Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

IPAM error: failed to open database /run/user/1000/containers/networks/ipam.db #14606

Closed
Ristovski opened this issue Jun 15, 2022 · 27 comments
Closed

IPAM error: failed to open database /run/user/1000/containers/networks/ipam.db #14606

Ristovski opened this issue Jun 15, 2022 · 27 comments
Assignees
@rhatdan
Labels
kind/bug Categorizes issue or PR as related to a bug. locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments.

Comments

@Ristovski
Copy link

Ristovski commented Jun 15, 2022
edited
Loading

Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)

/kind bug

Description

Starting a rootless container returns the following error:

Error: unable to start container 57fa8deff8938fe7e39843f1cacd5211e6ff0e1c6c3e1a83c2fd914a72e14526: IPAM error: failed to open database /run/user/1000/containers/networks/ipam.db: open /run/user/1000/containers/networks/ipam.db: no such file or directory
exit code: 125

The file indeed does not exist:

$ ls -lh /run/user/1000/containers/networks/ipam.db
ls: cannot access '/run/user/1000/containers/networks/ipam.db': No such file or directory

The issue persists across completely nuking podman with podman system reset --force.

Additional information you deem important (e.g. issue happens only occasionally):

Output of podman version:

Client:       Podman Engine
Version:      4.1.0
API Version:  4.1.0
Go Version:   go1.17.5
Git Commit:   e4b03902052294d4f342a185bb54702ed5bed8b1
Built:        Wed Jun 15 18:04:43 2022
OS/Arch:      linux/amd64

Output of podman info --debug:

host:
  arch: amd64
  buildahVersion: 1.26.1
  cgroupControllers:
  - cpuset
  - cpu
  - io
  - memory
  - hugetlb
  - pids
  - misc
  cgroupManager: cgroupfs
  cgroupVersion: v2
  conmon:
    package: app-containers/conmon-2.0.30
    path: /usr/libexec/podman/conmon
    version: 'conmon version 2.0.30, commit: v2.0.30'
  cpuUtilization:
    idlePercent: 66.64
    systemPercent: 6.92
    userPercent: 26.44
  cpus: 4
  distribution:
    distribution: gentoo
    version: unknown
  eventLogger: file
  hostname: RPC
  idMappings:
    gidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 1065536
      size: 65536
    uidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 1065536
      size: 65536
  kernel: 5.16.9RMOD-ga9524784f43d
  linkmode: dynamic
  logDriver: k8s-file
  memFree: 617893888
  memTotal: 16647462912
  networkBackend: netavark
  ociRuntime:
    name: crun
    package: app-containers/crun-1.4.4
    path: /usr/bin/crun
    version: |-
      crun version 1.4.4
      commit: 6521fcc5806f20f6187eb933f9f45130c86da230
      spec: 1.0.0
      +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +YAJL
  os: linux
  remoteSocket:
    path: /var/run/user/1000/podman/podman.sock
  security:
    apparmorEnabled: false
    capabilities: CAP_AUDIT_WRITE,CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_MKNOD,CAP_NET_BIND_SERVICE,CAP_NET_RAW,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
    rootless: true
    seccompEnabled: true
    seccompProfilePath: /usr/share/containers/seccomp.json
    selinuxEnabled: false
  serviceIsRemote: false
  slirp4netns:
    executable: /usr/bin/slirp4netns
    package: app-containers/slirp4netns-1.2.0
    version: |-
      slirp4netns version 1.2.0
      commit: 656041d45cfca7a4176f6b7eed9e4fe6c11e8383
      libslirp: 4.3.1
      SLIRP_CONFIG_VERSION_MAX: 3
      libseccomp: 2.5.1
  swapFree: 1072164864
  swapTotal: 1073737728
  uptime: 108h 45m 40.24s (Approximately 4.50 days)
plugins:
  log:
  - k8s-file
  - none
  - passthrough
  network:
  - bridge
  - macvlan
  volume:
  - local
registries:
  docker.io:
    Blocked: false
    Insecure: false
    Location: docker.io
    MirrorByDigestOnly: false
    Mirrors: null
    Prefix: docker.io
    PullFromMirror: ""
  search:
  - docker.io
store:
  configFile: /home/rafael/.config/containers/storage.conf
  containerStore:
    number: 2
    paused: 0
    running: 0
    stopped: 2
  graphDriverName: vfs
  graphOptions: {}
  graphRoot: /home/rafael/.local/share/containers/storage
  graphRootAllocated: 983709065216
  graphRootUsed: 739086147584
  graphStatus: {}
  imageCopyTmpDir: /var/tmp
  imageStore:
    number: 2
  runRoot: /run/user/1000/containers
  volumePath: /home/rafael/.local/share/containers/storage/volumes
version:
  APIVersion: 4.1.0
  Built: 1655309083
  BuiltTime: Wed Jun 15 18:04:43 2022
  GitCommit: e4b03902052294d4f342a185bb54702ed5bed8b1
  GoVersion: go1.17.5
  Os: linux
  OsArch: linux/amd64
  Version: 4.1.0

