search

fedora-silverblue / issue-tracker

Fedora Silverblue issue tracker
https://fedoraproject.org/atomic-desktops/silverblue/
125 stars 3 forks source link

Cannot use toolbox with a secondary user #564

Closed MasinAD closed 1 month ago

MasinAD commented 1 month ago

Describe the bug toolbox create can't detect podman version.

The machine has two accounts at the moment. The first one was created on installation and serves as an administrative account for members of the IT team. The second one is my personal account used for daily work, but it's still member of wheel.

masin.wiedner@wmde-103180:~$ toolbox create
Error: failed to get the Podman version
masin.wiedner@wmde-103180:~$ groups
masin.wiedner wheel

The same commands with the wmde administrative account:

wmde@wmde-103180:~$ toolbox create
Image required to create toolbox container.
Download registry.fedoraproject.org/fedora-toolbox:40 (369.1MB)? [y/N]: 
wmde@wmde-103180:~$ groups
wmde wheel

To Reproduce I do not know if this is reproducible in this way.

  1. Install Silverblue 40
  2. Create an account on installation
  3. Create a second account with system management privileges

Expected behavior I expect there to be no difference between the two users

OS version:

State: idle
BootedDeployment:
● fedora:fedora/40/x86_64/silverblue
                  Version: 40.20240522.0 (2024-05-22T00:58:59Z)
               BaseCommit: f4e339b385beb28685580790296a05876b04c8dfde93f563531f508c7a0e861e
             GPGSignature: Valid signature by 115DF9AEF857853EE8445D0A0727707EA15B79CC
          LayeredPackages: clevis clevis-dracut clevis-luks clevis-systemd libxcrypt-compat
                           puppet rubygem-rexml
                Initramfs: -a tpm2-tss -I /etc/vconsole.conf
juhp commented 1 month ago

Note toolbox uses rootless containers and doesn't require any privileges like wheel to work normally.

MasinAD commented 1 month ago

@juhp I think the question is why those two accounts behave differently although they are configured the same. At least at a quick glance.

owtaylor commented 1 month ago
MasinAD commented 1 month ago

I admit it might be my fault as I migrated my Ubuntu home directory to my Silverblue home directory. At least that's my working hypothesis at the moment because of this:

masin.wiedner@wmde-103180:~$ toolbox -v create
DEBU Running as real user ID 1001                 
DEBU Resolved absolute path to the executable as /usr/bin/toolbox 
DEBU Running on a cgroups v2 host                 
DEBU Looking up sub-GID and sub-UID ranges for user masin.wiedner 
DEBU TOOLBOX_PATH is /usr/bin/toolbox             
DEBU Migrating to newer Podman                    
DEBU Toolbox config directory is /var/home/masin.wiedner/.config/toolbox 
Error: database libpod root directory (staticdir) "" does not match our libpod root directory (staticdir) "/var/home/masin.wiedner/.local/share/containers/storage/libpod": database configuration mismatch
DEBU Migrating to newer Podman: failed to get the Podman version: failed to invoke podman(1) 
Error: failed to get the Podman version

Although I never used toolbox on Ubuntu before, I thought starting with a fresh config dir might help. At least, it can't get any worse, can it?

masin.wiedner@wmde-103180:~$ rm -rf ~/.local/share/containers/
masin.wiedner@wmde-103180:~$ toolbox -v create
DEBU Running as real user ID 1001                 
DEBU Resolved absolute path to the executable as /usr/bin/toolbox 
DEBU Running on a cgroups v2 host                 
DEBU Looking up sub-GID and sub-UID ranges for user masin.wiedner 
DEBU TOOLBOX_PATH is /usr/bin/toolbox             
DEBU Migrating to newer Podman                    
DEBU Toolbox config directory is /var/home/masin.wiedner/.config/toolbox 
cannot write to file descriptor: No space left on device
Error: setting up the process: open /run/user/1001/libpod/tmp/pause.pid: no such file or directory
DEBU Migrating to newer Podman: failed to get the Podman version: failed to invoke podman(1) 
Error: failed to get the Podman version

Well, it's consistent in failing to get the Podman version. But "no space left on device"?

masin.wiedner@wmde-103180:~/.var/app/com.vivaldi.Vivaldi/config/vivaldi$ LANG=C df -h
Filesystem      Size  Used Avail Use% Mounted on
/dev/dm-0       930G  179G  750G  20% /sysroot
devtmpfs        4.0M     0  4.0M   0% /dev
tmpfs            14G   84K   14G   1% /dev/shm
efivarfs        148K   55K   89K  39% /sys/firmware/efi/efivars
tmpfs           5.5G   11M  5.5G   1% /run
/dev/dm-0       930G  179G  750G  20% /var
tmpfs            14G  9.2M   14G   1% /tmp
/dev/dm-0       930G  179G  750G  20% /var/home
/dev/nvme0n1p2  974M  347M  561M  39% /boot
/dev/nvme0n1p1  599M   13M  587M   3% /boot/efi
tmpfs           2.8G  2.8G     0 100% /run/user/1001

FWIW, I also ran the podman command before and after removing the config directory

masin.wiedner@wmde-103180:~$ podman run -it --rm fedora:40
Error: database libpod root directory (staticdir) "" does not match our libpod root directory (staticdir) "/var/home/masin.wiedner/.local/share/containers/storage/libpod": database configuration mismatch

and

masin.wiedner@wmde-103180:~$ podman run -it --rm fedora:40
cannot write to file descriptor: No space left on device
Error: setting up the process: open /run/user/1001/libpod/tmp/pause.pid: no such file or directory

It shows the same errors as toolbox above, without all the surrounding fluff.

To ensure that it's not some remnants of my Ubuntu homedir, I just created a similar account. There it works as intended. I guess we can close this ticket. Sorry for bothering you. Any hints on where to get help to debug this?

MasinAD commented 1 month ago

One reboot later it works for my user. I don't know what changed but maybe there was some service that got restarted which then picked up the deleted config dir. But there were several issues caused by suspending and waking up the laptop so we'll never know.