Mostly fine, but has problems with newer kernels (5.1.16). Situation continues to develop on issue 3540
New Requires is perfect: it brings in the desired libseccomp. Unfortunately there's a new problem with metacopy that I think needs addressing. Sorry.
Aside from the above issues, and nonblockers #3302 and #3359, and new (nonblocking) regression #3492, LGTM.
--sig-proxy broken as nonroot (#3492); not a blocker imo
While we're at it, could you perhaps package an older /etc/containers/storage.conf
, without metacopy=on
? Even with updated libseccomp, podman fails to run:
# podman ps
Error: error creating libpod runtime: failed to mount overlay for metacopy check: invalid argument
Hand-editing storage.conf
and setting mountopt = "nodev"
(without metacopy=on
) gets me past this.
As I mentioned in the 1.4.3-1, it doesn't work on some installs:
# podman ps
podman: symbol lookup error: podman: undefined symbol: seccomp_api_get
Could you please add Requires: libseccomp >= 2.4.1
to the specfile?
...then, with updated libseccomp:
# podman --log-level=debug ps
DEBU[0000] Initializing boltdb state at /var/lib/containers/storage/libpod/bolt_state.db
DEBU[0000] Using graph driver overlay
DEBU[0000] Using graph root /var/lib/containers/storage
DEBU[0000] Using run root /var/run/containers/storage
DEBU[0000] Using static dir /var/lib/containers/storage/libpod
DEBU[0000] Using tmp dir /var/run/libpod
DEBU[0000] Using volume path /var/lib/containers/storage/volumes
DEBU[0000] Set libpod namespace to ""
DEBU[0000] [graphdriver] trying provided driver "overlay"
DEBU[0000] cached value indicated that overlay is supported
WARN[0000] overlay test mount did not indicate whether or not metacopy is being used: failed to mount overlay for metacopy check: invalid argument
ERRO[0000] error creating libpod runtime: failed to mount overlay for metacopy check: invalid argument
Also, doesn't work out of the box:
# podman ps
podman: symbol lookup error: podman: undefined symbol: seccomp_api_get
Seems to require libseccomp-2.4.1-0.fc29
. Could someone please add the appropriate Requires?
Passes docker-autotest except for regressions #3302 and #3359.
Passes docker-autotest except for regressions #3302 and #3359.
LGTM. #980 (regression) and #3302 (intermittent weirdness with attach) are IMO minor.
Confirmed that /usr/libexec/crio*
are gone.
LGTM. #980 (regression) and #3302 (intermittent weirdness with attach) are IMO minor.
Confirmed that /usr/libexec/crio*
are gone.
Passes most of docker-autotest; regression on issue #980
I do believe that the addition of %{_libexecdir}/crio
in 898cc75 is a mistake that should be reverted.
Passes most of docker-autotest; regression on issue #980
I do believe that the addition of %{_libexecdir/crio
in 8ee8c09 is a mistake that should be reverted.
One regression (#980). Two other failures that look suspicious but I won't have time to pursue until Monday.
One regression (#980). One flake which I won't have time to pursue until Monday:
# podman --cgroup-manager=cgroupfs run -d -i --name=memory_positive_Fjb4 -m 5246976 registry.access.redhat.com/rhel7/rhel:latest /bin/bash
Error: container create failed: container_linux.go:344: starting container process caused "process_linux.go:424: container init caused \"process_linux.go:390: setting cgroup config for procHooks process caused \\\"failed to write 10493952 to memory.memsw.limit_in_bytes: write /sys/fs/cgroup/memory/libpod_parent/libpod-b9c562426e6ef066ed15b3ec369f8124e46c95539693384f8490410dcb211813/memory.memsw.limit_in_bytes: device or resource busy\\\"\""
: internal libpod error
Two other failures that look suspicious but again I can't pursue until next week.
The metacopy problem does not seem to be directly related to this build of podman; I suspect it will affect currently-released 1.4 builds also.