crun: setrlimit RLIMIT_NPROC: Operation not permitted: OCI permission denied (was: toolbox not working with existing containers after upgrade to 38.20230422.1)

[tkockler]

Workarounds

The issue is fixed in podman 4.6 but containers created before this release can not be fixed without being re-created or raising the nproc limit.

Save and restore containers

You can export and import your existing containers. See for example:

• https://github.com/containers/toolbox/issues/1312#issuecomment-1685365626
• https://fedoramagazine.org/backup-and-restore-toolboxes-with-podman/

Set a higher ulimit for your user

Write the following file, replacing username by your user and 150000 by a value larger than ulimut -u:

$ cat /etc/security/limits.d/50-podman-ulimits.conf
username hard nproc 150000

Reboot to apply the configuration change.

---

Original issue text

Describe the bug After upgrading to 38.20230422.1 I can no longer enter existing containers

[tom@fedora38-sb ~]$ toolbox -v enter test
DEBU Running as real user ID 1000                 
DEBU Resolved absolute path to the executable as /usr/bin/toolbox 
DEBU Running on a cgroups v2 host                 
DEBU Looking for sub-GID and sub-UID ranges for user tom 
DEBU TOOLBOX_PATH is /usr/bin/toolbox             
DEBU Migrating to newer Podman                    
DEBU Toolbox config directory is /var/home/tom/.config/toolbox 
DEBU Current Podman version is 4.5.0              
DEBU Creating runtime directory /run/user/1000/toolbox 
DEBU Old Podman version is 4.5.0                  
DEBU Migration not needed: Podman version 4.5.0 is unchanged 
DEBU Setting up configuration                     
DEBU Setting up configuration: file /var/home/tom/.config/containers/toolbox.conf not found 
DEBU Resolving container and image names          
DEBU Container: ''                                
DEBU Distribution (CLI): ''                       
DEBU Image (CLI): ''                              
DEBU Release (CLI): ''                            
DEBU Resolved container and image names           
DEBU Container: 'fedora-toolbox-38'               
DEBU Image: 'fedora-toolbox:38'                   
DEBU Release: '38'                                
DEBU Resolving container and image names          
DEBU Container: 'test'                            
DEBU Distribution (CLI): ''                       
DEBU Image (CLI): ''                              
DEBU Release (CLI): ''                            
DEBU Resolved container and image names           
DEBU Container: 'test'                            
DEBU Image: 'fedora-toolbox:38'                   
DEBU Release: '38'                                
DEBU Checking if container test exists            
DEBU Inspecting mounts of container test          
DEBU Starting container test                      
Error: failed to start container test

When I roll back to version 38.20230421.0 toolbox works as expected.

Newly created containers in 38.20230422.1 work fine, only existing containers are not working

To Reproduce Please describe the steps needed to reproduce the bug:

1. Create a container in 38.20230421.0 with "toolbox create test", enter it with "toolbox enter test", update it inside and install something (f.ex. neovim). Exit the container
2. On the host run "rpm-ostree upgrade" and reboot
3. After the reboot "toolbox enter test" gives "Error: failed to start container test"

Expected behavior "toolbox enter test" brings me into the container

OS version:

[tom@fedora38-sb ~]$ rpm-ostree status -b
State: idle
AutomaticUpdates: check; rpm-ostreed-automatic.timer: last run 44min ago
BootedDeployment:
● fedora:fedora/38/x86_64/silverblue
                  Version: 38.20230422.1 (2023-04-22T21:01:18Z)
               BaseCommit: 233d5d86c58d4da70da4e1aec1c457c0b1b4a66fd5544d103d86a0280956e09d
             GPGSignature: Valid signature by 6A51BBABBA3D5467B6171221809A8D7CEB10B464
          LayeredPackages: 'google-roboto*' 'mozilla-fira*' fira-code-fonts google-roboto-condensed-fonts htop langpacks-de
                           mozilla-openh264

[juhp]

Hm I can't reproduce in either of my Silverblue 37 and 38 VMs fwiw. I wonder how old your toolboxes are?

[tkockler]

Interesting. Perhaps a problem with my machine. I am new to silverblue, so it's a fresh install and the only things I did was playing around with toolboxes: creating, installing stuff and deleting them again.
The toolboxes are new (one and two days old) and I can switch between the working and the not working deployment and reproduce the error

[tkockler]

I tried to start the container with podman directly and got the following error message: "Error: unable to start container 8a48d59ee3223c8240d7a6dfd14e3af0cd4506ef394968cbf8307f40fe6c936a: crun: setrlimit RLIMIT_NPROC: Operation not permitted: OCI permission denied" With this information I found: https://github.com/containers/podman/issues/6389 in the podman github. I only understand a fraction but:

tom@fedora38-sb:~$ podman inspect --format '{{ printf "%+v" .HostConfig.Ulimits }}' 8a48d59ee322 [{Name:RLIMIT_NOFILE Soft:524288 Hard:524288} {Name:RLIMIT_NPROC Soft:30726 Hard:30726}]

ulimit -u yields in the working deployment 30726 and 30725 in the not working one.

The described solution to set nproc for my user to 30726 worked: I can now start the container in both deployments.

Has anyone an idea how and why the limit changed for my user from 38.20230421.0 to 38.20230422.1?

[travier]

Have you tried https://github.com/containers/podman/issues/6389#issuecomment-765628048 ?

[tkockler]

Yes, creating a backup and restore it works also. The new container gets the new limits of my user account (30725).

[cajus]

Same issue here. But with distrobox. Backup/restore did not work as in the comments above (looks like I need to do something different for distrobox). Shredded the container and re-created it.

[sandorex]

I've had this happen twice, both distrobox and toolbox have same problems, hope this helps to find the issue

