Closed mtalexan closed 12 months ago
Thanks for your report.
Where did that Skopeo binary come from, and how it was compiled? This is because user.Current
is failing, and compare the top paragraphs at https://pkg.go.dev/os/user .
If I'm understanding, the module used for user parsing is dependent on what's available during the build, with the fallback implementation being one that parses the files directly. Correct?
I installed both podman and skopeo using Nix from the nix-store onto an Ubuntu system, so maybe the build definition for skopeo is missing something podman has.
That’s how I understand things as well.
From a quick look comparing https://github.com/NixOS/nixpkgs/blob/master/pkgs/development/tools/skopeo/default.nix and https://github.com/NixOS/nixpkgs/blob/cce724adc339049505b4fc5f9fbf6d7ca274cb3b/pkgs/applications/virtualization/podman/default.nix I can’t see an obvious cause, but I’m unfamiliar with Nix.
If a manually-built binary works as expected, I’d recommend reporting this to the Nix package maintainers.
A friendly reminder that this issue had no activity for 30 days.
I am closing this, since I don't believe this is our issue.
When an LDAP user that has been successfully using
podman
tries to copy an image with thecontainers-storage
transport,skopeo
complains with an error. All output formats and images produce the same error:In this case
skopeo
is being run by the user trying to access their own default podman container cache storage from the bare metal system, and the user is an LDAP/ActiveDirectory user.No such issue exists when using
podman
commands from the same user.Skopeo version:
1.11.1
This type of issue often comes up when an application incorrectly tries to parse a username from a UID or visa versa by manually examining
/etc/passwd
. The only valid way to get this information on a Linux system using PAM is to usegetent passwd
, parsing/etc/passwd
or/etc/shadow
directly is explicitly incorrect. While I'm not sure if this is the actual cause, it's a common error pattern I thought I'd mention.