Have you tested with the latest version of Podman and have you checked the Podman Troubleshooting Guide? (https://github.com/containers/podman/blob/main/troubleshooting.md)

Yes

Additional environment details (AWS, VirtualBox, physical, etc.):
Gentoo Linux running kernel 5.16.9.
@openshift-ci openshift-ci bot added the kind/bug Categorizes issue or PR as related to a bug. label Jun 15, 2022
@Luap99
Copy link
Member

Luap99 commented Jun 15, 2022

Does it work when you create the /run/user/1000/containers/networks directory?

@Ristovski
Copy link
Author

Ristovski commented Jun 15, 2022
edited
Loading

@Luap99 The directory exists. Even if I create a dummy empty ipam.db file in the directory, I still get the same "no such file or directory" error.

@Luap99
Copy link
Member

Luap99 commented Jun 15, 2022

And that definitely also happens as root?

@Ristovski
Copy link
Author

Apologies, upon further testing (with a minimal repro), I can confirm it does work as root.
I have edited the issue description to reflect this.

@Ristovski
Copy link
Author

Ristovski commented Jun 15, 2022
edited
Loading

Tracing open calls with opensnoop (from bcc) shows the same behavior in both cases where the file exists and does not:

PID    COMM              FD ERR FLAGS    PATH
38083  podman            -1   2 02000102 /run/user/1000/containers/networks/ipam.db

Note the error value:

$ errno 2
ENOENT 2 No such file or directory

Full output in case its useful:

Click to expand 
PID    COMM              FD ERR FLAGS    PATH
38083  podman             3   0 02000000 /etc/ld.so.cache
38083  podman             3   0 02000000 /usr/lib64/libgpgme.so.11
38083  podman             3   0 02000000 /usr/lib64/libassuan.so.0
38083  podman             3   0 02000000 /usr/lib64/libgpg-error.so.0
38083  podman             3   0 02000000 /usr/lib64/libseccomp.so.2
38083  podman             3   0 02000000 /lib64/libc.so.6
38083  podman             3   0 02204000 /proc/self/fd
38083  podman             4   0 00000000 /proc/self/cmdline
38083  podman             4   0 00000000 /var/run/user/1000/libpod/tmp/pause.pid
38083  podman             5   0 02000000 /proc/45847/ns/user
38083  podman             7   0 02000000 /proc/45847/ns/mnt
38083  podman             3   0 00000000 /sys/kernel/mm/transparent_hugepage/hpage_pmd_size
38083  podman             3   0 00000000 /usr/share/zoneinfo//Europe/Paris
38083  podman             3   0 02000000 /proc/sys/kernel/cap_last_cap
38083  podman             3   0 02000000 /tmp/podman/bin/podman
38083  podman             3   0 02000000 /proc/sys/kernel/pid_max
38083  podman             3   0 02000000 /proc/filesystems
38083  podman             3   0 02000000 /usr/share/containers/containers.conf
38083  podman             3   0 02000000 /proc/sys/kernel/pid_max
38083  podman             3   0 02000000 /usr/share/containers/containers.conf
38083  podman             3   0 02000000 /proc/sys/kernel/pid_max
38083  podman             3   0 02000000 /usr/share/containers/containers.conf
38083  podman             3   0 02000000 /dev/null
38083  podman            10   0 02000001 /dev/null
38083  podman             3   0 02000102 /home/rafael/.local/share/containers/storage/libpod/bolt_state.db
38083  podman             3   0 02000102 /home/rafael/.local/share/containers/storage/libpod/bolt_state.db
38083  podman             8   0 02000102 /home/rafael/.local/share/containers/storage/libpod/bolt_state.db
38083  podman             8   0 02000000 /proc/self/status
38083  podman             8   0 02000102 /home/rafael/.local/share/containers/storage/storage.lock
38083  podman             8   0 02000102 /home/rafael/.local/share/containers/storage/userns.lock
38083  podman             8   0 02000102 /home/rafael/.local/share/containers/storage/storage.lock
38083  podman             8   0 02000102 /home/rafael/.local/share/containers/storage/vfs-images/images.lock
38083  podman             8   0 02000102 /home/rafael/.local/share/containers/storage/vfs-images/images.lock
38083  podman             9   0 02000000 /home/rafael/.local/share/containers/storage/vfs-images/images.json
38083  podman             8   0 02000102 /home/rafael/.local/share/containers/storage/vfs-containers/containers.lock
38083  podman             8   0 02000102 /home/rafael/.local/share/containers/storage/vfs-containers/containers.lock
38083  podman             9   0 02000000 /home/rafael/.local/share/containers/storage/vfs-containers/containers.json
38083  podman             8   0 02000000 /home/rafael/.local/share/containers/storage/defaultNetworkBackend
38083  podman             8   0 02000102 /home/rafael/.local/share/containers/storage/networks/netavark.lock
38083  podman             8   0 02000102 /var/run/user/1000/libpod/tmp/alive.lck
38083  podman             8   0 02000102 /var/run/user/1000/libpod/tmp/alive.lck
38083  podman             9   0 02400002 /dev/shm/libpod_rootless_lock_1000
38083  podman             8   0 02000000 /proc/self/cgroup
38083  podman             8   0 02000000 /proc/1/comm
38083  podman             8   0 02000102 /home/rafael/.local/share/containers/storage/libpod/bolt_state.db
38083  podman             8   0 02000102 /home/rafael/.local/share/containers/storage/libpod/bolt_state.db
38083  podman             8   0 02000102 /home/rafael/.local/share/containers/storage/libpod/bolt_state.db
38083  podman             8   0 02000102 /home/rafael/.local/share/containers/storage/vfs-containers/containers.lock
38083  podman            10   0 02000000 /home/rafael/.local/share/containers/storage/vfs-containers/containers.json
38083  podman             8   0 02000102 /home/rafael/.local/share/containers/storage/vfs-containers/containers.lock
38083  podman             8   0 02000102 /home/rafael/.local/share/containers/storage/storage.lock
38083  podman            10   0 02000102 /home/rafael/.local/share/containers/storage/vfs-layers/layers.lock
38083  podman            10   0 02000102 /run/user/1000/containers/vfs-layers/mountpoints.lock
38083  podman            10   0 02000000 /home/rafael/.local/share/containers/storage/vfs-layers/layers.json
38083  podman            10   0 02000102 /run/user/1000/containers/vfs-layers/mountpoints.lock
38083  podman            11   0 02000000 /run/user/1000/containers/vfs-layers/mountpoints.json