I've gone from silverblue 38.20230520.0 to kinoite 38.20230525.0 with following changes, and i had to recreate all containers cause of this error

``` % rpm-ostree db diff 81eeb69fc36fdc3a255620ed0f23e0777f621c0b6b8a43236858ebff6b8139dd 03dec287d500c6a73a49ca052fd71ede5a422632af6c8c77b2339e1ec7a61011 ostree diff commit from: 81eeb69fc36fdc3a255620ed0f23e0777f621c0b6b8a43236858ebff6b8139dd ostree diff commit to: 03dec287d500c6a73a49ca052fd71ede5a422632af6c8c77b2339e1ec7a61011 Upgraded: crun 1.8.4-1.fc38 -> 1.8.5-1.fc38 gobject-introspection 1.76.0-1.fc38 -> 1.76.1-1.fc38 gtk-update-icon-cache 3.24.37-1.fc38 -> 3.24.38-1.fc38 gtk3 3.24.37-1.fc38 -> 3.24.38-1.fc38 gtk4 4.10.3-2.fc38 -> 4.10.3-3.fc38 llvm-libs 16.0.3-1.fc38 -> 16.0.4-1.fc38 ostree 2023.1-2.fc38 -> 2023.3-1.fc38 ostree-grub2 2023.1-2.fc38 -> 2023.3-1.fc38 ostree-libs 2023.1-2.fc38 -> 2023.3-1.fc38 python3-requests 2.28.2-1.fc38 -> 2.28.2-2.fc38 qgnomeplatform-qt5 0.9.0-14.fc38 -> 0.9.1-2.fc38 Removed: NetworkManager-adsl-1:1.42.6-1.fc38.x86_64 NetworkManager-openconnect-gnome-1.2.10-1.fc38.x86_64 NetworkManager-openvpn-gnome-1:1.10.2-2.fc38.x86_64 NetworkManager-pptp-1:1.2.10-3.fc38.x86_64 NetworkManager-pptp-gnome-1:1.2.10-3.fc38.x86_64 NetworkManager-ssh-1.2.12-5.fc38.x86_64 NetworkManager-ssh-gnome-1.2.12-5.fc38.x86_64 NetworkManager-vpnc-gnome-1:1.2.8-3.fc38.x86_64 abseil-cpp-20220623.1-4.fc38.x86_64 accountsservice-libs-23.11.69-2.fc38.x86_64 apr-1.7.2-2.fc38.x86_64 apr-util-1.6.3-2.fc38.x86_64 apr-util-bdb-1.6.3-2.fc38.x86_64 apr-util-openssl-1.6.3-2.fc38.x86_64 bluez-obexd-5.66-5.fc38.x86_64 brlapi-0.8.4-10.fc38.x86_64 brltty-6.5-10.fc38.x86_64 colord-gtk4-0.3.0-3.fc38.x86_64 cups-pk-helper-0.2.7-2.fc38.x86_64 desktop-backgrounds-gnome-38.0.0-2.fc38.noarch epiphany-runtime-1:44.2-1.fc38.x86_64 evince-djvu-44.1-1.fc38.x86_64 evince-libs-44.1-1.fc38.x86_64 evince-previewer-44.1-1.fc38.x86_64 evince-thumbnailer-44.1-1.fc38.x86_64 evolution-data-server-3.48.1-1.fc38.x86_64 evolution-data-server-langpacks-3.48.1-1.fc38.noarch exempi-2.6.3-2.fc38.x86_64 f38-backgrounds-gnome-38.1.1-1.fc38.noarch fedora-chromium-config-gnome-2.0-3.fc38.noarch fedora-logos-httpd-38.1.0-1.fc38.noarch fedora-release-identity-silverblue-38-35.noarch fedora-release-silverblue-38-35.noarch freerdp-libs-2:2.10.0-1.fc38.x86_64 gcr-3.92.0-2.fc38.x86_64 gcr-libs-3.92.0-2.fc38.x86_64 gdm-1:44.1-1.fc38.x86_64 geoclue2-libs-2.7.0-1.fc38.x86_64 geocode-glib-data-3.26.4-3.fc38.x86_64 geocode-glib2-3.26.4-3.fc38.x86_64 gjs-1.76.0-1.fc38.x86_64 gnome-autoar-0.4.4-1.fc38.x86_64 gnome-backgrounds-44.0-1.fc38.noarch gnome-bluetooth-1:42.5-3.fc38.x86_64 gnome-bluetooth-libs-1:42.5-3.fc38.x86_64 gnome-browser-connector-42.1-2.fc38.x86_64 gnome-classic-session-44.0-1.fc38.noarch gnome-color-manager-3.36.0-9.fc38.x86_64 gnome-control-center-44.1-1.fc38.x86_64 gnome-control-center-filesystem-44.1-1.fc38.noarch gnome-desktop3-44.0-1.fc38.x86_64 gnome-desktop4-44.0-1.fc38.x86_64 gnome-disk-utility-44.0-1.fc38.x86_64 gnome-initial-setup-44.0-2.fc38.x86_64 gnome-menus-3.36.0-8.fc38.x86_64 gnome-online-accounts-3.48.0-1.fc38.x86_64 gnome-remote-desktop-44.1-1.fc38.x86_64 gnome-session-44.0-1.fc38.x86_64 gnome-session-wayland-session-44.0-1.fc38.x86_64 gnome-session-xsession-44.0-1.fc38.x86_64 gnome-settings-daemon-44.1-1.fc38.x86_64 gnome-shell-44.1-1.fc38.x86_64 gnome-shell-extension-apps-menu-44.0-1.fc38.noarch gnome-shell-extension-background-logo-44~beta-1.fc38.noarch gnome-shell-extension-common-44.0-1.fc38.noarch gnome-shell-extension-launch-new-instance-44.0-1.fc38.noarch gnome-shell-extension-places-menu-44.0-1.fc38.noarch gnome-shell-extension-window-list-44.0-1.fc38.noarch gnome-software-44.1-1.fc38.x86_64 gnome-software-rpm-ostree-44.1-1.fc38.x86_64 gnome-system-monitor-44.0-1.fc38.x86_64 gnome-terminal-3.48.1-1.fc38.x86_64 gnome-terminal-nautilus-3.48.1-1.fc38.x86_64 gnome-themes-extra-3.28-16.fc38.x86_64 gnome-tour-44.0-1.fc38.x86_64 gnome-user-docs-44.1-1.fc38.noarch gnome-user-share-43.0-2.fc38.x86_64 gsound-1.0.3-5.fc38.x86_64 gspell-1.12.1-1.fc38.x86_64 gst-editing-services-1.22.2-1.fc38.x86_64 gupnp-av-0.14.1-3.fc38.x86_64 gupnp-dlna-0.12.0-4.fc38.x86_64 gvfs-1.50.4-1.fc38.x86_64 gvfs-afc-1.50.4-1.fc38.x86_64 gvfs-afp-1.50.4-1.fc38.x86_64 gvfs-archive-1.50.4-1.fc38.x86_64 gvfs-client-1.50.4-1.fc38.x86_64 gvfs-fuse-1.50.4-1.fc38.x86_64 gvfs-goa-1.50.4-1.fc38.x86_64 gvfs-gphoto2-1.50.4-1.fc38.x86_64 gvfs-mtp-1.50.4-1.fc38.x86_64 gvfs-smb-1.50.4-1.fc38.x86_64 harfbuzz-icu-7.1.0-1.fc38.x86_64 httpd-2.4.57-1.fc38.x86_64 httpd-core-2.4.57-1.fc38.x86_64 httpd-filesystem-2.4.57-1.fc38.noarch httpd-tools-2.4.57-1.fc38.x86_64 javascriptcoregtk4.1-2.40.1-1.fc38.x86_64 