba8c4c2b5/diff,workdir=/home/salman/.local/share/containers/storage/overlay/a44a139e0dd7eac4b89ff1f25981686eac96664123d6759b89cddb8ba8c4c2b5/work,userxattr,context="system_u:object_r:container_file_t:s0:c1022,c1023" 
DEBU[0000] Mounted container "c721ae3e952efdfd9ec0af1644631cbf51b3d12c848d5a99d1f930c6d10ba892" at "/home/salman/.local/share/containers/storage/overlay/a44a139e0dd7eac4b89ff1f25981686eac96664123d6759b89cddb8ba8c4c2b5/merged" 
DEBU[0000] Going to mount named volume ad6cdf2b4f56e0be80a66cb2219d40b40eece84af48fb855224304843f104b6f 
DEBU[0000] Copying up contents from container c721ae3e952efdfd9ec0af1644631cbf51b3d12c848d5a99d1f930c6d10ba892 to volume ad6cdf2b4f56e0be80a66cb2219d40b40eece84af48fb855224304843f104b6f 
DEBU[0000] Going to mount named volume 079503d57b50622d03a9db752c3455abcdbd61d172a9c02d5e672c56bca86fc4 
DEBU[0000] Copying up contents from container c721ae3e952efdfd9ec0af1644631cbf51b3d12c848d5a99d1f930c6d10ba892 to volume 079503d57b50622d03a9db752c3455abcdbd61d172a9c02d5e672c56bca86fc4 
DEBU[0000] Going to mount named volume 9b5e4f096db6ffcb7a6a270a41179f0122b319aa02da8d117ea6482a1de07ac6 
DEBU[0000] Copying up contents from container c721ae3e952efdfd9ec0af1644631cbf51b3d12c848d5a99d1f930c6d10ba892 to volume 9b5e4f096db6ffcb7a6a270a41179f0122b319aa02da8d117ea6482a1de07ac6 
DEBU[0000] Created root filesystem for container c721ae3e952efdfd9ec0af1644631cbf51b3d12c848d5a99d1f930c6d10ba892 at /home/salman/.local/share/containers/storage/overlay/a44a139e0dd7eac4b89ff1f25981686eac96664123d6759b89cddb8ba8c4c2b5/merged 
DEBU[0000] Not modifying container c721ae3e952efdfd9ec0af1644631cbf51b3d12c848d5a99d1f930c6d10ba892 /etc/passwd 
DEBU[0000] Not modifying container c721ae3e952efdfd9ec0af1644631cbf51b3d12c848d5a99d1f930c6d10ba892 /etc/group 
DEBU[0000] /etc/system-fips does not exist on host, not mounting FIPS mode subscription 
INFO[0000] User mount overriding libpod mount at "/etc/resolv.conf" 
INFO[0000] User mount overriding libpod mount at "/etc/hosts" 
DEBU[0000] Setting Cgroups for container c721ae3e952efdfd9ec0af1644631cbf51b3d12c848d5a99d1f930c6d10ba892 to user.slice:libpod:c721ae3e952efdfd9ec0af1644631cbf51b3d12c848d5a99d1f930c6d10ba892 
DEBU[0000] Set root propagation to "rslave"             
DEBU[0000] reading hooks from /usr/share/containers/oci/hooks.d 
DEBU[0000] Workdir "/" resolved to host path "/home/salman/.local/share/containers/storage/overlay/a44a139e0dd7eac4b89ff1f25981686eac96664123d6759b89cddb8ba8c4c2b5/merged" 
DEBU[0000] Created OCI spec for container c721ae3e952efdfd9ec0af1644631cbf51b3d12c848d5a99d1f930c6d10ba892 at /home/salman/.local/share/containers/storage/overlay-containers/c721ae3e952efdfd9ec0af1644631cbf51b3d12c848d5a99d1f930c6d10ba892/userdata/config.json 
DEBU[0000] /usr/bin/conmon messages will be logged to syslog 
DEBU[0000] running conmon: /usr/bin/conmon               args="[--api-version 1 -c c721ae3e952efdfd9ec0af1644631cbf51b3d12c848d5a99d1f930c6d10ba892 -u c721ae3e952efdfd9ec0af1644631cbf51b3d12c848d5a99d1f930c6d10ba892 -r /usr/bin/crun -b /home/salman/.local/share/containers/storage/overlay-containers/c721ae3e952efdfd9ec0af1644631cbf51b3d12c848d5a99d1f930c6d10ba892/userdata -p /run/user/1000/containers/overlay-containers/c721ae3e952efdfd9ec0af1644631cbf51b3d12c848d5a99d1f930c6d10ba892/userdata/pidfile -n code --exit-dir /run/user/1000/libpod/tmp/exits --full-attach -s -l journald --log-level debug --syslog --conmon-pidfile /run/user/1000/containers/overlay-containers/c721ae3e952efdfd9ec0af1644631cbf51b3d12c848d5a99d1f930c6d10ba892/userdata/conmon.pid --exit-command /usr/bin/podman --exit-command-arg --root --exit-command-arg /home/salman/.local/share/containers/storage --exit-command-arg --runroot --exit-command-arg /run/user/1000/containers --exit-command-arg --log-level --exit-command-arg debug --exit-command-arg --cgroup-manager --exit-command-arg systemd --exit-command-arg --tmpdir --exit-command-arg /run/user/1000/libpod/tmp --exit-command-arg --network-config-dir --exit-command-arg  --exit-command-arg --network-backend --exit-command-arg netavark --exit-command-arg --volumepath --exit-command-arg /home/salman/.local/share/containers/storage/volumes --exit-command-arg --db-backend --exit-command-arg sqlite --exit-command-arg --transient-store=false --exit-command-arg --runtime --exit-command-arg crun --exit-command-arg --storage-driver --exit-command-arg overlay --exit-command-arg --events-backend --exit-command-arg journald --exit-command-arg --syslog --exit-command-arg container --exit-command-arg cleanup --exit-command-arg c721ae3e952efdfd9ec0af1644631cbf51b3d12c848d5a99d1f930c6d10ba892]"
INFO[0000] Running conmon under slice user.slice and unitName libpod-conmon-c721ae3e952efdfd9ec0af1644631cbf51b3d12c848d5a99d1f930c6d10ba892.scope 
[conmon:d]: failed to write to /proc/self/oom_score_adj: Permission denied