38083  podman             8   0 02000102 /home/rafael/.local/share/containers/storage/storage.lock
38083  podman            10   0 02000102 /home/rafael/.local/share/containers/storage/vfs-layers/layers.lock
38083  podman            11   0 02000102 /run/user/1000/containers/vfs-layers/mountpoints.lock
38083  podman            11   0 02000000 /home/rafael/.local/share/containers/storage/vfs-layers/layers.json
38083  podman            11   0 02000102 /run/user/1000/containers/vfs-layers/mountpoints.lock
38083  podman            12   0 02000000 /run/user/1000/containers/vfs-layers/mountpoints.json
38083  podman            11   0 02000102 /run/user/1000/containers/vfs-layers/mountpoints.lock
38083  podman            12   0 02000302 /run/user/1000/containers/vfs-layers/.tmp-mountpoints.json3672997924
38083  podman            13   0 02000000 /run/user/1000/containers/vfs-layers/mountpoints.json
38083  podman            10   0 10000000 /home/rafael/.local/share/containers/storage/vfs/dir/f60281b414b52c07468035b437ee915b9443e7eb73a61d855d0fbe6de7e7b879
38083  podman            13   0 10000000 /home/rafael/.local/share/containers/storage/vfs/dir/f60281b414b52c07468035b437ee915b9443e7eb73a61d855d0fbe6de7e7b879/etc
38083  podman             8   0 02001102 /var/run/user/1000/netns/netns-83db8ccb-df0b-3c5d-20d9-dda15abb54cb
38083  podman             9   0 02000000 /proc/38083/task/38092/ns/net
38083  podman             9   0 02000000 /var/run/user/1000/netns/netns-83db8ccb-df0b-3c5d-20d9-dda15abb54cb
38083  podman            11   0 02000000 /var/run/user/1000/netns
38083  podman            -1   2 02000000 /etc/containers/podman-machine
38083  podman            13   0 02000102 /home/rafael/.local/share/containers/storage/libpod/bolt_state.db
38083  podman            12   0 02000102 /var/run/user/1000/libpod/tmp/rootless-netns.lock
38083  podman            12   0 02000102 /var/run/user/1000/libpod/tmp/rootless-netns.lock
38083  podman             8   0 02000000 /var/run/user/1000/netns/rootless-netns-b9e223a38c3bc2f1061c
38083  podman            11   0 02000000 /proc/38083/task/38087/ns/net
38083  podman            10   0 02000000 /proc/38083/task/38087/ns/net
38083  podman            13   0 02000102 /home/rafael/.local/share/containers/storage/networks/netavark.lock
38083  podman            14   0 02000000 /home/rafael/.local/share/containers/storage/networks
38083  podman            14   0 02000000 /home/rafael/.local/share/containers/storage/networks/testnetwork.json
38083  podman            -1   2 02000102 /run/user/1000/containers/networks/ipam.db
38083  podman            -1   2 02000000 /home/rafael/.local/share/containers/storage/vfs-containers/50a5a03971d02f4232bb6d7aad4843706c6d8b0ddfbb9a74a9293bcb544cc93a/userdata/overlay
38083  podman             9   0 02000102 /home/rafael/.local/share/containers/storage/vfs-containers/containers.lock
38083  podman             9   0 02000102 /home/rafael/.local/share/containers/storage/vfs-containers/containers.lock
38083  podman             9   0 02000102 /home/rafael/.local/share/containers/storage/storage.lock
38083  podman            10   0 02000000 /home/rafael/.local/share/containers/storage/vfs-layers/layers.json
38083  podman            10   0 02000102 /run/user/1000/containers/vfs-layers/mountpoints.lock
38083  podman            11   0 02000000 /run/user/1000/containers/vfs-layers/mountpoints.json
38083  podman             9   0 02000102 /home/rafael/.local/share/containers/storage/vfs-layers/layers.lock
38083  podman            10   0 02000102 /run/user/1000/containers/vfs-layers/mountpoints.lock
38083  podman            10   0 02000000 /home/rafael/.local/share/containers/storage/vfs-layers/layers.json
38083  podman            10   0 02000102 /run/user/1000/containers/vfs-layers/mountpoints.lock
38083  podman            11   0 02000000 /run/user/1000/containers/vfs-layers/mountpoints.json
38083  podman            10   0 02000102 /run/user/1000/containers/vfs-layers/mountpoints.lock
38083  podman             9   0 02000102 /home/rafael/.local/share/containers/storage/vfs-containers/containers.lock
38083  podman             9   0 02000102 /home/rafael/.local/share/containers/storage/storage.lock
38083  podman             9   0 02000102 /home/rafael/.local/share/containers/storage/vfs-layers/layers.lock
38083  podman            10   0 02000102 /run/user/1000/containers/vfs-layers/mountpoints.lock
38083  podman            10   0 02000102 /run/user/1000/containers/vfs-layers/mountpoints.lock
38083  podman            11   0 02000302 /run/user/1000/containers/vfs-layers/.tmp-mountpoints.json2506171904
38083  podman            11   0 02000000 /run/user/1000/containers/vfs-layers/mountpoints.json
38083  podman             9   0 02000102 /home/rafael/.local/share/containers/storage/libpod/bolt_state.db