javascriptcoregtk6.0-2.40.1-1.fc38.x86_64 julietaula-montserrat-fonts-1:7.222-4.fc38.noarch libadwaita-1.3.2-1.fc38.x86_64 libatomic-13.1.1-2.fc38.x86_64 libcdio-paranoia-10.2+2.0.1-8.fc38.x86_64 libcue-2.2.1-11.fc38.x86_64 libgdata-0.18.1-7.fc38.x86_64 libgee-0.20.6-2.fc38.x86_64 libgexiv2-0.14.0-5.fc38.x86_64 libgnomekbd-3.28.1-2.fc38.x86_64 libgrss-0.7.0-16.fc38.x86_64 libgsf-1.14.50-1.fc38.x86_64 libgtop2-2.41.1-1.fc38.x86_64 libgweather4-4.2.0-2.fc38.x86_64 libgxps-0.3.2-5.fc38.x86_64 libhandy-1.8.2-1.fc38.x86_64 libical-glib-3.0.16-3.fc38.x86_64 libiptcdata-1.0.5-13.fc38.x86_64 libmanette-0.2.6-6.fc38.x86_64 libmediaart-1.9.6-3.fc38.x86_64 libnma-1.10.6-2.fc38.x86_64 libnma-gtk4-1.10.6-2.fc38.x86_64 libosinfo-1.10.0-5.fc38.x86_64 libphonenumber-8.12.57-6.fc38.x86_64 libportal-0.6-6.fc38.x86_64 libportal-gtk4-0.6-6.fc38.x86_64 libsoup-2.74.3-2.fc38.x86_64 libwinpr-2:2.10.0-1.fc38.x86_64 libwnck3-43.0-4.fc38.x86_64 libwpe-1.14.0-2.fc38.x86_64 libxklavier-5.4-22.fc38.x86_64 mailcap-2.1.53-5.fc38.noarch malcontent-0.11.1-1.fc38.x86_64 malcontent-control-0.11.1-1.fc38.x86_64 malcontent-ui-libs-0.11.1-1.fc38.x86_64 mod_dnssd-0.6-28.fc38.x86_64 mod_http2-2.0.11-2.fc38.x86_64 mod_lua-2.4.57-1.fc38.x86_64 mozjs102-102.9.0-1.fc38.x86_64 mutter-44.1-1.fc38.x86_64 nautilus-44.1-2.fc38.x86_64 nautilus-extensions-44.1-2.fc38.x86_64 nm-connection-editor-1.30.0-3.fc38.x86_64 orca-44~rc-1.fc38.noarch osinfo-db-20230308-1.fc38.noarch osinfo-db-tools-1.10.0-6.fc38.x86_64 pcre2-utf32-10.42-1.fc38.1.x86_64 pinentry-gnome3-1.2.1-2.fc38.x86_64 pptp-1.10.0-16.fc38.x86_64 protobuf-3.19.6-2.fc38.x86_64 python3-brlapi-0.8.4-10.fc38.x86_64 python3-louis-3.25.0-1.fc38.noarch python3-speechd-0.11.4-2.fc38.x86_64 rest-0.9.1-6.fc38.x86_64 rygel-0.42.3-1.fc38.x86_64 sshpass-1.09-5.fc38.x86_64 startup-notification-0.12-25.fc38.x86_64 switcheroo-control-2.6-3.fc38.x86_64 texlive-lib-10:20220321-71.fc38.x86_64 totem-pl-parser-3.26.6-6.fc38.x86_64 totem-video-thumbnailer-1:43.0-2.fc38.x86_64 tracker-3.5.2-1.fc38.x86_64 tracker-miners-3.5.2-1.fc38.x86_64 uchardet-0.0.8-2.fc38.x86_64 usbmuxd-1.1.1-9.fc38.x86_64 vte-profile-0.72.1-1.fc38.x86_64 vte291-0.72.1-1.fc38.x86_64 webkit2gtk4.1-2.40.1-1.fc38.x86_64 webkitgtk6.0-2.40.1-1.fc38.x86_64 wpebackend-fdo-1.14.2-1.fc38.x86_64 xdg-desktop-portal-gnome-44.1-1.fc38.x86_64 xdg-user-dirs-gtk-0.11-2.fc38.x86_64 yelp-2:42.2-2.fc38.x86_64 yelp-libs-2:42.2-2.fc38.x86_64 yelp-xsl-42.1-2.fc38.noarch Added: PackageKit-Qt5-1.0.2-6.fc38.x86_64 accounts-qml-module-0.7-9.fc38.x86_64 adwaita-gtk2-theme-3.28-16.fc38.x86_64 aha-0.5.1-7.fc38.x86_64 appstream-qt-0.16.1-1.fc38.x86_64 ark-23.04.1-1.fc38.x86_64 ark-libs-23.04.1-1.fc38.x86_64 aspell-12:0.60.8-11.fc38.x86_64 baloo-widgets-23.04.1-1.fc38.x86_64 bcache-tools-1.1-4.fc38.x86_64 bluedevil-5.27.5-1.fc38.x86_64 boost-atomic-1.78.0-11.fc38.x86_64 boost-chrono-1.78.0-11.fc38.x86_64 boost-filesystem-1.78.0-11.fc38.x86_64 boost-program-options-1.78.0-11.fc38.x86_64 breeze-cursor-theme-5.27.5-1.fc38.noarch breeze-gtk-common-5.27.5-1.fc38.noarch breeze-gtk-gtk2-5.27.5-1.fc38.noarch breeze-gtk-gtk3-5.27.5-1.fc38.noarch breeze-gtk-gtk4-5.27.5-1.fc38.noarch breeze-icon-theme-5.106.0-1.fc38.noarch catdoc-0.95-14.fc38.x86_64 cfitsio-4.2.0-3.fc38.x86_64 chmlib-0.40-28.fc38.x86_64 clinfo-3.0.21.02.21-5.fc38.x86_64 cmake-filesystem-3.26.4-2.fc38.x86_64 colord-kde-23.04.1-1.fc38.x86_64 corosynclib-3.1.7-2.fc38.x86_64 cryfs-0.11.3-1.fc38.x86_64 dbus-x11-1:1.14.6-1.fc38.x86_64 dbusmenu-qt-0.9.3-0.30.20160218.fc38.x86_64 dbusmenu-qt5-0.9.3-0.30.20160218.fc38.x86_64 desktop-backgrounds-compat-38.0.0-2.fc38.noarch dlm-lib-4.2.0-2.fc38.x86_64 dmraid-1.0.0.rc16-55.fc38.x86_64 dmraid-events-1.0.0.rc16-55.fc38.x86_64 dmraid-libs-1.0.0.rc16-55.fc38.x86_64 docbook-dtds-1.0-81.fc38.noarch docbook-style-xsl-1.79.2-18.fc38.noarch dolphin-23.04.1-1.fc38.x86_64 dolphin-libs-23.04.1-1.fc38.x86_64 dolphin-plugins-23.04.1-1.fc38.x86_64 ebook-tools-libs-0.2.2-24.fc38.x86_64 editorconfig-libs-0.12.6-1.fc38.x86_64 egl-utils-8.5.0-1.fc38.x86_64 enchant2-aspell-2.3.4-1.fc38.x86_64 f2fs-tools-1.14.0-6.fc38.x86_64 f38-backgrounds-kde-38.1.1-1.fc38.noarch fatresize-1.1.0-7.fc38.x86_64 fedora-appstream-metadata-20230419-1.fc38.noarch fedora-chromium-config-kde-2.0-3.fc38.noarch fedora-release-identity-kinoite-38-35.noarch fedora-release-kinoite-38-35.noarch ffmpegthumbs-23.04.1-1.fc38.x86_64 filelight-1:23.04.1-1.fc38.x86_64 firewall-config-1.3.1-1.fc38.noarch flatpak-kcm-5.27.5-1.fc38.x86_64 fuse-encfs-1.9.5-16.fc38.x86_64 fuse-sshfs-3.7.3-3.fc38.x86_64 gnustep-base-libs-1.28.0-10.fc38.x86_64 google-noto-sans-fonts-20230201-1.fc38.noarch google-noto-sans-mono-fonts-20230201-1.fc38.noarch