New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fedora gating test failures #7766
Comments
@rhatdan that's caused by
in contianers.conf. Commenting out solves the issue on my end. |
This is not an issue with the sysctls, but more of an issue with usernamespace support for them. Could be a kernel issue or in our code. |
Ok Now I see it. The issue is that we have asked for a range of UIDs within the container that is not available. I could change the default to be just one, which would be the safest, or could allocate 1000. The goal of this sysctl is just to allow non root users to be able to ping. |
This should be a fedora bug not an issue. |
Can you elaborate? |
containers.conf needs to be changed that is shipped with Fedora. To not use 65k range. |
This is basically a containers-common bug |
Agreed. |
so would it suffice to have podman depend on containers-common from ^ or do we need any other change? I think we should add this skopeo build to the same podman bodhi. |
Fly-by comment:
I just wanted to point out that |
Sure but that does not get inherited by containers in new network namespaces. |
-net.ipv4.ping_group_range = 0 2147483647 Would definitely not work within a user namespace. I wonder if we should hack out the default SYSCTLS to allow the size to be customizable.
And then this would be set based on the user namespace of the container. Then it would always work |
Ok, understood. |
Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)
/kind bug
Description
Fedora gating tests are currently failing.
Steps to reproduce the issue:
/usr/bin/podman run --uidmap 0:10000:10000 quay.io/libpod/testimage:20200902 true
Complete log at https://paste.centos.org/view/e6f829d2
Describe the results you received:
Describe the results you expected:
No error (I guess)
Additional information you deem important (e.g. issue happens only occasionally):
Consistent
Output of
podman version
:Output of
podman info --debug
:Package info (e.g. output of
rpm -q podman
orapt list podman
):Have you tested with the latest version of Podman and have you checked the Podman Troubleshooting Guide?
Yes, happens on upstream master as well.
Additional environment details (AWS, VirtualBox, physical, etc.):
local f33 with btrfs, but happens on fedora's gating infra as well.
The text was updated successfully, but these errors were encountered: