search

ublue-os / isogenerator

Creates an ISO for installing a container image as an OS
Apache License 2.0
15 stars 2 forks source link

Running with `podman` #36

Closed xynydev closed 8 months ago

xynydev commented 8 months ago

All the examples currently run with docker, but running with podman would be better for local runs on Fedora. I understand that this is something you want to support too, right? There are some issues with this still, however.

I tried to run with podman with the following command:

# image details:
IMAGE_REPO=ghcr.io/xynydev
IMAGE_NAME=linuxyz
IMAGE_TAG=latest
IMAGE_VARIANT=Silverblue
# installer details:
INSTALLER_VERSION=39
# iso command:
podman run --rm --privileged --volume .:/isogenerator/output \
-e IMAGE_REPO="$IMAGE_REPO" -e IMAGE_NAME="$IMAGE_NAME" -e IMAGE_TAG="$IMAGE_TAG" -e VARIANT="$IMAGE_VARIANT" \
ghcr.io/ublue-os/isogenerator:$INSTALLER_VERSION

And got the following error:

2024-02-25 15:23:01,099: template command error in runtime-install.tmpl:
2024-02-25 15:23:01,099:   run_pkg_transaction
2024-02-25 15:23:01,100:   subprocess.CalledProcessError: Command '['mount', '-t', 'devtmpfs', '-o', 'mode=0755,noexec,nosuid,strictatime', 'devtmpfs', '/var/tmp/lorax/lorax.fc2jdjgz/installtree/dev']' returned non-zero exit status 32.
Traceback (most recent call last):
  File "/usr/sbin/lorax", line 223, in <module>
    main()
  File "/usr/sbin/lorax", line 204, in main
    lorax.run(dnfbase, opts.product, opts.version, opts.release,
  File "/usr/lib/python3.12/site-packages/pylorax/__init__.py", line 268, in run
    rb.install()
  File "/usr/lib/python3.12/site-packages/pylorax/treebuilder.py", line 141, in install
    self._runner.run("runtime-install.tmpl")
  File "/usr/lib/python3.12/site-packages/pylorax/ltmpl.py", line 149, in run
    self._run(commands)
  File "/usr/lib/python3.12/site-packages/pylorax/ltmpl.py", line 168, in _run
    f(*args)
  File "/usr/lib/python3.12/site-packages/pylorax/ltmpl.py", line 722, in run_pkg_transaction
    with ProcMount(self.outroot):
  File "/usr/lib/python3.12/site-packages/pylorax/imgutils.py", line 493, in __enter__
    runcmd(["mount", "-t", "devtmpfs", "-o", "mode=0755,noexec,nosuid,strictatime", "devtmpfs", self.root + "/dev" ])
  File "/usr/lib/python3.12/site-packages/pylorax/executils.py", line 367, in runcmd
    return execWithRedirect(cmd[0], cmd[1:], **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3.12/site-packages/pylorax/executils.py", line 230, in execWithRedirect
    return _run_program(argv, stdin=stdin, stdout=stdout, root=root, env_prune=env_prune,
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3.12/site-packages/pylorax/executils.py", line 205, in _run_program
    raise subprocess.CalledProcessError(proc.returncode, argv, output)
subprocess.CalledProcessError: Command '['mount', '-t', 'devtmpfs', '-o', 'mode=0755,noexec,nosuid,strictatime', 'devtmpfs', '/var/tmp/lorax/lorax.fc2jdjgz/installtree/dev']' returned non-zero exit status 32.
2024-02-25 15:23:01,103: Cleaning up tempdir - /var/tmp/lorax/lorax.fc2jdjgz
Exception ignored in atexit callback: <function exit_handler at 0x7fb7768b2200>
Traceback (most recent call last):
  File "/usr/sbin/lorax", line 50, in exit_handler
    shutil.rmtree(tempdir)
  File "/usr/lib64/python3.12/shutil.py", line 769, in rmtree
    _rmtree_safe_fd(fd, path, onexc)
  File "/usr/lib64/python3.12/shutil.py", line 674, in _rmtree_safe_fd
    _rmtree_safe_fd(dirfd, fullname, onexc)
  File "/usr/lib64/python3.12/shutil.py", line 674, in _rmtree_safe_fd
    _rmtree_safe_fd(dirfd, fullname, onexc)
  File "/usr/lib64/python3.12/shutil.py", line 674, in _rmtree_safe_fd
    _rmtree_safe_fd(dirfd, fullname, onexc)
  [Previous line repeated 1 more time]
  File "/usr/lib64/python3.12/shutil.py", line 697, in _rmtree_safe_fd
    onexc(os.unlink, fullname, err)
  File "/usr/lib64/python3.12/shutil.py", line 695, in _rmtree_safe_fd
    os.unlink(entry.name, dir_fd=topfd)
PermissionError: [Errno 13] Permission denied: 'Stats'
make: *** [Makefile:65: boot.iso] Error 1

I tried adding the --security-opt label=disable --pull=newer cli args, as I've used those previously when running a temporary container locally that bind-mounts to pwd, but that didn't change anything.

noelmiller commented 8 months ago

See this issue as well: https://github.com/ublue-os/isogenerator/issues/22

I would definitely love to support podman given it's focus in Fedora. I do think part of it is a general limitation of using loop devices with containers and that might have to be an upstream thing that they need to fix.

xynydev commented 8 months ago

I saw the issue you linked, I too got that with docker, and the fix worked. This is some separate issue related to some permissions when mounting devtmpfs, though.

noelmiller commented 8 months ago

Podman requires sudo to run with the new fix we just included in the Containerfile. I'm going to close this issue.