google-noto-serif-fonts-20230201-1.fc38.noarch gpgmepp-1.17.1-3.fc38.x86_64 gpsd-libs-1:3.25-2.fc38.x86_64 grantlee-qt5-5.3.1-1.fc38.x86_64 gtk2-2.24.33-13.fc38.x86_64 gtk2-engines-2.20.2-26.fc38.x86_64 gwenview-1:23.04.1-1.fc38.x86_64 gwenview-libs-1:23.04.1-1.fc38.x86_64 hfsutils-3.2.6-46.fc38.x86_64 hspell-1.4-17.fc38.x86_64 ibus-gtk2-1.5.28-4.fc38.x86_64 ibus-qt-1.3.4-6.fc38.x86_64 iceauth-1.0.9-3.fc38.x86_64 jfsutils-1.1.15-24.fc38.x86_64 kaccounts-integration-23.04.1-1.fc38.x86_64 kaccounts-providers-23.04.1-1.fc38.x86_64 kactivitymanagerd-5.27.5-1.fc38.x86_64 kamera-23.04.1-1.fc38.x86_64 kate-libs-23.04.1-1.fc38.x86_64 kcalc-23.04.1-1.fc38.x86_64 kcharselect-23.04.1-1.fc38.x86_64 kcolorpicker-0.2.0-3.fc38.x86_64 kde-cli-tools-5.27.5.1-1.fc38.x86_64 kde-connect-23.04.1-1.fc38.x86_64 kde-connect-libs-23.04.1-1.fc38.x86_64 kde-filesystem-4-69.fc38.x86_64 kde-gtk-config-5.27.5-1.fc38.x86_64 kde-partitionmanager-23.04.1-1.fc38.x86_64 kde-print-manager-23.04.1-1.fc38.x86_64 kde-print-manager-libs-23.04.1-1.fc38.x86_64 kde-settings-38.2-2.fc38.noarch kde-settings-plasma-38.2-2.fc38.noarch kde-settings-pulseaudio-38.2-2.fc38.noarch kde-settings-sddm-38.2-2.fc38.noarch kdeconnectd-23.04.1-1.fc38.x86_64 kdecoration-5.27.5-1.fc38.x86_64 kdegraphics-mobipocket-23.04.1-1.fc38.x86_64 kdegraphics-thumbnailers-23.04.1-1.fc38.x86_64 kdeplasma-addons-5.27.5-1.fc38.x86_64 kdesu-1:5.27.5.1-1.fc38.x86_64 kdialog-23.04.1-1.fc38.x86_64 kdnssd-23.04.1-1.fc38.x86_64 kdsoap-2.0.0-4.fc38.x86_64 keditbookmarks-23.04.1-1.fc38.x86_64 keditbookmarks-libs-23.04.1-1.fc38.x86_64 kf5-akonadi-server-23.04.1-1.fc38.x86_64 kf5-akonadi-server-mysql-23.04.1-1.fc38.x86_64 kf5-attica-5.106.0-1.fc38.x86_64 kf5-baloo-5.106.0-1.fc38.x86_64 kf5-baloo-file-5.106.0-1.fc38.x86_64 kf5-baloo-libs-5.106.0-1.fc38.x86_64 kf5-bluez-qt-5.106.0-1.fc38.x86_64 kf5-filesystem-5.106.0-1.fc38.x86_64 kf5-frameworkintegration-5.106.0-1.fc38.x86_64 kf5-frameworkintegration-libs-5.106.0-1.fc38.x86_64 kf5-kactivities-5.106.0-1.fc38.x86_64 kf5-kactivities-stats-5.106.0-1.fc38.x86_64 kf5-karchive-5.106.0-1.fc38.x86_64 kf5-kauth-5.106.0-1.fc38.x86_64 kf5-kbookmarks-5.106.0-1.fc38.x86_64 kf5-kcalendarcore-1:5.106.0-1.fc38.x86_64 kf5-kcmutils-5.106.0-1.fc38.x86_64 kf5-kcodecs-5.106.0-1.fc38.x86_64 kf5-kcompletion-5.106.0-1.fc38.x86_64 kf5-kconfig-core-5.106.0-1.fc38.x86_64 kf5-kconfig-gui-5.106.0-1.fc38.x86_64 kf5-kconfigwidgets-5.106.0-1.fc38.x86_64 kf5-kcontacts-1:5.106.0-1.fc38.x86_64 kf5-kcoreaddons-5.106.0-1.fc38.x86_64 kf5-kcrash-5.106.0-1.fc38.x86_64 kf5-kdbusaddons-5.106.0-1.fc38.x86_64 kf5-kdeclarative-5.106.0-1.fc38.x86_64 kf5-kded-5.106.0-1.fc38.x86_64 kf5-kdelibs4support-5.106.0-1.fc38.x86_64 kf5-kdelibs4support-libs-5.106.0-1.fc38.x86_64 kf5-kdesu-5.106.0-1.fc38.x86_64 kf5-kdnssd-5.106.0-1.fc38.x86_64 kf5-kdoctools-5.106.0-1.fc38.x86_64 kf5-kfilemetadata-5.106.0-1.fc38.x86_64 kf5-kglobalaccel-5.106.0-1.fc38.x86_64 kf5-kglobalaccel-libs-5.106.0-1.fc38.x86_64 kf5-kguiaddons-5.106.0-1.fc38.x86_64 kf5-kholidays-1:5.106.0-1.fc38.x86_64 kf5-khtml-5.106.0-1.fc38.x86_64 kf5-ki18n-5.106.0-1.fc38.x86_64 kf5-kiconthemes-5.106.0-1.fc38.x86_64 kf5-kidletime-5.106.0-1.fc38.x86_64 kf5-kimageformats-5.106.0-1.fc38.x86_64 kf5-kinit-5.106.0-1.fc38.x86_64 kf5-kio-core-5.106.0-1.fc38.x86_64 kf5-kio-core-libs-5.106.0-1.fc38.x86_64 kf5-kio-doc-5.106.0-1.fc38.noarch kf5-kio-file-widgets-5.106.0-1.fc38.x86_64 kf5-kio-gui-5.106.0-1.fc38.x86_64 kf5-kio-ntlm-5.106.0-1.fc38.x86_64 kf5-kio-widgets-5.106.0-1.fc38.x86_64 kf5-kio-widgets-libs-5.106.0-1.fc38.x86_64 kf5-kirigami2-5.106.0-1.fc38.x86_64 kf5-kirigami2-addons-1:0.8.0-1.fc38.x86_64 kf5-kitemmodels-5.106.0-1.fc38.x86_64 kf5-kitemviews-5.106.0-1.fc38.x86_64 kf5-kjobwidgets-5.106.0-1.fc38.x86_64 kf5-kjs-5.106.0-1.fc38.x86_64 kf5-knewstuff-5.106.0-1.fc38.x86_64 kf5-knotifications-5.106.0-1.fc38.x86_64 kf5-knotifyconfig-5.106.0-1.fc38.x86_64 kf5-kpackage-5.106.0-1.fc38.x86_64 kf5-kparts-5.106.0-1.fc38.x86_64 kf5-kpeople-5.106.0-1.fc38.x86_64 kf5-kpty-5.106.0-1.fc38.x86_64 kf5-kquickcharts-5.106.0-1.fc38.x86_64 kf5-krunner-5.106.0-1.fc38.x86_64 kf5-kservice-5.106.0-1.fc38.x86_64 kf5-ktexteditor-5.106.0-1.fc38.x86_64 kf5-ktextwidgets-5.106.0-1.fc38.x86_64 kf5-kunitconversion-5.106.0-1.fc38.x86_64 kf5-kwallet-5.106.0-1.fc38.x86_64 kf5-kwallet-libs-5.106.0-1.fc38.x86_64 kf5-kwayland-5.106.0-1.fc38.x86_64 kf5-kwidgetsaddons-5.106.0-1.fc38.x86_64 kf5-kwindowsystem-5.106.0-1.fc38.x86_64 kf5-kxmlgui-5.106.0-1.fc38.x86_64 kf5-kxmlrpcclient-5.106.0-1.fc38.x86_64 kf5-libkdcraw-23.04.1-1.fc38.x86_64 kf5-libkexiv2-23.04.1-1.fc38.x86_64 kf5-modemmanager-qt-5.106.0-1.fc38.x86_64 kf5-networkmanager-qt-5.106.0-1.fc38.x86_64 