DEBU[0000] Received: -1                                 
DEBU[0000] Cleaning up container c721ae3e952efdfd9ec0af1644631cbf51b3d12c848d5a99d1f930c6d10ba892 
DEBU[0000] Network is already cleaned up, skipping...   
DEBU[0000] Unmounted container "c721ae3e952efdfd9ec0af1644631cbf51b3d12c848d5a99d1f930c6d10ba892" 
Error: unable to start container "c721ae3e952efdfd9ec0af1644631cbf51b3d12c848d5a99d1f930c6d10ba892": crun: make `/home/salman/.local/share/containers/storage/overlay/a44a139e0dd7eac4b89ff1f25981686eac96664123d6759b89cddb8ba8c4c2b5/merged` private: Permission denied: OCI permission denied
DEBU[0000] Shutting down engines                        
+ cleanup
+ rm -f /home/salman/.cache/.code.fifo
+ '[' -n '' ']'
+ '[' 1 -eq 1 ']'
+ podman --log-level debug logs code
INFO[0000] podman filtering at log level debug          
DEBU[0000] Called logs.PersistentPreRunE(podman --log-level debug logs code) 
DEBU[0000] Using conmon: "/usr/bin/conmon"              
INFO[0000] Using sqlite as database backend             
DEBU[0000] Using graph driver overlay                   
DEBU[0000] Using graph root /home/salman/.local/share/containers/storage 
DEBU[0000] Using run root /run/user/1000/containers     
DEBU[0000] Using static dir /home/salman/.local/share/containers/storage/libpod 
DEBU[0000] Using tmp dir /run/user/1000/libpod/tmp      
DEBU[0000] Using volume path /home/salman/.local/share/containers/storage/volumes 
DEBU[0000] Using transient store: false                 
DEBU[0000] [graphdriver] trying provided driver "overlay" 
DEBU[0000] Cached value indicated that overlay is supported 
DEBU[0000] Cached value indicated that overlay is supported 
DEBU[0000] Cached value indicated that metacopy is not being used 
DEBU[0000] Cached value indicated that native-diff is usable 
DEBU[0000] backingFs=extfs, projectQuotaSupported=false, useNativeDiff=true, usingMetacopy=false 
DEBU[0000] Initializing event backend journald          
DEBU[0000] Configured OCI runtime runsc initialization failed: no valid executable found for OCI runtime runsc: invalid argument 
DEBU[0000] Configured OCI runtime youki initialization failed: no valid executable found for OCI runtime youki: invalid argument 
DEBU[0000] Configured OCI runtime ocijail initialization failed: no valid executable found for OCI runtime ocijail: invalid argument 
DEBU[0000] Configured OCI runtime runc initialization failed: no valid executable found for OCI runtime runc: invalid argument 
DEBU[0000] Configured OCI runtime runj initialization failed: no valid executable found for OCI runtime runj: invalid argument 
DEBU[0000] Configured OCI runtime kata initialization failed: no valid executable found for OCI runtime kata: invalid argument 
DEBU[0000] Using OCI runtime "/usr/bin/crun"            
INFO[0000] Setting parallel job count to 13             
DEBU[0000] Called logs.PersistentPostRunE(podman --log-level debug logs code) 
DEBU[0000] Shutting down engines

Describe the results you expected

I expected this to go normally through the setup and into the container.

