Couldn't create policy: 'Source' (v0.1.9, Podman v1.0.5, RHEL 8.0) #43
Comments
|
Might have to wait til podman1.4.4 which will be released in RHEL 8.1 |
|
could you officially document the supported Podman versions and Docker versions? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug
udica v0.1.9 doesn't work with Podman v1.0.5 included in RHEL 8.0
To Reproduce
$ podman run -it --name foo --rm -v /root:/root2 centosExpected behavior
It should work
Additional context
foo.json[ { "ID": "25a1e040fd7cfa83061756c8228f3e65a085e3f688aebbd1096bad2611e3d7fb", "Created": "2019-09-17T03:25:25.843359189+09:00", "Path": "/bin/bash", "Args": [ "/bin/bash" ], "State": { "OciVersion": "1.0.1-dev", "Status": "running", "Running": true, "Paused": false, "Restarting": false, "OOMKilled": false, "Dead": false, "Pid": 120464, "ExitCode": 0, "Error": "", "StartedAt": "2019-09-17T03:25:26.198201953+09:00", "FinishedAt": "0001-01-01T00:00:00Z" }, "Image": "67fa590cfc1c207c30b837528373f819f6262c884b7e69118d060a0c04d70ab8", "ImageName": "docker.io/library/centos:latest", "Rootfs": "", "ResolvConfPath": "/var/run/containers/storage/overlay-containers/25a1e040fd7cfa83061756c8228f3e65a085e3f688aebbd1096bad2611e3d7fb/userdata/resolv.conf", "HostnamePath": "/var/run/containers/storage/overlay-containers/25a1e040fd7cfa83061756c8228f3e65a085e3f688aebbd1096bad2611e3d7fb/userdata/hostname", "HostsPath": "/var/run/containers/storage/overlay-containers/25a1e040fd7cfa83061756c8228f3e65a085e3f688aebbd1096bad2611e3d7fb/userdata/hosts", "StaticDir": "/var/lib/containers/storage/overlay-containers/25a1e040fd7cfa83061756c8228f3e65a085e3f688aebbd1096bad2611e3d7fb/userdata", "LogPath": "/var/lib/containers/storage/overlay-containers/25a1e040fd7cfa83061756c8228f3e65a085e3f688aebbd1096bad2611e3d7fb/userdata/ctr.log", "Name": "foo", "RestartCount": 0, "Driver": "overlay", "MountLabel": "system_u:object_r:container_file_t:s0:c481,c549", "ProcessLabel": "system_u:system_r:container_t:s0:c481,c549", "AppArmorProfile": "", "EffectiveCaps": [ "CAP_CHOWN", "CAP_DAC_OVERRIDE", "CAP_FSETID", "CAP_FOWNER", "CAP_MKNOD", "CAP_NET_RAW", "CAP_SETGID", "CAP_SETUID", "CAP_SETFCAP", "CAP_SETPCAP", "CAP_NET_BIND_SERVICE", "CAP_SYS_CHROOT", "CAP_KILL", "CAP_AUDIT_WRITE" ], "BoundingCaps": [ "CAP_CHOWN", "CAP_DAC_OVERRIDE", "CAP_FSETID", "CAP_FOWNER", "CAP_MKNOD", "CAP_NET_RAW", "CAP_SETGID", "CAP_SETUID", "CAP_SETFCAP", "CAP_SETPCAP", "CAP_NET_BIND_SERVICE", "CAP_SYS_CHROOT", "CAP_KILL", "CAP_AUDIT_WRITE" ], "ExecIDs": [], "GraphDriver": { "Name": "overlay", "Data": { "LowerDir": "/var/lib/containers/storage/overlay/877b494a9f30e74e61b441ed84bb74b14e66fb9cc321d83f3a8a19c60d078654/diff", "MergedDir": "/var/lib/containers/storage/overlay/a4365f4d1fa69e6cf93009c8a324868c48a67e62f3b74da46bd5a94be40c81e4/merged", "UpperDir": "/var/lib/containers/storage/overlay/a4365f4d1fa69e6cf93009c8a324868c48a67e62f3b74da46bd5a94be40c81e4/diff", "WorkDir": "/var/lib/containers/storage/overlay/a4365f4d1fa69e6cf93009c8a324868c48a67e62f3b74da46bd5a94be40c81e4/work" } }, "Mounts": [ { "destination": "/sys", "type": "sysfs", "source": "sysfs", "options": [ "nosuid", "noexec", "nodev", "ro" ] }, { "destination": "/proc", "type": "proc", "source": "proc", "options": [ "nosuid", "noexec", "nodev" ] }, { "destination": "/dev", "type": "tmpfs", "source": "tmpfs", "options": [ "nosuid", "strictatime", "mode=755", "size=65536k" ] }, { "destination": "/root2", "type": "bind", "source": "/root", "options": [ "rbind", "rw", "rprivate" ] }, { "destination": "/etc/resolv.conf", "type": "bind", "source": "/var/run/containers/storage/overlay-containers/25a1e040fd7cfa83061756c8228f3e65a085e3f688aebbd1096bad2611e3d7fb/userdata/resolv.conf", "options": [ "bind", "private" ] }, { "destination": "/dev/mqueue", "type": "mqueue", "source": "mqueue", "options": [ "nosuid", "noexec", "nodev" ] }, { "destination": "/dev/pts", "type": "devpts", "source": "devpts", "options": [ "nosuid", "noexec", "newinstance", "ptmxmode=0666", "mode=0620", "gid=5" ] }, { "destination": "/etc/hosts", "type": "bind", "source": "/var/run/containers/storage/overlay-containers/25a1e040fd7cfa83061756c8228f3e65a085e3f688aebbd1096bad2611e3d7fb/userdata/hosts", "options": [ "bind", "private" ] }, { "destination": "/dev/shm", "type": "bind", "source": "overlay-containers", "options": [ "bind", "private" ] }, { "destination": "/etc/hostname", "type": "bind", "source": "/var/run/containers/storage/overlay-containers/25a1e040fd7cfa83061756c8228f3e65a085e3f688aebbd1096bad2611e3d7fb/userdata/hostname", "options": [ "bind", "private" ] }, { "destination": "/run/.containerenv", "type": "bind", "source": "/var/run/containers/storage/overlay-containers/25a1e040fd7cfa83061756c8228f3e65a085e3f688aebbd1096bad2611e3d7fb/userdata/.containerenv", "options": [ "bind", "private" ] }, { "destination": "/run/secrets", "type": "bind", "source": "/var/run/containers/storage/overlay-containers/25a1e040fd7cfa83061756c8228f3e65a085e3f688aebbd1096bad2611e3d7fb/userdata/run/secrets", "options": [ "bind", "private" ] }, { "destination": "/sys/fs/cgroup", "type": "cgroup", "source": "cgroup", "options": [ "rprivate", "nosuid", "noexec", "nodev", "relatime", "ro" ] } ], "Dependencies": [], "NetworkSettings": { "Bridge": "", "SandboxID": "", "HairpinMode": false, "LinkLocalIPv6Address": "", "LinkLocalIPv6PrefixLen": 0, "Ports": [], "SandboxKey": "/var/run/netns/cni-903f4326-e4e4-852c-7bad-a87dc0a72550", "SecondaryIPAddresses": null, "SecondaryIPv6Addresses": null, "EndpointID": "", "Gateway": "10.88.0.1", "GlobalIPv6Address": "", "GlobalIPv6PrefixLen": 0, "IPAddress": "10.88.0.73", "IPPrefixLen": 16, "IPv6Gateway": "", "MacAddress": "52:29:38:0b:83:16" }, "ExitCommand": null, "Namespace": "", "IsInfra": false, "HostConfig": { "ContainerIDFile": "", "LogConfig": null, "NetworkMode": "bridge", "PortBindings": null, "AutoRemove": true, "CapAdd": [], "CapDrop": [], "DNS": [], "DNSOptions": [], "DNSSearch": [], "ExtraHosts": null, "GroupAdd": null, "IpcMode": "", "Cgroup": "host", "OomScoreAdj": 0, "PidMode": "", "Privileged": false, "PublishAllPorts": false, "ReadonlyRootfs": false, "SecurityOpt": [], "UTSMode": "", "UsernsMode": "", "ShmSize": 65536000, "Runtime": "runc", "ConsoleSize": null, "CpuShares": null, "Memory": 0, "NanoCpus": 0, "CgroupParent": "", "BlkioWeight": null, "BlkioWeightDevice": null, "BlkioDeviceReadBps": null, "BlkioDeviceWriteBps": null, "BlkioDeviceReadIOps": null, "BlkioDeviceWriteIOps": null, "CpuPeriod": null, "CpuQuota": null, "CpuRealtimePeriod": null, "CpuRealtimeRuntime": null, "CpuSetCpus": "", "CpuSetMems": "", "Devices": null, "DiskQuota": 0, "KernelMemory": null, "MemoryReservation": null, "MemorySwap": null, "MemorySwappiness": null, "OomKillDisable": false, "PidsLimit": null, "Ulimits": [], "CpuCount": 0, "CpuPercent": 0, "IOMaximumIOps": 0, "IOMaximumBandwidth": 0, "Tmpfs": [] }, "Config": { "Hostname": "", "Domainname": "", "User": { "uid": 0, "gid": 0 }, "AttachStdin": false, "AttachStdout": false, "AttachStderr": false, "Tty": true, "OpenStdin": true, "StdinOnce": false, "Env": [ "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", "TERM=xterm", "HOSTNAME=", "container=podman" ], "Cmd": [ "/bin/bash" ], "Image": "docker.io/library/centos:latest", "Volumes": null, "WorkingDir": "/", "Entrypoint": "", "Labels": { "org.label-schema.build-date": "20190801", "org.label-schema.license": "GPLv2", "org.label-schema.name": "CentOS Base Image", "org.label-schema.schema-version": "1.0", "org.label-schema.vendor": "CentOS" }, "Annotations": { "io.kubernetes.cri-o.ContainerType": "sandbox", "io.kubernetes.cri-o.TTY": "true" }, "StopSignal": 15 } } ]The text was updated successfully, but these errors were encountered: