FEDORA-2018-7e89133855 created by baude 3 years ago for Fedora 28
obsolete

Upstream 0.12.1.2 release

This update has been submitted for testing by baude.

3 years ago

This update has been pushed to testing.

3 years ago
karma
User Icon santiago commented & provided feedback 3 years ago
karma

run doesn't work at all:

# podman run alpine date
# echo $?
139

Debug log shows nothing useful.

Bodhi is disabling automatic push to stable due to negative karma. The maintainer may push manually if they determine that the issue is not severe.

3 years ago

That example works for me.

# podman run alpine date
Mon Dec 17 17:07:54 UTC 2018
# echo $?
0
User Icon santiago commented & provided feedback 3 years ago
karma

After full dnf upgrade and reboot, I now get:

# podman run alpine date
Error relocating /lib/ld-musl-x86_64.so.1: RELRO protection failed: Permission denied
Error relocating /bin/date: RELRO protection failed: Permission denied
# echo $?
127

...and, this time I get AVCs:

type=AVC msg=audit(1545067349.224:320): avc:  denied  { read write } for  pid=2156 comm="date" path="/dev/null" dev="tmpfs" ino=27403 scontext=system_u:system_r:container_t:s0:c804,c891 tcontext=system_u:object_r:container_file_t:s0:c804,c891 tclass=chr_file permissive=0
type=AVC msg=audit(1545067349.224:321): avc:  denied  { read } for  pid=2156 comm="date" path="/lib/ld-musl-x86_64.so.1" dev="vda1" ino=525411 scontext=system_u:system_r:container_t:s0:c804,c891 tcontext=unconfined_u:object_r:var_lib_t:s0 tclass=file permissive=0
type=AVC msg=audit(1545067349.224:322): avc:  denied  { read } for  pid=2156 comm="date" path="/bin/busybox" dev="vda1" ino=525253 scontext=system_u:system_r:container_t:s0:c804,c891 tcontext=unconfined_u:object_r:var_lib_t:s0 tclass=file permissive=0            

(last time, no AVCs). Surprisingly, it works as nonroot:

$ podman run alpine date
Mon Dec 17 17:25:25 UTC 2018

container-selinux-2.76-1.git87fae85.fc28.noarch

User Icon santiago commented & provided feedback 3 years ago
karma

AVC was due to a fedora 28 problem on fresh installs. After resolving, podman now passes expected set of tests.

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

3 years ago
User Icon rishi commented & provided feedback 3 years ago
karma

Tested with fedora-toolbox on Silverblue. Works as expected.

User Icon smilner provided feedback 3 years ago
karma

This update has been obsoleted by podman-1.0.0-1.git82e8011.fc28.

3 years ago

Please login to add feedback.

Metadata
Type
enhancement
Karma
4
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
disabled
Stable by Time
disabled
Dates
submitted
3 years ago
in testing
3 years ago

Automated Test Results