Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

buildah commit fails with 'permission denied' #455

Closed
swick opened this issue May 23, 2020 · 1 comment
Closed

buildah commit fails with 'permission denied' #455

swick opened this issue May 23, 2020 · 1 comment

Comments

@swick
Copy link
Contributor

swick commented May 23, 2020

Buildah in the Fedora 32 toolbox image fails to commit with some base images. For example alpine works, nginx doesn't:

⬢[swick@toolbox]$ buildah from alpine
alpine-working-container
⬢[swick@toolbox]$ buildah copy alpine-working-container test
60554a3351b12c9473213d0c0c4783d9c0484dec2c040800835ef0f9b0a9b160
⬢[swick@toolbox]$ buildah commit alpine-working-container
Getting image source signatures
Copying blob 3e207b409db3 skipped: already exists  
Copying blob 5520e6be4fe0 done  
Copying config f3d3003351 done  
Writing manifest to image destination
Storing signatures
f3d3003351220e36d8522abbedc64b41f800c57b9d6f3362daebcf3b187f25b7

⬢[swick@toolbox]$ buildah from nginx
nginx-working-container
⬢[swick@toolbox]$ buildah copy nginx-working-container test
60554a3351b12c9473213d0c0c4783d9c0484dec2c040800835ef0f9b0a9b160
⬢[swick@toolbox]$ buildah commit nginx-working-container
error committing container "nginx-working-container" to "": error copying layers and metadata for container "65a6f329989307494682e8a464f09520d1181f78e5af6f8dc07cdc8f6637a4a4": Error initializing source containers-storage:nginx-working-container: error extracting layer "5cba60c30851229f30014e19a96ddc9c658f1e16ae987f83db12ae5ffd0439d8": permission denied
ERRO exit status 1

buildah containers also fails (this was already reported in #312 but other errors are different)

⬢[swick@toolbox]$ buildah containers 
CONTAINER ID  BUILDER  IMAGE ID     IMAGE NAME                       CONTAINER NAME
error reading build containers: error reading "/var/home/swick/.var/containers/storage/overlay-containers/069e7a0fb5a45883529cb49f0803f96463493231218a8610936e018e0e22bd99/userdata/buildah.json": open /var/home/swick/.var/containers/storage/overlay-containers/069e7a0fb5a45883529cb49f0803f96463493231218a8610936e018e0e22bd99/userdata/buildah.json: permission denied
ERRO exit status 1

host podman info

host:
  arch: amd64
  buildahVersion: 1.14.8
  cgroupVersion: v2
  conmon:
    package: conmon-2.0.15-1.fc32.x86_64
    path: /usr/bin/conmon
    version: 'conmon version 2.0.15, commit: 33da5ef83bf2abc7965fc37980a49d02fdb71826'
  cpus: 8
  distribution:
    distribution: fedora
    version: "32"
  eventLogger: file
  hostname: sebastian-pc
  idMappings:
    gidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 65536
    uidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 65536
  kernel: 5.6.11-300.fc32.x86_64
  memFree: 1113657344
  memTotal: 12536070144
  ociRuntime:
    name: crun
    package: crun-0.13-2.fc32.x86_64
    path: /usr/bin/crun
    version: |-
      crun version 0.13
      commit: e79e4de4ac16da0ce48777afb72c6241de870525
      spec: 1.0.0
      +SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +YAJL
  os: linux
  rootless: true
  slirp4netns:
    executable: /usr/bin/slirp4netns
    package: slirp4netns-1.0.0-1.fc32.x86_64
    version: |-
      slirp4netns version 1.0.0
      commit: a3be729152a33e692cd28b52f664defbf2e7810a
      libslirp: 4.2.0
  swapFree: 5311819776
  swapTotal: 6354366464
  uptime: 169h 51m 20.77s (Approximately 7.04 days)
registries:
  localhost:5000:
    Blocked: false
    Insecure: true
    Location: localhost:5000
    MirrorByDigestOnly: false
    Mirrors: []
    Prefix: localhost:5000
  search:
  - registry.fedoraproject.org
  - registry.access.redhat.com
  - registry.centos.org
  - docker.io
store:
  configFile: /var/home/swick/.config/containers/storage.conf
  containerStore:
    number: 3
    paused: 0
    running: 3
    stopped: 0
  graphDriverName: overlay
  graphOptions:
    overlay.mount_program:
      Executable: /usr/bin/fuse-overlayfs
      Package: fuse-overlayfs-1.0.0-1.fc32.x86_64
      Version: |-
        fusermount3 version: 3.9.1
        fuse-overlayfs: version 1.0.0
        FUSE library version 3.9.1
        using FUSE kernel interface version 7.31
  graphRoot: /var/home/swick/.var/containers/storage
  graphStatus:
    Backing Filesystem: extfs
    Native Overlay Diff: "false"
    Supports d_type: "true"
    Using metacopy: "false"
  imageStore:
    number: 6
  runRoot: /tmp/1000
  volumePath: /var/home/swick/.var/containers/storage/volumes

toolbox buildah info

{
    "host": {
        "CgroupVersion": "v2",
        "Distribution": {
            "distribution": "fedora",
            "version": "32"
        },
        "MemTotal": 12536070144,
        "MenFree": 1069821952,
        "OCIRuntime": "crun",
        "SwapFree": 5311819776,
        "SwapTotal": 6354366464,
        "arch": "amd64",
        "cpus": 8,
        "hostname": "toolbox",
        "kernel": "5.6.11-300.fc32.x86_64",
        "os": "linux",
        "rootless": true,
        "uptime": "169h 52m 41.21s (Approximately 7.04 days)"
    },
    "store": {
        "ContainerStore": {
            "number": 4
        },
        "GraphDriverName": "overlay",
        "GraphOptions": [
            "overlay.mount_program=/usr/bin/fuse-overlayfs",
            "overlay.mount_program=/usr/bin/fuse-overlayfs"
        ],
        "GraphRoot": "/var/home/swick/.var/containers/storage",
        "GraphStatus": {
            "Backing Filesystem": "extfs",
            "Native Overlay Diff": "false",
            "Supports d_type": "true",
            "Using metacopy": "false"
        },
        "ImageStore": {
            "number": 6
        },
        "RunRoot": "/tmp/1000"
    }
}
@debarshiray
Copy link
Member

Duplicate of #312

@debarshiray debarshiray marked this as a duplicate of #312 Jun 25, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@swick @debarshiray