If I delete the networks directory, it does get recreated btw.

I also tried running inotifywatch /run/user/1000/containers/networks/ in case the file was being created and then subsequently deleted, but it reported no events.

@Luap99
Copy link
Member

Luap99 commented Jun 15, 2022

If it is rootless only it is likely related to the mount propagation, check how it looks in podman unshare --rootless-netns

@Ristovski
Copy link
Author

Ristovski commented Jun 15, 2022
edited
Loading

Inside the unshare, the only entries are these:

# find /run/
/run/
/run/systemd

Not really sure how I can debug this or what I should be checking, any pointers?

Running mountsnoop (again from bcc) shows the following when doing podman start:

COMM             PID     TID     MNT_NS      CALL
podman           41134   41143   4026534845  mount("", "/var/run/user/1000/netns", "none", MS_VERBOSE | MS_SHARED, "") = 0
podman           41134   41138   4026534845  mount("shm", "/home/rafael/.local/share/containers/storage/vfs-containers/50a5a03971d02f4232bb6d7aad4843706c6d8b0ddfbb9a74a9293bcb544cc93a/userdata/shm", "tmpfs", MS_NOSUID | MS_NODEV | MS_NOEXEC, "mode=1777,size=65536000") = 0
podman           41134   41143   4026534845  mount("/proc/41134/task/41143/ns/net", "/var/run/user/1000/netns/netns-7069d9c6-71e5-d0cc-3144-2959d05f4d2b", "none", MS_MOVE | MS_VERBOSE | MS_SHARED, "") = 0
podman           41134   41137   4026533865  mount("/var/run/user/1000", "/var/run/user/1000/libpod/tmp/rootless-netns/var/run/user/1000", "none", MS_MOVE | MS_VERBOSE | MS_SHARED, "") = 0
podman           41134   41137   4026533865  mount("/var/run/user/1000/libpod/tmp/rootless-netns/resolv.conf", "/etc/resolv.conf", "none", MS_MOVE, "") = 0
podman           41134   41137   4026533865  mount("/var/run/user/1000/libpod/tmp/rootless-netns/var/lib/cni", "/var/lib/cni", "none", MS_MOVE, "") = 0
podman           41134   41137   4026533865  mount("/var/run/user/1000/libpod/tmp/rootless-netns/run", "/run", "none", MS_MOVE | MS_VERBOSE, "") = 0
podman           41134   41138   4026534845  umount("/var/run/user/1000/netns/netns-7069d9c6-71e5-d0cc-3144-2959d05f4d2b", MS_NOSUID) = 0
podman           41134   41136   4026534845  umount("/home/rafael/.local/share/containers/storage/vfs-containers/50a5a03971d02f4232bb6d7aad4843706c6d8b0ddfbb9a74a9293bcb544cc93a/userdata/shm", 0x0) = 0

@Ristovski
Copy link
Author

I compared outputs with a different machine I have access to.

I do not use systemd which should explain why the directory is empty, but I am also missing all of user/1000/. On my other machine (remote aarch64 VM running ArchLinux on ARM), the ipam.db does get passed into the namespace.

@Ristovski
Copy link
Author

Ristovski commented Jun 15, 2022
edited
Loading

I reset the podman environment and noticed this when running podman system migrate:
WARN[0000] "/" is not a shared mount, this could cause issues or missing mounts with rootless containers 

$ findmnt -o PROPAGATION /
PROPAGATION
private

According to a comment in containers/buildah#3726 (comment), this might need to be shared?

However, running sudo mount --make-shared / did not fix the issue:

$ findmnt -o PROPAGATION /
PROPAGATION
shared

@rhatdan
Copy link
Member

rhatdan commented Jun 15, 2022

Yes could you set it to share in an init script early in boot, and that should fix your problem.

@Ristovski
Copy link
Author

@rhatdan Is there anything preventing it from working when making it shared at runtime with mount --make-shared?

@rhatdan
Copy link
Member

rhatdan commented Jun 15, 2022

No, as long as it is executed before the first podman run, it should work as I understand it. You might need to do a --make-rshared ...

@Luap99
Copy link
Member

Luap99 commented Jun 16, 2022

Likely the problem is the use of /var/run... instead of just /run and not the mount propagation.

@Ristovski
Copy link
Author

@Luap99 In my case, /var/run is a symlink to /run

@Luap99
Copy link
Member

Luap99 commented Jun 16, 2022

Yes I that is what I thought. The problem is that we have to create a new mountsns and make /run and /var/lib/cni writeable because CNI fails otherwise. With netavark we could technically skip this but the issue would still exist for cni users.

