podman: Error: open executable: Operation not permitted: OCI permission denied
Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)
/kind bug
Description
When running a simple podman run command, I get an error: Error: open executable: Operation not permitted: OCI permission denied.
Steps to reproduce the issue:
- Run
podman --log-level=debug run --rm docker.io/klakegg/hugo:0.80.0-ext-alpine-ci hugo version
Describe the results you received:
Without debug log level:
Error: open executable: Operation not permitted: OCI permission denied
With debug log level:
INFO[0000] podman filtering at log level debug
DEBU[0000] Called run.PersistentPreRunE(podman --log-level=debug run --rm docker.io/klakegg/hugo:0.80.0-ext-alpine-ci hugo version)
DEBU[0000] Reading configuration file "/usr/share/containers/containers.conf"
DEBU[0000] Merged system config "/usr/share/containers/containers.conf": &{Containers:{Devices:[] Volumes:[] ApparmorProfile:containers-default-0.33.1 Annotations:[] CgroupNS:private Cgroups:enabled DefaultCapabilities:[CHOWN DAC_OVERRIDE FOWNER FSETID KILL NET_BIND_SERVICE SETFCAP SETGID SETPCAP SETUID SYS_CHROOT] DefaultSysctls:[net.ipv4.ping_group_range=0 0] DefaultUlimits:[] DefaultMountsFile: DNSServers:[] DNSOptions:[] DNSSearches:[] EnableKeyring:true EnableLabeling:true Env:[PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin TERM=xterm] EnvHost:false HTTPProxy:true Init:false InitPath: IPCNS:private LogDriver:k8s-file LogSizeMax:-1 NetNS:slirp4netns NoHosts:false PidsLimit:2048 PidNS:private SeccompProfile:/usr/share/containers/seccomp.json ShmSize:65536k TZ: Umask:0022 UTSNS:private UserNS:host UserNSSize:65536} Engine:{ImageBuildFormat:oci CgroupCheck:false CgroupManager:systemd ConmonEnvVars:[PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin] ConmonPath:[/usr/libexec/podman/conmon /usr/local/libexec/podman/conmon /usr/local/lib/podman/conmon /usr/bin/conmon /usr/sbin/conmon /usr/local/bin/conmon /usr/local/sbin/conmon /run/current-system/sw/bin/conmon] DetachKeys:ctrl-p,ctrl-q EnablePortReservation:true Env:[] EventsLogFilePath:/run/user/1000/libpod/tmp/events/events.log EventsLogger:journald HooksDir:[/usr/share/containers/oci/hooks.d] ImageDefaultTransport:docker:// InfraCommand: InfraImage:k8s.gcr.io/pause:3.2 InitPath:/usr/libexec/podman/catatonit LockType:shm MultiImageArchive:false Namespace: NetworkCmdPath: NetworkCmdOptions:[] NoPivotRoot:false NumLocks:2048 OCIRuntime:crun OCIRuntimes:map[crun:[/usr/bin/crun /usr/sbin/crun /usr/local/bin/crun /usr/local/sbin/crun /sbin/crun /bin/crun /run/current-system/sw/bin/crun] kata:[/usr/bin/kata-runtime /usr/sbin/kata-runtime /usr/local/bin/kata-runtime /usr/local/sbin/kata-runtime /sbin/kata-runtime /bin/kata-runtime /usr/bin/kata-qemu /usr/bin/kata-fc] runc:[/usr/bin/runc /usr/sbin/runc /usr/local/bin/runc /usr/local/sbin/runc /sbin/runc /bin/runc /usr/lib/cri-o-runc/sbin/runc /run/current-system/sw/bin/runc]] PullPolicy:missing Remote:false RemoteURI: RemoteIdentity: ActiveService: ServiceDestinations:map[] RuntimePath:[] RuntimeSupportsJSON:[crun runc] RuntimeSupportsNoCgroups:[crun] RuntimeSupportsKVM:[kata kata-runtime kata-qemu kata-fc] SetOptions:{StorageConfigRunRootSet:false StorageConfigGraphRootSet:false StorageConfigGraphDriverNameSet:false StaticDirSet:false VolumePathSet:false TmpDirSet:false} SignaturePolicyPath:/etc/containers/policy.json SDNotify:false StateType:3 StaticDir:/home/bousse-e/.local/share/containers/storage/libpod StopTimeout:10 TmpDir:/run/user/1000/libpod/tmp VolumePath:/home/bousse-e/.local/share/containers/storage/volumes VolumePlugins:map[]} Network:{CNIPluginDirs:[/usr/libexec/cni /usr/lib/cni /usr/local/lib/cni /opt/cni/bin] DefaultNetwork:podman NetworkConfigDir:/home/bousse-e/.config/cni/net.d}}