kf5-plasma-5.106.0-1.fc38.x86_64 kf5-prison-5.106.0-1.fc38.x86_64 kf5-purpose-5.106.0-1.fc38.x86_64 kf5-solid-5.106.0-1.fc38.x86_64 kf5-sonnet-core-5.106.0-1.fc38.x86_64 kf5-sonnet-ui-5.106.0-1.fc38.x86_64 kf5-syndication-1:5.106.0-1.fc38.x86_64 kf5-syntax-highlighting-5.106.0-1.fc38.x86_64 kf5-threadweaver-5.106.0-1.fc38.x86_64 kfind-23.04.1-1.fc38.x86_64 khelpcenter-1:23.04.1-1.fc38.x86_64 khotkeys-5.27.5-1.fc38.x86_64 kimageannotator-0.6.1-1.fc38.x86_64 kinfocenter-5.27.5-1.fc38.x86_64 kio-admin-23.04.1-1.fc38.x86_64 kio-extras-23.04.1-1.fc38.x86_64 kio-fuse-5.0.1-5.fc38.x86_64 kio-gdrive-23.04.1-1.fc38.x86_64 kmag-23.04.1-1.fc38.x86_64 kmenuedit-5.27.5-1.fc38.x86_64 kmousetool-23.04.1-1.fc38.x86_64 konsole5-23.04.1-1.fc38.x86_64 konsole5-part-23.04.1-1.fc38.x86_64 kpipewire-5.27.5-1.fc38.x86_64 kpmcore-23.04.1-1.fc38.x86_64 krfb-23.04.1-1.fc38.x86_64 krfb-libs-23.04.1-1.fc38.x86_64 kscreen-1:5.27.5-1.fc38.x86_64 kscreenlocker-5.27.5-1.fc38.x86_64 ksystemstats-5.27.5-1.fc38.x86_64 kuserfeedback-1.2.0-8.fc38.x86_64 kwalletmanager5-23.04.1-1.fc38.x86_64 kwayland-integration-5.27.5-1.fc38.x86_64 kwin-5.27.5-1.fc38.x86_64 kwin-common-5.27.5-1.fc38.x86_64 kwin-libs-5.27.5-1.fc38.x86_64 kwin-wayland-5.27.5-1.fc38.x86_64 kwin-x11-5.27.5-1.fc38.x86_64 kwrite-23.04.1-1.fc38.x86_64 kwrited-5.27.5-1.fc38.x86_64 layer-shell-qt-5.27.5-1.fc38.x86_64 libXaw-1.0.14-4.fc38.x86_64 libXxf86dga-1.1.5-10.fc38.x86_64 libaccounts-glib-1.25-11.fc38.x86_64 libaccounts-qt5-1.16-7.fc38.x86_64 libappindicator-gtk3-12.10.1-1.fc38.x86_64 libcanberra-gtk2-0.30-31.fc38.x86_64 libchewing-0.5.1-26.fc38.x86_64 libdbusmenu-16.04.0-21.fc38.x86_64 libdbusmenu-gtk3-16.04.0-21.fc38.x86_64 libdmtx-0.7.5-11.fc38.x86_64 libfakekey-0.3-13.fc38.x86_64 libkgapi-23.04.1-1.fc38.x86_64 libkscreen-qt5-5.27.5-1.fc38.x86_64 libksysguard-5.27.5-1.fc38.x86_64 libksysguard-common-5.27.5-1.fc38.x86_64 libkworkspace5-5.27.5-1.fc38.x86_64 libmarkdown-2.2.7-4.fc38.x86_64 libmng-2.0.3-17.fc38.x86_64 libobjc-13.1.1-2.fc38.x86_64 libqalculate-4.6.1-1.fc38.x86_64 libqb-2.0.6-5.fc38.x86_64 libvoikko-4.3.2-1.fc38.x86_64 lm_sensors-libs-3.6.0-13.fc38.x86_64 maliit-framework-2.3.0-3.fc38.x86_64 maliit-framework-qt5-2.3.0-3.fc38.x86_64 maliit-keyboard-2.3.1-4.fc38.x86_64 mariadb-3:10.5.19-2.fc38.x86_64 mariadb-backup-3:10.5.19-2.fc38.x86_64 mariadb-common-3:10.5.19-2.fc38.x86_64 mariadb-connector-c-3.3.4-2.fc38.x86_64 mariadb-connector-c-config-3.3.4-2.fc38.noarch mariadb-cracklib-password-check-3:10.5.19-2.fc38.x86_64 mariadb-errmsg-3:10.5.19-2.fc38.x86_64 mariadb-gssapi-server-3:10.5.19-2.fc38.x86_64 mariadb-server-3:10.5.19-2.fc38.x86_64 mariadb-server-utils-3:10.5.19-2.fc38.x86_64 media-player-info-23-12.fc38.noarch mysql-selinux-1.0.5-3.fc38.noarch net-tools-2.0-0.65.20160912git.fc38.x86_64 nilfs-utils-2.2.9-3.fc38.x86_64 ocfs2-tools-1.8.7-5.fc38.x86_64 okular-23.04.1-1.fc38.x86_64 okular-libs-23.04.1-1.fc38.x86_64 okular-part-23.04.1-1.fc38.x86_64 openal-soft-1.23.1-1.fc38.x86_64 oxygen-sounds-5.27.5-1.fc38.noarch p7zip-plugins-16.02-25.fc38.x86_64 pam-kwallet-5.27.5-1.fc38.x86_64 perl-AutoLoader-5.74-497.fc38.noarch perl-B-1.83-497.fc38.x86_64 perl-Carp-1.52-490.fc38.noarch perl-Class-Struct-0.66-497.fc38.noarch perl-DBD-MariaDB-1.22-4.fc38.x86_64 perl-DBI-1.643-15.fc38.x86_64 perl-Data-Dumper-2.184-491.fc38.x86_64 perl-Digest-1.20-490.fc38.noarch perl-Digest-MD5-2.58-490.fc38.x86_64 perl-DynaLoader-1.52-497.fc38.x86_64 perl-Encode-4:3.19-493.fc38.x86_64 perl-Errno-1.36-497.fc38.x86_64 perl-Exporter-5.77-490.fc38.noarch perl-Fcntl-1.15-497.fc38.x86_64 perl-File-Basename-2.85-497.fc38.noarch perl-File-Copy-2.39-497.fc38.noarch perl-File-Path-2.18-490.fc38.noarch perl-File-Temp-1:0.231.100-490.fc38.noarch perl-File-stat-1.12-497.fc38.noarch perl-FileHandle-2.03-497.fc38.noarch perl-Getopt-Long-1:2.54-2.fc38.noarch perl-Getopt-Std-1.13-497.fc38.noarch perl-HTTP-Tiny-0.082-2.fc38.noarch perl-IO-1.50-497.fc38.x86_64 perl-IO-Socket-IP-0.41-492.fc38.noarch perl-IO-Socket-SSL-2.081-1.fc38.noarch perl-IPC-Open3-1.22-497.fc38.noarch perl-MIME-Base64-3.16-490.fc38.x86_64 perl-Math-BigInt-1:1.9998.37-3.fc38.noarch perl-Math-BigRat-0.2624-3.fc38.noarch perl-Math-Complex-1.59-497.fc38.noarch perl-Mozilla-CA-20221114-2.fc38.noarch perl-NDBM_File-1.15-497.fc38.x86_64 perl-Net-SSLeay-1.92-5.fc38.x86_64 perl-POSIX-2.03-497.fc38.x86_64 perl-PathTools-3.84-490.fc38.x86_64 perl-Pod-Escapes-1:1.07-490.fc38.noarch perl-Pod-Perldoc-3.28.01-491.fc38.noarch perl-Pod-Simple-1:3.43-491.fc38.noarch perl-Pod-Usage-4:2.03-4.fc38.noarch perl-Scalar-List-Utils-5:1.63-490.fc38.x86_64 perl-SelectSaver-1.02-497.fc38.noarch perl-Socket-4:2.036-2.fc38.x86_64 