podman: Cannot play kube files (k8s.gcr.io/pause:3.5 fails)

Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line) /kind bug

Description

I tried to play a yaml file which used to work (up until Fedora 33). After migrating to Fedora 34 (which comes with podman 3.1.2 and crun 0.19.1 and conmon 2.0.27) this stopped working. I was able to reproduce the problem with a minimal yaml file.

Steps to reproduce the issue: test.yaml:

apiVersion: v1
kind: Pod

metadata:
  name: test

spec:
  containers:
  - name: redis
    image: arm32v7/redis:alpine

1. podman play kube test.yaml --log-level=debug --runtime=crun &> test.log
2. podman ps -a &> ps.log

Describe the results you received:

error starting container 75bdc81db921fc8e95f69e5a21648c4f7cb9613cd9c014d14933338751d8a2a4: `/usr/bin/crun start 75bdc81db921fc8e95f69e5a21648c4f7cb9613cd9c014d14933338751d8a2a4` failed: exit status 1

This is the container with the image k8s.gcr.io/pause:3.5.

Describe the results you expected: The startup of the container should be successful.

Additional information you deem important (e.g. issue happens only occasionally): Currently I use cgroups V2. Previously, with systemd.unified_cgroup_hierarchy=0 in the kernel arguments, the behaviour and problem was the same. I already tried setsebool -P container_manage_cgroup true. I tried running the podman play command from an own systemd service as well as from command line as root user. Running simple podman containers works, e.g.

	mkdir ~/mycontent
	chcon -t container_var_lib_t ~/mycontent
	podman run -v ~/mycontent:/content fedora touch /content/file`

runs without error and creates an empty file ~/mycontent/file.

Output of podman version:

Version:      3.1.2
API Version:  3.1.2
Go Version:   go1.16.3
Built:        Wed May 12 21:29:45 2021
OS/Arch:      linux/arm

Output of podman info --debug:

ost:                                                                                                                                   
  arch: arm                                                         
  buildahVersion: 1.20.1
  cgroupManager: systemd
  cgroupVersion: v2     
  conmon:                                                           
    package: conmon-2.0.27-2.fc34.armv7hl
    path: /usr/bin/conmon
    version: 'conmon version 2.0.27, commit: '
  cpus: 8       
  distribution:
    distribution: fedora                                            
    version: "34"
  eventLogger: journald
  hostname: odroid
  idMappings:
    gidmap: null
    uidmap: null
  kernel: 5.11.19-300.fc34.armv7hl 
  linkmode: dynamic
  memFree: 74764288
  memTotal: 2084208640
  ociRuntime:
    name: crun
    package: crun-0.19.1-2.fc34.armv7hl
    path: /usr/bin/crun
    version: |-
      crun version 0.19.1
      commit: 1535fedf0b83fb898d449f9680000f729ba719f5
      spec: 1.0.0
      +SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +CRIU +YAJL
  os: linux
  remoteSocket:
    path: /run/podman/podman.sock
  security:
    apparmorEnabled: false
    capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_
SETUID,CAP_SYS_CHROOT
    rootless: false
    seccompEnabled: true
    selinuxEnabled: true
  slirp4netns:
    executable: ""
    package: ""
    version: ""
  swapFree: 0
  swapTotal: 0
  uptime: 54h 22m 30.11s (Approximately 2.25 days)
registries:
  search:
  - registry.fedoraproject.org
  - registry.access.redhat.com
  - docker.io
  - quay.io
store:
  configFile: /etc/containers/storage.conf
  containerStore:
    number: 2
    paused: 0
    running: 0
    stopped: 2
  graphDriverName: overlay
  graphOptions:
    overlay.mountopt: nodev,metacopy=on
  graphRoot: /media/containers/storage
 graphStatus:
    Backing Filesystem: extfs
    Native Overlay Diff: "false"
    Supports d_type: "true"
    Using metacopy: "true"
  imageStore:
    number: 8
  runRoot: /var/run/containers/storage
  volumePath: /media/containers/storage/volumes
version:
  APIVersion: 3.1.2
  Built: 1620847785
  BuiltTime: Wed May 12 21:29:45 2021
  GitCommit: ""
  GoVersion: go1.16.3
  OsArch: linux/arm
  Version: 3.1.2

Package info (e.g. output of rpm -q podman or apt list podman):

podman-3.1.2-3.fc34.armv7hl

Have you tested with the latest version of Podman and have you checked the Podman Troubleshooting Guide? (https://github.com/containers/podman/blob/master/troubleshooting.md)

Yes

Additional environment details (AWS, VirtualBox, physical, etc.): podman is running on a Hardkernel Odroid HC1.