DEBU[0000] Using conmon: "/usr/bin/conmon"
DEBU[0000] Initializing boltdb state at /home/bousse-e/.local/share/containers/storage/libpod/bolt_state.db
DEBU[0000] Using graph driver overlay
DEBU[0000] Using graph root /home/bousse-e/.local/share/containers/storage
DEBU[0000] Using run root /run/user/1000/containers
DEBU[0000] Using static dir /home/bousse-e/.local/share/containers/storage/libpod
DEBU[0000] Using tmp dir /run/user/1000/libpod/tmp
DEBU[0000] Using volume path /home/bousse-e/.local/share/containers/storage/volumes
DEBU[0000] Set libpod namespace to ""
DEBU[0000] Not configuring container store
DEBU[0000] Initializing event backend journald
DEBU[0000] using runtime "/usr/bin/crun"
DEBU[0000] using runtime "/usr/bin/runc"
INFO[0000] Error initializing configured OCI runtime kata: no valid executable found for OCI runtime kata: invalid argument
INFO[0000] Setting parallel job count to 13
INFO[0000] podman filtering at log level debug
DEBU[0000] Called run.PersistentPreRunE(podman --log-level=debug run --rm docker.io/klakegg/hugo:0.80.0-ext-alpine-ci hugo version)
DEBU[0000] Reading configuration file "/usr/share/containers/containers.conf"
DEBU[0000] Merged system config "/usr/share/containers/containers.conf": &{Containers:{Devices:[] Volumes:[] ApparmorProfile:containers-default-0.33.1 Annotations:[] CgroupNS:private Cgroups:enabled DefaultCapabilities:[CHOWN DAC_OVERRIDE FOWNER FSETID KILL NET_BIND_SERVICE SETFCAP SETGID SETPCAP SETUID SYS_CHROOT] DefaultSysctls:[net.ipv4.ping_group_range=0 0] DefaultUlimits:[] DefaultMountsFile: DNSServers:[] DNSOptions:[] DNSSearches:[] EnableKeyring:true EnableLabeling:true Env:[PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin TERM=xterm] EnvHost:false HTTPProxy:true Init:false InitPath: IPCNS:private LogDriver:k8s-file LogSizeMax:-1 NetNS:slirp4netns NoHosts:false PidsLimit:2048 PidNS:private SeccompProfile:/usr/share/containers/seccomp.json ShmSize:65536k TZ: Umask:0022 UTSNS:private UserNS:host UserNSSize:65536} Engine:{ImageBuildFormat:oci CgroupCheck:false CgroupManager:systemd ConmonEnvVars:[PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin] ConmonPath:[/usr/libexec/podman/conmon /usr/local/libexec/podman/conmon /usr/local/lib/podman/conmon /usr/bin/conmon /usr/sbin/conmon /usr/local/bin/conmon /usr/local/sbin/conmon /run/current-system/sw/bin/conmon] DetachKeys:ctrl-p,ctrl-q EnablePortReservation:true Env:[] EventsLogFilePath:/run/user/1000/libpod/tmp/events/events.log EventsLogger:journald HooksDir:[/usr/share/containers/oci/hooks.d] ImageDefaultTransport:docker:// InfraCommand: InfraImage:k8s.gcr.io/pause:3.2 InitPath:/usr/libexec/podman/catatonit LockType:shm MultiImageArchive:false Namespace: NetworkCmdPath: NetworkCmdOptions:[] NoPivotRoot:false NumLocks:2048 OCIRuntime:crun OCIRuntimes:map[crun:[/usr/bin/crun /usr/sbin/crun /usr/local/bin/crun /usr/local/sbin/crun /sbin/crun /bin/crun /run/current-system/sw/bin/crun] kata:[/usr/bin/kata-runtime /usr/sbin/kata-runtime /usr/local/bin/kata-runtime /usr/local/sbin/kata-runtime /sbin/kata-runtime /bin/kata-runtime /usr/bin/kata-qemu /usr/bin/kata-fc] runc:[/usr/bin/runc /usr/sbin/runc /usr/local/bin/runc /usr/local/sbin/runc /sbin/runc /bin/runc /usr/lib/cri-o-runc/sbin/runc /run/current-system/sw/bin/runc]] PullPolicy:missing Remote:false RemoteURI: RemoteIdentity: ActiveService: ServiceDestinations:map[] RuntimePath:[] RuntimeSupportsJSON:[crun runc] RuntimeSupportsNoCgroups:[crun] RuntimeSupportsKVM:[kata kata-runtime kata-qemu kata-fc] SetOptions:{StorageConfigRunRootSet:false StorageConfigGraphRootSet:false StorageConfigGraphDriverNameSet:false StaticDirSet:false VolumePathSet:false TmpDirSet:false} SignaturePolicyPath:/etc/containers/policy.json SDNotify:false StateType:3 StaticDir:/home/bousse-e/.local/share/containers/storage/libpod StopTimeout:10 TmpDir:/run/user/1000/libpod/tmp VolumePath:/home/bousse-e/.local/share/containers/storage/volumes VolumePlugins:map[]} Network:{CNIPluginDirs:[/usr/libexec/cni /usr/lib/cni /usr/local/lib/cni /opt/cni/bin] DefaultNetwork:podman NetworkConfigDir:/home/bousse-e/.config/cni/net.d}}
DEBU[0000] Using conmon: "/usr/bin/conmon"
DEBU[0000] Initializing boltdb state at /home/bousse-e/.local/share/containers/storage/libpod/bolt_state.db
DEBU[0000] Using graph driver overlay
DEBU[0000] Using graph root /home/bousse-e/.local/share/containers/storage
DEBU[0000] Using run root /run/user/1000/containers
DEBU[0000] Using static dir /home/bousse-e/.local/share/containers/storage/libpod
DEBU[0000] Using tmp dir /run/user/1000/libpod/tmp
DEBU[0000] Using volume path /home/bousse-e/.local/share/containers/storage/volumes
DEBU[0000] Set libpod namespace to ""
DEBU[0000] [graphdriver] trying provided driver "overlay"
DEBU[0000] overlay: mount_program=/usr/bin/fuse-overlayfs
DEBU[0000] backingFs=btrfs, projectQuotaSupported=false, useNativeDiff=false, usingMetacopy=false
DEBU[0000] Initializing event backend journald
DEBU[0000] using runtime "/usr/bin/crun"
DEBU[0000] using runtime "/usr/bin/runc"
INFO[0000] Error initializing configured OCI runtime kata: no valid executable found for OCI runtime kata: invalid argument
INFO[0000] Setting parallel job count to 13
DEBU[0000] parsed reference into "[overlay@/home/bousse-e/.local/share/containers/storage+/run/user/1000/containers:overlay.mount_program=/usr/bin/fuse-overlayfs]@a93ad6a0848d92142b50f94f10bf6c1a774e7ebc73df82a83c015b0052a12303"
DEBU[0000] exporting opaque data as blob "sha256:a93ad6a0848d92142b50f94f10bf6c1a774e7ebc73df82a83c015b0052a12303"
DEBU[0000] parsed reference into "[overlay@/home/bousse-e/.local/share/containers/storage+/run/user/1000/containers:overlay.mount_program=/usr/bin/fuse-overlayfs]@a93ad6a0848d92142b50f94f10bf6c1a774e7ebc73df82a83c015b0052a12303"
DEBU[0000] exporting opaque data as blob "sha256:a93ad6a0848d92142b50f94f10bf6c1a774e7ebc73df82a83c015b0052a12303"
DEBU[0000] using systemd mode: false
DEBU[0000] No hostname set; container's hostname will default to runtime default
DEBU[0000] Loading seccomp profile from "/usr/share/containers/seccomp.json"
DEBU[0000] Allocated lock 0 for container a185829c14d461c3c812d1e0ba34b6d281ac58f7c1fc28bf762de7773a807423
DEBU[0000] parsed reference into "[overlay@/home/bousse-e/.local/share/containers/storage+/run/user/1000/containers:overlay.mount_program=/usr/bin/fuse-overlayfs]@a93ad6a0848d92142b50f94f10bf6c1a774e7ebc73df82a83c015b0052a12303"
DEBU[0000] exporting opaque data as blob "sha256:a93ad6a0848d92142b50f94f10bf6c1a774e7ebc73df82a83c015b0052a12303"
DEBU[0000] created container "a185829c14d461c3c812d1e0ba34b6d281ac58f7c1fc28bf762de7773a807423"
DEBU[0000] container "a185829c14d461c3c812d1e0ba34b6d281ac58f7c1fc28bf762de7773a807423" has work directory "/home/bousse-e/.local/share/containers/storage/overlay-containers/a185829c14d461c3c812d1e0ba34b6d281ac58f7c1fc28bf762de7773a807423/userdata"
DEBU[0000] container "a185829c14d461c3c812d1e0ba34b6d281ac58f7c1fc28bf762de7773a807423" has run directory "/run/user/1000/containers/overlay-containers/a185829c14d461c3c812d1e0ba34b6d281ac58f7c1fc28bf762de7773a807423/userdata"
DEBU[0000] Not attaching to stdin
DEBU[0000] overlay: mount_data=lowerdir=/home/bousse-e/.local/share/containers/storage/overlay/l/Q2KX5JJVYJUFZXIKECE73QBBIF:/home/bousse-e/.local/share/containers/storage/overlay/l/XYV7JDDTNRWCTKXBCK6LTGBPWY:/home/bousse-e/.local/share/containers/storage/overlay/l/LKMJCJILATTJUXWNXVEG6JGMW7:/home/bousse-e/.local/share/containers/storage/overlay/l/UJWDGGYPQTNZSOYTINJLRGAB7K,upperdir=/home/bousse-e/.local/share/containers/storage/overlay/96675f36b591b17513189b8e96294f1738368408caa96dad524bd809ed7557dd/diff,workdir=/home/bousse-e/.local/share/containers/storage/overlay/96675f36b591b17513189b8e96294f1738368408caa96dad524bd809ed7557dd/work,context="system_u:object_r:container_file_t:s0:c872,c971"
DEBU[0000] Made network namespace at /run/user/1000/netns/cni-7ab36677-878e-3eba-e79d-161e3ba97a8f for container a185829c14d461c3c812d1e0ba34b6d281ac58f7c1fc28bf762de7773a807423
DEBU[0000] mounted container "a185829c14d461c3c812d1e0ba34b6d281ac58f7c1fc28bf762de7773a807423" at "/home/bousse-e/.local/share/containers/storage/overlay/96675f36b591b17513189b8e96294f1738368408caa96dad524bd809ed7557dd/merged"
DEBU[0000] slirp4netns command: /usr/bin/slirp4netns --disable-host-loopback --mtu=65520 --enable-sandbox --enable-seccomp -c -e 3 -r 4 --netns-type=path /run/user/1000/netns/cni-7ab36677-878e-3eba-e79d-161e3ba97a8f tap0
DEBU[0000] Created root filesystem for container a185829c14d461c3c812d1e0ba34b6d281ac58f7c1fc28bf762de7773a807423 at /home/bousse-e/.local/share/containers/storage/overlay/96675f36b591b17513189b8e96294f1738368408caa96dad524bd809ed7557dd/merged
DEBU[0000] Workdir "/src" resolved to host path "/home/bousse-e/.local/share/containers/storage/overlay/96675f36b591b17513189b8e96294f1738368408caa96dad524bd809ed7557dd/merged/src"
DEBU[0000] /etc/system-fips does not exist on host, not mounting FIPS mode subscription
DEBU[0000] Setting CGroups for container a185829c14d461c3c812d1e0ba34b6d281ac58f7c1fc28bf762de7773a807423 to user.slice:libpod:a185829c14d461c3c812d1e0ba34b6d281ac58f7c1fc28bf762de7773a807423
DEBU[0000] reading hooks from /usr/share/containers/oci/hooks.d
DEBU[0000] Created OCI spec for container a185829c14d461c3c812d1e0ba34b6d281ac58f7c1fc28bf762de7773a807423 at /home/bousse-e/.local/share/containers/storage/overlay-containers/a185829c14d461c3c812d1e0ba34b6d281ac58f7c1fc28bf762de7773a807423/userdata/config.json