perl-Storable-1:3.26-490.fc38.x86_64 perl-Symbol-1.09-497.fc38.noarch perl-Sys-Hostname-1.24-497.fc38.x86_64 perl-Term-ANSIColor-5.01-491.fc38.noarch perl-Term-Cap-1.18-1.fc38.noarch perl-Text-ParseWords-3.31-490.fc38.noarch perl-Text-Tabs+Wrap-2023.0511-1.fc38.noarch perl-Time-Local-2:1.300-490.fc38.noarch perl-URI-5.17-2.fc38.noarch perl-base-2.27-497.fc38.noarch perl-constant-1.33-491.fc38.noarch perl-if-0.61.000-497.fc38.noarch perl-interpreter-4:5.36.1-497.fc38.x86_64 perl-libnet-3.15-1.fc38.noarch perl-libs-4:5.36.1-497.fc38.x86_64 perl-locale-1.10-497.fc38.noarch perl-mro-1.26-497.fc38.x86_64 perl-overload-1.35-497.fc38.noarch perl-overloading-0.02-497.fc38.noarch perl-parent-1:0.241-1.fc38.noarch perl-podlators-1:5.01-2.fc38.noarch perl-vars-1.05-497.fc38.noarch phonon-qt5-4.11.1-11.fc38.x86_64 phonon-qt5-backend-gstreamer-2:4.10.0-9.fc38.x86_64 pinentry-qt-1.2.1-2.fc38.x86_64 plasma-breeze-5.27.5-1.fc38.x86_64 plasma-breeze-common-5.27.5-1.fc38.noarch plasma-browser-integration-5.27.5-1.fc38.x86_64 plasma-desktop-5.27.5-1.fc38.x86_64 plasma-desktop-doc-5.27.5-1.fc38.noarch plasma-discover-5.27.5-2.fc38.x86_64 plasma-discover-flatpak-5.27.5-2.fc38.x86_64 plasma-discover-libs-5.27.5-2.fc38.x86_64 plasma-discover-notifier-5.27.5-2.fc38.x86_64 plasma-discover-rpm-ostree-5.27.5-2.fc38.x86_64 plasma-disks-5.27.5-1.fc38.x86_64 plasma-drkonqi-5.27.5-1.fc38.x86_64 plasma-integration-5.27.5-1.fc38.x86_64 plasma-lookandfeel-fedora-5.27.5-1.fc38.noarch plasma-milou-5.27.5-1.fc38.x86_64 plasma-nm-5.27.5-1.fc38.x86_64 plasma-nm-openconnect-5.27.5-1.fc38.x86_64 plasma-nm-openvpn-5.27.5-1.fc38.x86_64 plasma-nm-vpnc-5.27.5-1.fc38.x86_64 plasma-pa-5.27.5-1.fc38.x86_64 plasma-systemmonitor-5.27.5-1.fc38.x86_64 plasma-systemsettings-5.27.5-1.fc38.x86_64 plasma-thunderbolt-5.27.5-1.fc38.x86_64 plasma-vault-5.27.5-1.fc38.x86_64 plasma-welcome-5.27.5-1.fc38.x86_64 plasma-workspace-5.27.5-1.fc38.x86_64 plasma-workspace-common-5.27.5-1.fc38.x86_64 plasma-workspace-geolocation-5.27.5-1.fc38.x86_64 plasma-workspace-geolocation-libs-5.27.5-1.fc38.x86_64 plasma-workspace-libs-5.27.5-1.fc38.x86_64 plasma-workspace-wallpapers-5.27.5-1.fc38.noarch plasma-workspace-wayland-5.27.5-1.fc38.x86_64 plasma-workspace-x11-5.27.5-1.fc38.x86_64 polkit-kde-5.27.5-1.fc38.x86_64 polkit-qt5-1-0.114.0-6.fc38.x86_64 poppler-qt5-23.02.0-1.fc38.x86_64 powerdevil-5.27.5-1.fc38.x86_64 pulseaudio-qt-1.3-4.fc38.x86_64 python3-tkinter-3.11.3-1.fc38.x86_64 qaccessibilityclient-0.4.1-5.fc38.x86_64 qca-qt5-2.3.4-5.fc38.x86_64 qca-qt5-ossl-2.3.4-5.fc38.x86_64 qqc2-desktop-style-5.106.0-1.fc38.x86_64 qt-1:4.8.7-71.fc38.x86_64 qt-at-spi-0.3.1-25.fc38.x86_64 qt-common-1:4.8.7-71.fc38.noarch qt-x11-1:4.8.7-71.fc38.x86_64 qt5-qdbusviewer-5.15.9-1.fc38.x86_64 qt5-qtbase-mysql-5.15.9-3.fc38.x86_64 qt5-qtfeedback-20180903gita14bd0b-6.fc38.x86_64 qt5-qtgraphicaleffects-5.15.9-1.fc38.x86_64 qt5-qtimageformats-5.15.9-1.fc38.x86_64 qt5-qtlocation-5.15.9-1.fc38.x86_64 qt5-qtmultimedia-5.15.9-1.fc38.x86_64 qt5-qtquickcontrols-5.15.9-1.fc38.x86_64 qt5-qtquickcontrols2-5.15.9-1.fc38.x86_64 qt5-qtsensors-5.15.9-1.fc38.x86_64 qt5-qtspeech-5.15.9-1.fc38.x86_64 qt5-qtspeech-speechd-5.15.9-1.fc38.x86_64 qt5-qtsvg-5.15.9-2.fc38.x86_64 qt5-qttools-5.15.9-1.fc38.x86_64 qt5-qttools-common-5.15.9-1.fc38.noarch qt5-qttools-libs-designer-5.15.9-1.fc38.x86_64 qt5-qtvirtualkeyboard-5.15.9-1.fc38.x86_64 qt5-qtwebchannel-5.15.9-1.fc38.x86_64 qt5-qtwebengine-5.15.12-5.fc38.x86_64 qt5-qtwebkit-5.212.0-0.75alpha4.fc38.x86_64 qt5-qtwebview-5.15.9-1.fc38.x86_64 re2-1:20220601-2.fc38.x86_64 sddm-0.19.0^git20230404.e652433-1.fc38.x86_64 sddm-breeze-5.27.5-1.fc38.noarch sddm-kcm-5.27.5-1.fc38.x86_64 sddm-wayland-plasma-5.27.5-1.fc38.noarch sgml-common-0.6.3-60.fc38.noarch sgpio-1.2.0.10-32.fc38.x86_64 signon-8.60-12.fc38.x86_64 signon-plugin-oauth2-0.24-6.fc38.x86_64 signon-ui-0.15-19.fc38.x86_64 smartmontools-1:7.3-5.fc38.x86_64 smartmontools-selinux-1:7.3-5.fc38.noarch sni-qt-0.2.7-0.12.20170217.fc38.x86_64 socat-1.7.4.4-2.fc38.x86_64 spdlog-1.11.0-5.fc38.x86_64 spectacle-23.04.1-1.fc38.x86_64 sqlite-3.40.1-2.fc38.x86_64 tinyxml2-9.0.0-2.fc38.x86_64 tk-1:8.6.12-4.fc38.x86_64 udftools-2.3-6.fc38.x86_64 unar-1.10.7-6.fc38.x86_64 voikko-fi-2.5-4.fc38.noarch vulkan-tools-1.3.243.0-1.fc38.x86_64 wayland-utils-1.1.0-2.fc38.x86_64 xapian-core-libs-1.4.20-2.fc38.x86_64 xcb-util-cursor-0.1.4-2.fc38.x86_64 xdg-desktop-portal-kde-5.27.5-1.fc38.x86_64 xdpyinfo-1.3.3-3.fc38.x86_64 xmessage-1.0.6-2.fc38.x86_64 xsetroot-1.1.2-6.fc38.x86_64 xsettingsd-1.0.2-5.fc38.x86_64 zxing-cpp-1.2.0-9.fc38.x86_64 ```

Now it broke again after i've upgraded to 38.20230527.0 with following changes