The setup is very complicated and ugly. Basically the problem is that /var/run/user/1000/libpod/tmp/rootless-netns/var/run/user/1000 is not a symlink so the files end up in the wrong place in the new mount namespace.

@Ristovski
Copy link
Author

Ristovski commented Jun 16, 2022
edited
Loading

@Luap99 I see. However it does work on the other machine I have access to, which to me sounds like some weird edge-case that's present on my system (and persists across podman system reset).

I can't find anything that sticks out in an obvious matter, the setup is nearly identical (including fs structure, with /var/run being a symlink as well).
I even manually compared kernel configs and also used check-config.sh from runc (something podman should ship on its own tbh), and that yielded nothing either.

@Luap99
Copy link
Member

Luap99 commented Jun 16, 2022

check your XDG_RUNTIME_DIR env var, I bet the working one is /run/... and the not working one is /var/run...

@Ristovski
Copy link
Author

Ristovski commented Jun 16, 2022
edited
Loading

You are correct :)

Edit: the following dirty hack confirms:

$ export XDG_RUNTIME_DIR=/run/user/1000
$ podman system reset -f
$ podman system migrate
$ podman unshare --rootless-netns
# find /var/run/

Shows the correct and expected structure

@rhatdan
Copy link
Member

rhatdan commented Jun 16, 2022

This is not likely something podman can fix, so I am going to close the issue.

@rhatdan rhatdan closed this as completed Jun 16, 2022
@Luap99
Copy link
Member

Luap99 commented Jun 16, 2022

We can fix this, a potential easy fix would be to call EvalSymlink on the XDG_RUNTIME_DIR before using it.

@Luap99 Luap99 reopened this Jun 16, 2022
@rhatdan
Copy link
Member

rhatdan commented Jun 16, 2022

SGTM

Luap99 added a commit to Luap99/libpod that referenced this issue Jun 20, 2022
@Luap99
rootless netns: eval symlink for XDG_RUNTIME_DIR
657d65a 
When we bind mount the old XDG_RUNTIME_DIR to the new fake /run it will
cause issues when the XDG_RUNTIME_DIR is a symlink since they do not
exists in the new path hierarchie. To fix this we can just follow the
symlink before we try to use the path.

Fixes containers#14606

Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Luap99 added a commit to Luap99/libpod that referenced this issue Jun 20, 2022
@Luap99
rootless netns: eval symlink for XDG_RUNTIME_DIR
6e37c47 
When we bind mount the old XDG_RUNTIME_DIR to the new fake /run it will
cause issues when the XDG_RUNTIME_DIR is a symlink since they do not
exists in the new path hierarchy. To fix this we can just follow the
symlink before we try to use the path.

Fixes containers#14606

Signed-off-by: Paul Holzinger <pholzing@redhat.com>
@Luap99 Luap99 mentioned this issue Jun 20, 2022
Closed
Luap99 added a commit to Luap99/libpod that referenced this issue Jun 27, 2022
@Luap99
rootless netns: eval symlink for XDG_RUNTIME_DIR
adda5fc 
When we bind mount the old XDG_RUNTIME_DIR to the new fake /run it will
cause issues when the XDG_RUNTIME_DIR is a symlink since they do not
exists in the new path hierarchy. To fix this we can just follow the
symlink before we try to use the path.

This fix is kinda ugly, our XDG_RUNTIME_DIR code is all over the place.
We should work on consolidating this sooner than later.

Fixes containers#14606

Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Luap99 added a commit to Luap99/libpod that referenced this issue Jun 27, 2022
@Luap99
rootless netns: eval symlink for XDG_RUNTIME_DIR
f5c3395 
When we bind mount the old XDG_RUNTIME_DIR to the new fake /run it will
cause issues when the XDG_RUNTIME_DIR is a symlink since they do not
exists in the new path hierarchy. To fix this we can just follow the
symlink before we try to use the path.

This fix is kinda ugly, our XDG_RUNTIME_DIR code is all over the place.
We should work on consolidating this sooner than later.

Fixes containers#14606

Signed-off-by: Paul Holzinger <pholzing@redhat.com>
@github-actions
Copy link

A friendly reminder that this issue had no activity for 30 days.