DEBU[0000] /usr/bin/conmon messages will be logged to syslog
DEBU[0000] running conmon: /usr/bin/conmon args="[--api-version 1 -c a185829c14d461c3c812d1e0ba34b6d281ac58f7c1fc28bf762de7773a807423 -u a185829c14d461c3c812d1e0ba34b6d281ac58f7c1fc28bf762de7773a807423 -r /usr/bin/crun -b /home/bousse-e/.local/share/containers/storage/overlay-containers/a185829c14d461c3c812d1e0ba34b6d281ac58f7c1fc28bf762de7773a807423/userdata -p /run/user/1000/containers/overlay-containers/a185829c14d461c3c812d1e0ba34b6d281ac58f7c1fc28bf762de7773a807423/userdata/pidfile -n gallant_boyd --exit-dir /run/user/1000/libpod/tmp/exits --socket-dir-path /run/user/1000/libpod/tmp/socket -s -l k8s-file:/home/bousse-e/.local/share/containers/storage/overlay-containers/a185829c14d461c3c812d1e0ba34b6d281ac58f7c1fc28bf762de7773a807423/userdata/ctr.log --log-level debug --syslog --conmon-pidfile /run/user/1000/containers/overlay-containers/a185829c14d461c3c812d1e0ba34b6d281ac58f7c1fc28bf762de7773a807423/userdata/conmon.pid --exit-command /usr/bin/podman --exit-command-arg --root --exit-command-arg /home/bousse-e/.local/share/containers/storage --exit-command-arg --runroot --exit-command-arg /run/user/1000/containers --exit-command-arg --log-level --exit-command-arg debug --exit-command-arg --cgroup-manager --exit-command-arg systemd --exit-command-arg --tmpdir --exit-command-arg /run/user/1000/libpod/tmp --exit-command-arg --runtime --exit-command-arg crun --exit-command-arg --storage-driver --exit-command-arg overlay --exit-command-arg --storage-opt --exit-command-arg overlay.mount_program=/usr/bin/fuse-overlayfs --exit-command-arg --events-backend --exit-command-arg journald --exit-command-arg --syslog --exit-command-arg container --exit-command-arg cleanup --exit-command-arg --rm --exit-command-arg a185829c14d461c3c812d1e0ba34b6d281ac58f7c1fc28bf762de7773a807423]"
[conmon:d]: failed to write to /proc/self/oom_score_adj: Permission denied
DEBU[0000] Received: -1
DEBU[0000] Cleaning up container a185829c14d461c3c812d1e0ba34b6d281ac58f7c1fc28bf762de7773a807423
DEBU[0000] Tearing down network namespace at /run/user/1000/netns/cni-7ab36677-878e-3eba-e79d-161e3ba97a8f for container a185829c14d461c3c812d1e0ba34b6d281ac58f7c1fc28bf762de7773a807423
DEBU[0000] unmounted container "a185829c14d461c3c812d1e0ba34b6d281ac58f7c1fc28bf762de7773a807423"
DEBU[0000] Removing container a185829c14d461c3c812d1e0ba34b6d281ac58f7c1fc28bf762de7773a807423
DEBU[0000] Removing all exec sessions for container a185829c14d461c3c812d1e0ba34b6d281ac58f7c1fc28bf762de7773a807423
DEBU[0000] Cleaning up container a185829c14d461c3c812d1e0ba34b6d281ac58f7c1fc28bf762de7773a807423
DEBU[0000] Network is already cleaned up, skipping...
DEBU[0000] Container a185829c14d461c3c812d1e0ba34b6d281ac58f7c1fc28bf762de7773a807423 storage is already unmounted, skipping...
DEBU[0000] Container a185829c14d461c3c812d1e0ba34b6d281ac58f7c1fc28bf762de7773a807423 storage is already unmounted, skipping...
DEBU[0000] ExitCode msg: "open executable: operation not permitted: oci permission denied"
Error: open executable: Operation not permitted: OCI permission denied
Describe the results you expected:
The command should run.
Note that another command such as podman run --rm mariadb ls works without problem.