``` % rpm-ostree db diff [ 130 ] ostree diff commit from: rollback deployment (7f5bb0893bf9968d32516eb9c5c8aa9d5b6b8420bcff234ea01c63ff35fa76d5) ostree diff commit to: booted deployment (c30ce824a7aefb77bbaa16a3b282c72a418d10d566c8f8c9d5a57dd138cae77c) Upgraded: c-ares 1.19.0-1.fc38 -> 1.19.1-1.fc38 container-selinux 2:2.213.0-1.fc38 -> 2:2.215.0-2.fc38 edk2-ovmf 20230301gitf80f052277c8-4.fc38 -> 20230301gitf80f052277c8-26.fc38 exfatprogs 1.2.0-2.fc38 -> 1.2.1-1.fc38 fedora-chromium-config 2.0-3.fc38 -> 3.0-1.fc38 fedora-chromium-config-kde 2.0-3.fc38 -> 3.0-1.fc38 firefox 113.0.1-1.fc38 -> 113.0.1-4.fc38 firefox-langpacks 113.0.1-1.fc38 -> 113.0.1-4.fc38 fuse-overlayfs 1.10-3.fc38 -> 1.12-1.fc38 glib2 2.76.2-1.fc38 -> 2.76.3-1.fc38 gstreamer1 1.22.2-1.fc38 -> 1.22.3-1.fc38 gstreamer1-plugin-libav 1.22.2-1.fc38 -> 1.22.3-1.fc38 gstreamer1-plugins-bad-free 1.22.2-3.fc38 -> 1.22.3-1.fc38 gstreamer1-plugins-base 1.22.2-1.fc38 -> 1.22.3-1.fc38 gstreamer1-plugins-good 1.22.2-1.fc38 -> 1.22.3-1.fc38 gstreamer1-plugins-good-qt 1.22.2-1.fc38 -> 1.22.3-1.fc38 gstreamer1-plugins-ugly-free 1.22.2-1.fc38 -> 1.22.3-1.fc38 ibus 1.5.28-4.fc38 -> 1.5.28-5.fc38 ibus-gtk2 1.5.28-4.fc38 -> 1.5.28-5.fc38 ibus-gtk3 1.5.28-4.fc38 -> 1.5.28-5.fc38 ibus-gtk4 1.5.28-4.fc38 -> 1.5.28-5.fc38 ibus-libs 1.5.28-4.fc38 -> 1.5.28-5.fc38 ibus-setup 1.5.28-4.fc38 -> 1.5.28-5.fc38 iptables-libs 1.8.9-2.fc38 -> 1.8.9-4.fc38 iptables-nft 1.8.9-2.fc38 -> 1.8.9-4.fc38 librados2 2:17.2.6-2.fc38 -> 2:17.2.6-3.fc38 librbd1 2:17.2.6-2.fc38 -> 2:17.2.6-3.fc38 mariadb-connector-c 3.3.4-2.fc38 -> 3.3.5-1.fc38 mariadb-connector-c-config 3.3.4-2.fc38 -> 3.3.5-1.fc38 mesa-dri-drivers 23.0.3-3.fc38 -> 23.0.3-5.fc38 mesa-filesystem 23.0.3-3.fc38 -> 23.0.3-5.fc38 mesa-libEGL 23.0.3-3.fc38 -> 23.0.3-5.fc38 mesa-libGL 23.0.3-3.fc38 -> 23.0.3-5.fc38 mesa-libgbm 23.0.3-3.fc38 -> 23.0.3-5.fc38 mesa-libglapi 23.0.3-3.fc38 -> 23.0.3-5.fc38 mesa-libxatracker 23.0.3-3.fc38 -> 23.0.3-5.fc38 mesa-va-drivers 23.0.3-3.fc38 -> 23.0.3-5.fc38 mesa-vulkan-drivers 23.0.3-3.fc38 -> 23.0.3-5.fc38 microcode_ctl 2:2.1-54.fc38 -> 2:2.1-55.fc38 python-unversioned-command 3.11.3-1.fc38 -> 3.11.3-2.fc38 python3 3.11.3-1.fc38 -> 3.11.3-2.fc38 python3-libs 3.11.3-1.fc38 -> 3.11.3-2.fc38 python3-tkinter 3.11.3-1.fc38 -> 3.11.3-2.fc38 qpdf-libs 11.3.0-2.fc38 -> 11.4.0-1.fc38 rpm-ostree 2023.3-1.fc38 -> 2023.4-2.fc38 rpm-ostree-libs 2023.3-1.fc38 -> 2023.4-2.fc38 vim-data 2:9.0.1562-1.fc38 -> 2:9.0.1575-1.fc38 vim-minimal 2:9.0.1562-1.fc38 -> 2:9.0.1575-1.fc38 xapian-core-libs 1.4.20-2.fc38 -> 1.4.22-1.fc38 xen-libs 4.17.1-1.fc38 -> 4.17.1-2.fc38 xen-licenses 4.17.1-1.fc38 -> 4.17.1-2.fc38 Added: boost-iostreams-1.78.0-11.fc38.x86_64 ```