podman info output

host:
  arch: amd64
  buildahVersion: 1.33.2
  cgroupControllers:
  - memory
  - pids
  cgroupManager: systemd
  cgroupVersion: v2
  conmon:
    package: conmon-2.1.10-1.1.x86_64
    path: /usr/bin/conmon
    version: 'conmon version 2.1.10, commit: unknown'
  cpuUtilization:
    idlePercent: 82.04
    systemPercent: 3.09
    userPercent: 14.86
  cpus: 4
  databaseBackend: sqlite
  distribution:
    distribution: opensuse-microos
    version: "20240119"
  eventLogger: journald
  freeLocks: 2044
  hostname: salman
  idMappings:
    gidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 65536
    uidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 65536
  kernel: 6.6.11-1-default
  linkmode: dynamic
  logDriver: journald
  memFree: 287629312
  memTotal: 8204812288
  networkBackend: netavark
  networkBackendInfo:
    backend: netavark
    dns:
      package: aardvark-dns-1.9.0-1.1.x86_64
      path: /usr/libexec/podman/aardvark-dns
      version: aardvark-dns 1.9.0
    package: netavark-1.9.0-1.1.x86_64
    path: /usr/libexec/podman/netavark
    version: netavark 1.9.0
  ociRuntime:
    name: crun
    package: crun-1.12-1.1.x86_64
    path: /usr/bin/crun
    version: |-
      crun version 1.12
      commit: ce429cb2e277d001c2179df1ac66a470f00802ae
      rundir: /run/user/1000/crun
      spec: 1.0.0
      +SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +CRIU +LIBKRUN +WASM:wasmedge +YAJL
  os: linux
  pasta:
    executable: ""
    package: ""
    version: ""
  remoteSocket:
    exists: false
    path: /run/user/1000/podman/podman.sock
  security:
    apparmorEnabled: false
    capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
    rootless: true
    seccompEnabled: true
    seccompProfilePath: /etc/containers/seccomp.json
    selinuxEnabled: true
  serviceIsRemote: false
  slirp4netns:
    executable: /usr/bin/slirp4netns
    package: slirp4netns-1.2.2-1.1.x86_64
    version: |-
      slirp4netns version 1.2.2
      commit: 0ee2d87523e906518d34a6b423271e4826f71faf
      libslirp: 4.7.0
      SLIRP_CONFIG_VERSION_MAX: 5
      libseccomp: 2.5.5
  swapFree: 11969118208
  swapTotal: 11976507392
  uptime: 0h 27m 15.00s
  variant: ""
plugins:
  authorization: null
  log:
  - k8s-file
  - none
  - passthrough
  - journald
  network:
  - bridge
  - macvlan
  - ipvlan
  volume:
  - local
registries:
  search:
  - registry.opensuse.org
  - registry.suse.com
  - docker.io
store:
  configFile: /home/salman/.config/containers/storage.conf
  containerStore:
    number: 1
    paused: 0
    running: 0
    stopped: 1
  graphDriverName: overlay
  graphOptions: {}
  graphRoot: /home/salman/.local/share/containers/storage
  graphRootAllocated: 896525815808
  graphRootUsed: 204781010944
  graphStatus:
    Backing Filesystem: extfs
    Native Overlay Diff: "true"
    Supports d_type: "true"
    Supports shifting: "false"
    Supports volatile: "true"
    Using metacopy: "false"
  imageCopyTmpDir: /var/tmp
  imageStore:
    number: 1
  runRoot: /run/user/1000/containers
  transientStore: false
  volumePath: /home/salman/.local/share/containers/storage/volumes
version:
  APIVersion: 4.8.3
  Built: 1704326400
  BuiltTime: Thu Jan  4 05:00:00 2024
  GitCommit: ""
  GoVersion: go1.21.5
  Os: linux
  OsArch: linux/amd64
  Version: 4.8.3

Podman in a container

No

Privileged Or Rootless

Rootless

Upstream Latest Release

Yes

Additional environment details

OpenSuse MicroOS (immutable/atomic distro), using a home partition from Fedora Kinoite. podman system reset has been run and did not work.

Linux salman 6.6.11-1-default #1 SMP PREEMPT_DYNAMIC Thu Jan 11 08:01:39 UTC 2024 (05ae4ad) x86_64 x86_64 x86_64 GNU/Linux

Additional information

The home partition has been brought imported from Fedora Kinoite. Currently using on OpenSuse MicroOS Aeon. podman system reset has been run.

mheon commented 8 months ago

@giuseppe PTAL

giuseppe commented 8 months ago

I am not familiar with OpenSuse MicroOS, can it be SELinux? AppArmor?

If the partition was moved from another system, are you sure your UID/GID and the additional IDs allocated to your user map the ones used to create the storage?

muhdsalm commented 8 months ago
  1. Selinux. It still doesn't work with Selinux set to permissive.
  2. I'm not really sure.
giuseppe commented 8 months ago

2. I'm not really sure.

can you try with a fresh storage? Do you get the same error?

muhdsalm commented 8 months ago

fresh storage?

Do you mean, like, another hard drive? I have a laptop and no that's not possible. Is there a way to make podman just... forget everything about my previous install? Like, hard reset/factory reset/delete all configs of the previous podman? podman system reset doesn't work.

muhdsalm commented 8 months ago

Also just like to mention here that it works as root: distrobox enter --root works as expected, which I'm guessing is the equivalent of running podman as root?

muhdsalm commented 8 months ago

Did quite a few things. Ran sudo chown a+rw .local/share/containers sudo rm -rf .local/share/containers sudo rm -rf .config/containers sudo rm -rf .config/toolbox

Works now.