Additional information you deem important (e.g. issue happens only occasionally): N/A
Output of podman version:
Version: 3.0.0-dev
API Version: 3.0.0
Go Version: go1.16rc1
Built: Wed Feb 3 13:07:25 2021
OS/Arch: linux/amd64
Output of podman info --debug:
host:
arch: amd64
buildahVersion: 1.19.3
cgroupManager: systemd
cgroupVersion: v2
conmon:
package: conmon-2.0.21-3.fc33.x86_64
path: /usr/bin/conmon
version: 'conmon version 2.0.21, commit: 0f53fb68333bdead5fe4dc5175703e22cf9882ab'
cpus: 4
distribution:
distribution: fedora
version: "33"
eventLogger: journald
hostname: knodel
idMappings:
gidmap:
- container_id: 0
host_id: 1000
size: 1
- container_id: 1
host_id: 100000
size: 65536
uidmap:
- container_id: 0
host_id: 1000
size: 1
- container_id: 1
host_id: 100000
size: 65536
kernel: 5.10.11-200.fc33.x86_64
linkmode: dynamic
memFree: 20326567936
memTotal: 33541758976
ociRuntime:
name: crun
package: crun-0.17-1.fc33.x86_64
path: /usr/bin/crun
version: |-
crun version 0.17
commit: 0e9229ae34caaebcb86f1fde18de3acaf18c6d9a
spec: 1.0.0
+SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +CRIU +YAJL
os: linux
remoteSocket:
path: /run/user/1000/podman/podman.sock
security:
apparmorEnabled: false
capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
rootless: true
seccompEnabled: true
selinuxEnabled: true
slirp4netns:
executable: /usr/bin/slirp4netns
package: slirp4netns-1.1.8-1.fc33.x86_64
version: |-
slirp4netns version 1.1.8
commit: d361001f495417b880f20329121e3aa431a8f90f
libslirp: 4.3.1
SLIRP_CONFIG_VERSION_MAX: 3
libseccomp: 2.5.0
swapFree: 4294963200
swapTotal: 4294963200
uptime: 7m 14.32s
registries:
search:
- registry.fedoraproject.org
- registry.access.redhat.com
- registry.centos.org
- docker.io
store:
configFile: /home/bousse-e/.config/containers/storage.conf
containerStore:
number: 0
paused: 0
running: 0
stopped: 0
graphDriverName: overlay
graphOptions:
overlay.mount_program:
Executable: /usr/bin/fuse-overlayfs
Package: fuse-overlayfs-1.4.0-1.fc33.x86_64
Version: |-
fusermount3 version: 3.9.3
fuse-overlayfs: version 1.4
FUSE library version 3.9.3
using FUSE kernel interface version 7.31
graphRoot: /home/bousse-e/.local/share/containers/storage
graphStatus:
Backing Filesystem: btrfs
Native Overlay Diff: "false"
Supports d_type: "true"
Using metacopy: "false"
imageStore:
number: 1
runRoot: /run/user/1000/containers
volumePath: /home/bousse-e/.local/share/containers/storage/volumes
version:
APIVersion: 3.0.0
Built: 1612354045
BuiltTime: Wed Feb 3 13:07:25 2021
GitCommit: ""
GoVersion: go1.16rc1
OsArch: linux/amd64
Version: 3.0.0-dev
Package info (e.g. output of rpm -q podman or apt list podman):
podman-3.0.0-0.204.dev.gita086f60.fc34.x86_64
Have you tested with the latest version of Podman and have you checked the Podman Troubleshooting Guide?
Yes
Additional environment details (AWS, VirtualBox, physical, etc.): N/A
About this issue
- Original URL
- State: closed
- Created 3 years ago
- Reactions: 2
- Comments: 19 (10 by maintainers)
Commits related to this issue
- Ignore entrypoint=[] We recieved an issue with an image that was built with entrypoint=[""] This blows up on Podman, but works on Docker. When we setup the OCI Runtime, we should drop any fields tha... — committed to rhatdan/podman by rhatdan 3 years ago
- Ignore entrypoint=[\"\"] We recieved an issue with an image that was built with entrypoint=[""] This blows up on Podman, but works on Docker. When we setup the OCI Runtime, we should drop any fields... — committed to rhatdan/podman by rhatdan 3 years ago
- Ignore entrypoint=[\"\"] We recieved an issue with an image that was built with entrypoint=[""] This blows up on Podman, but works on Docker. When we setup the OCI Runtime, we should drop any fields... — committed to rhatdan/podman by rhatdan 3 years ago
- Ignore entrypoint=[\"\"] We recieved an issue with an image that was built with entrypoint=[""] This blows up on Podman, but works on Docker. When we setup the OCI Runtime, we should drop entrypoint... — committed to rhatdan/podman by rhatdan 3 years ago
- Ignore entrypoint=[\"\"] We recieved an issue with an image that was built with entrypoint=[""] This blows up on Podman, but works on Docker. When we setup the OCI Runtime, we should drop entrypoint... — committed to mheon/libpod by rhatdan 3 years ago
- Update Dockerfile Make the entrypoint script executable to avoid the following error in Podman run: Error: crun: open executable: Permission denied: OCI permission denied See: https://github.com/... — committed to skyblaster/freeswitch by skyblaster 2 years ago
Had a similar issue. Turned out that the
entrypoint scriptwas missing execution bit. To simplehave fixed that. Unfortunately the error messages was not clear about it.