-
Notifications
You must be signed in to change notification settings - Fork 32
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Debian-based images "cannot enable executable stack as shared object requires" #82
Comments
This sounds similar to docker-library/redis#365 and docker-library/python#837. The default Debian just moved from Bullseye to Bookworm. So the root cause is likely You can continue to use the |
Thanks for the pointer. I have found a "fix" that consists in running |
Sorry for the delay 😭 I guess this is an SELinux denial then? That's not something we can really fix in the image, and I'm not familiar enough with SELinux to suggest a more secure way to bypass this than disabling it as you've done, unfortunately. 😞 |
Closing since there is not anything that can be done in the image to mitigate an SELinux denial. |
I am probably filing this issue in the wrong place, but I need pointers and I would appreciate any help.
The problem:
Similarly:
No earlier than 3 weeks ago, the 1.8.5-bullseye image worked fine. I have updated the host system (openSUSE microOS) multiple times since then. The issue affects Docker, Podman and Buildah (build command). EDIT: ..and Apptainer.
Interestingly, an Alpine-based image still works fine:
I do not have issues on another OS (Ubuntu:20.04), same Docker version (24.0.2). The kernels are fairly different though:
Another difference I am aware of is nvidia-container-toolkit installed on the microOS system only.
Clearly the issue comes from a common dependency of Docker, Podman and Buildah. EDIT2: Or a new SELinux rule?
I am still confused as to why only Debian-based Julia images are affected. Debian-based Python and Rust images work fine, for example.
Has anyone hit a similar problem on another OS? Should I report this to the openSUSE community?
The text was updated successfully, but these errors were encountered: