ubi9/httpd-24 dnf update breaks rootless run

[Jared-Sprague]

Container platform

Podman/Docker

Version

ubi9/httpd-24 podman version 5.2.2

OS version of the container image

RHEL 9

Bugzilla, Jira

No response

Description

When I update the the latest packages using dnf update -a in my container file, I can no longer run the container in rootless mode using podman. See my container file:

FROM registry.access.redhat.com/ubi9/httpd-24:latest
USER root
RUN dnf update -y && dnf clean all -y
USER default

And here is my podman run command and the error message:

podman run --rm -p 8080:8080 --name httpd -d httpd-updated:latest && podman logs -f httpd
189ab4ae8a7826d38f200d034281981fcd9c14e2181a1f04698c9a8353f51118
=> sourcing 10-set-mpm.sh ...
=> sourcing 20-copy-config.sh ...
=> sourcing 40-ssl-certs.sh ...
---> Generating SSL key pair for httpd...
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 192.168.0.151. Set the 'ServerName' directive globally to suppress this message
(13)Permission denied: AH00058: Error retrieving pid file run/httpd.pid
AH00059: Remove it before continuing if it is corrupted.

Note if I build the image without the dnf update -y line it works fine, it's only updating to the latest packages, that breaks rootless running.

Reproducer

build and run this image using podman in rootless mode:

Dockerfile

FROM registry.access.redhat.com/ubi9/httpd-24:latest
USER root
RUN dnf update -y && dnf clean all -y
USER default

Build with podman

podman build -t httpd -f ./Dockerfile

Run with podman rootless

podman run --rm -p 8080:8080 --name httpd-test -d httpd:latest && podman logs -f httpd-test