The command from before, the limit is not as low as i thought it would be

% podman inspect --format '{{ printf "%+v" .HostConfig.Ulimits }}' cec460321adf
[{Name:RLIMIT_NOFILE Soft:524288 Hard:524288} {Name:RLIMIT_NPROC Soft:111318 Hard:111318}]

Full rpm-ostree status

``` % rpm-ostree status State: idle Deployments: ● fedora:fedora/38/x86_64/kinoite Version: 38.20230527.0 (2023-05-27T00:49:56Z) BaseCommit: c483928e46a1f520761261d8d57370398e151386800defcb5553f0b481e0848d GPGSignature: Valid signature by 6A51BBABBA3D5467B6171221809A8D7CEB10B464 LayeredPackages: ddcutil distrobox libvirt openssl rpmfusion-free-release rpmfusion-nonfree-release virt-manager zsh fedora:fedora/38/x86_64/kinoite Version: 38.20230525.0 (2023-05-25T00:47:33Z) BaseCommit: 03dec287d500c6a73a49ca052fd71ede5a422632af6c8c77b2339e1ec7a61011 GPGSignature: Valid signature by 6A51BBABBA3D5467B6171221809A8D7CEB10B464 LayeredPackages: ddcutil distrobox libvirt openssl rpmfusion-free-release rpmfusion-nonfree-release virt-manager zsh Pinned: yes fedora:fedora/38/x86_64/silverblue Version: 38.20230520.0 (2023-05-20T00:45:00Z) BaseCommit: 81eeb69fc36fdc3a255620ed0f23e0777f621c0b6b8a43236858ebff6b8139dd GPGSignature: Valid signature by 6A51BBABBA3D5467B6171221809A8D7CEB10B464 RemovedBasePackages: gnome-software gnome-software-rpm-ostree 44.1-1.fc38 LayeredPackages: ddcutil distrobox gnome-shell-extension-appindicator kitty libvirt openssl rpmfusion-free-release rpmfusion-nonfree-release virt-manager zsh Pinned: yes ```

[sandorex]

I may have found a solution without having to recreate the containers, if someone else could confirm if this works for them too

I have booted back into kinoite 38.20230525.0 and even though the containers were created using that specific deployment they did not work, but running ulimit -a -S and ulimit -a -H showed different values than kinoite 38.20230527.0

For some reason hard limit for -u: processes was same as the soft limit of 111292 and when i increased it by adding following to /etc/security/limits.d/90-nproc.conf the containers worked fine

# this is an arbitrary number (3 times the original 111292)
* hard nproc 445168

[rgolangh]

Got the same on fedora silverblue 38 and a toolbox from a fedora 38 image. To work around it I exported the container and recreated the toolbox from that image.

podman container export fedora-toolbox-38 -o toolbox-f38.tar
podman import toolbox-38.tar toolbox-f38
toolbox create --image toolbox-f38

I didn't have any extra time to debug but would be happy to supply more info

18:13 $ uname -a
Linux  6.2.15-300.fc38.x86_64 #1 SMP PREEMPT_DYNAMIC Thu May 11 17:37:39 UTC 2023 x86_64 GNU/Linux

18:14 $ rpm -q podman toolbox
podman-4.5.0-1.fc38.x86_64
toolbox-0.0.99.4-1.fc38.x86_64

[sandorex]

@rgolangh could you check if ulimits changed you between updates? ulimit -a -S and ulimit -a -H on both deployments

[Cydox]

Upstream issue: https://github.com/containers/podman/issues/18714 WIP fix: https://github.com/containers/podman/pull/18721

[Cydox]

Upstream fix got merged https://github.com/containers/podman/issues/18714

[travier]

Thanks a lot @Cydox !

[juhp]

I overrode podman to 4.6.0-1.fc38 - all my (old) fedora toolbox containers seemed to have survived... but my recent f39 distrobox still hit this issue, sadly...

[Cydox]

@juhp What matters is the podman version that the container was created with. If your f39 distrobox was created with a podman version without the fix, it will still break if the ulimit -u decreases compared to when the container got created.

[juhp]

Thanks @Cydox for clarifying, much appreciated - was afraid that might be the case.

[ffseq]

I also am having the same problem on ublue + distrobox. None of my containers would start, followed by the same errors. I used @sandorex's podman --inspect command and found my ulimits nprocs were off by 5: Host: 127399 podman: 127404

Changing my /etc/security/limits.conf nproc to 127404 fixed it for me.

[tpopela]

Duplicate of https://github.com/containers/toolbox/issues/1312

[ikke-t]

This makes it work differently, it leads to this:

mount: /etc/machine-id: must be superuser to use mount.
       dmesg(1) may have more information after failed mount system call.
Error: failed to bind /etc/machine-id to /run/host/etc/machine-id

[travier]

This is another issue. Please file another issue here or upstream toolbox for investigation and tracking.

[travier]

This is fixed for new containers with podman 4.6 which landed in F37+. The workarounds for existing containers are in the first comment at the top. Closing.

[Elrondo46]

Problem returned with last version, same messsage. Have to recreate all pods to fix after kernel install

[travier]

Please file a new issue referencing this one