@rhatdan
Copy link
Member

rhatdan commented Jul 17, 2022

@Luap99 What is the state of this?

@github-actions
Copy link

A friendly reminder that this issue had no activity for 30 days.

@rhatdan
Copy link
Member

rhatdan commented Aug 22, 2022

@Luap99 What is the state of this?

@github-actions
Copy link

A friendly reminder that this issue had no activity for 30 days.

rhatdan added a commit to rhatdan/podman that referenced this issue Sep 23, 2022
@rhatdan
Eval symlinks on XDG_RUNTIME_DIR
d91fe0e 
Partial Fix for containers#14606

[NO NEW TESTS NEEDED]

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
@rhatdan rhatdan self-assigned this Sep 23, 2022
@rhatdan rhatdan mentioned this issue Sep 23, 2022
Merged
rhatdan added a commit to rhatdan/podman that referenced this issue Sep 23, 2022
@rhatdan
Eval symlinks on XDG_RUNTIME_DIR
936263c 
Partial Fix for containers#14606

[NO NEW TESTS NEEDED]

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
rhatdan added a commit to rhatdan/podman that referenced this issue Sep 27, 2022
@rhatdan
Eval symlinks on XDG_RUNTIME_DIR
ae19075 
Partial Fix for containers#14606

[NO NEW TESTS NEEDED]

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
rhatdan added a commit to rhatdan/podman that referenced this issue Oct 12, 2022
@rhatdan
Eval symlinks on XDG_RUNTIME_DIR
42f4f93 
Partial Fix for containers#14606

[NO NEW TESTS NEEDED]

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
rhatdan added a commit to rhatdan/podman that referenced this issue Oct 13, 2022
@rhatdan
Eval symlinks on XDG_RUNTIME_DIR
fcef9f7 
Partial Fix for containers#14606

[NO NEW TESTS NEEDED]

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
rhatdan added a commit to rhatdan/podman that referenced this issue Oct 17, 2022
@rhatdan
Eval symlinks on XDG_RUNTIME_DIR
d9c00f6 
Partial Fix for containers#14606

[NO NEW TESTS NEEDED]

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
rhatdan added a commit to rhatdan/podman that referenced this issue Oct 19, 2022
@rhatdan
Eval symlinks on XDG_RUNTIME_DIR
7c6bf96 
Partial Fix for containers#14606

[NO NEW TESTS NEEDED]

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
rhatdan added a commit to rhatdan/podman that referenced this issue Oct 19, 2022
@rhatdan
Eval symlinks on XDG_RUNTIME_DIR
a2b935f 
Partial Fix for containers#14606

[NO NEW TESTS NEEDED]

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
rhatdan added a commit to rhatdan/podman that referenced this issue Oct 19, 2022
@rhatdan
Eval symlinks on XDG_RUNTIME_DIR
ee9aeae 
Partial Fix for containers#14606

[NO NEW TESTS NEEDED]

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
rhatdan added a commit to rhatdan/podman that referenced this issue Oct 28, 2022
@rhatdan
Eval symlinks on XDG_RUNTIME_DIR
2b42abf 
Partial Fix for containers#14606

[NO NEW TESTS NEEDED]

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
rhatdan added a commit to rhatdan/podman that referenced this issue Oct 28, 2022
@rhatdan
Eval symlinks on XDG_RUNTIME_DIR
ba5e896 
Partial Fix for containers#14606

[NO NEW TESTS NEEDED]

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
rhatdan added a commit to rhatdan/podman that referenced this issue Oct 28, 2022
@rhatdan
Eval symlinks on XDG_RUNTIME_DIR
71f0c9f 
Partial Fix for containers#14606

[NO NEW TESTS NEEDED]

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
@Luap99
Copy link
Member

Luap99 commented Nov 1, 2022

Fixed in #15918

@Luap99 Luap99 closed this as completed Nov 1, 2022
@github-actions github-actions bot added the locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments. label Sep 11, 2023
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Sep 11, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@rhatdan rhatdan

Labels
kind/bug Categorizes issue or PR as related to a bug. locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

rootless netns: eval symlink for XDG_RUNTIME_DIR Luap99/libpod
3 participants
@Ristovski @rhatdan @Luap99