podman: podman exec: Error: unable to find user $USER: no matching entries in passwd file
Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)
/kind bug
Description
Trying to exec into a container with ‘-u $USER’ fails to look up the user that is automatically added by --userns=keep-id --user root:root
Steps to reproduce the issue:
in one terminal:
$ podman run --userns=keep-id --user root:root -it --rm --name foof registry.fedoraproject.org/fedora:32 /bin/bash
in another terminal:
$ podman exec -it -u $USER foof /bin/bash
Error: unable to find user otaylor: no matching entries in passwd file
Additional information you deem important (e.g. issue happens only occasionally):
This is a distillation of a problem toolbox triggers; I see this on Fedora Silverblue rawhide, @mheon was able to reproduce on his system
Output of podman version:
Version: 2.1.0-dev API Version: 1 Go Version: go1.14.3 Built: Wed Dec 31 19:00:00 1969 OS/Arch: linux/amd64
About this issue
- Original URL
- State: closed
- Created 4 years ago
- Comments: 19 (16 by maintainers)
Commits related to this issue
- Preserve passwd on container restart We added code to create a `/etc/passwd` file that we bind-mount into the container in some cases (most notably, `--userns=keep-id` containers). This, unfortunatel... — committed to mheon/libpod by mheon 4 years ago
- Make changes to /etc/passwd on disk for non-read only Bind-mounting /etc/passwd into the container is problematic becuase of how system utilities like `useradd` work. They want to make a copy and the... — committed to mheon/libpod by mheon 4 years ago
- Make changes to /etc/passwd on disk for non-read only Bind-mounting /etc/passwd into the container is problematic becuase of how system utilities like `useradd` work. They want to make a copy and the... — committed to mheon/libpod by mheon 4 years ago
- Make changes to /etc/passwd on disk for non-read only Bind-mounting /etc/passwd into the container is problematic becuase of how system utilities like `useradd` work. They want to make a copy and the... — committed to mheon/libpod by mheon 4 years ago
- Make changes to /etc/passwd on disk for non-read only Bind-mounting /etc/passwd into the container is problematic becuase of how system utilities like `useradd` work. They want to make a copy and the... — committed to mheon/libpod by mheon 4 years ago
- Make changes to /etc/passwd on disk for non-read only Bind-mounting /etc/passwd into the container is problematic becuase of how system utilities like `useradd` work. They want to make a copy and the... — committed to mheon/libpod by mheon 4 years ago
- Make changes to /etc/passwd on disk for non-read only Bind-mounting /etc/passwd into the container is problematic becuase of how system utilities like `useradd` work. They want to make a copy and the... — committed to mheon/libpod by mheon 4 years ago
- Make changes to /etc/passwd on disk for non-read only Bind-mounting /etc/passwd into the container is problematic becuase of how system utilities like `useradd` work. They want to make a copy and the... — committed to mheon/libpod by mheon 4 years ago
- Make changes to /etc/passwd on disk for non-read only Bind-mounting /etc/passwd into the container is problematic becuase of how system utilities like `useradd` work. They want to make a copy and the... — committed to mheon/libpod by mheon 4 years ago
- Make changes to /etc/passwd on disk for non-read only Bind-mounting /etc/passwd into the container is problematic becuase of how system utilities like `useradd` work. They want to make a copy and the... — committed to vrothberg/libpod by mheon 4 years ago
- Make changes to /etc/passwd on disk for non-read only Bind-mounting /etc/passwd into the container is problematic becuase of how system utilities like `useradd` work. They want to make a copy and the... — committed to mheon/libpod by mheon 4 years ago
- Make changes to /etc/passwd on disk for non-read only Bind-mounting /etc/passwd into the container is problematic becuase of how system utilities like `useradd` work. They want to make a copy and the... — committed to mheon/libpod by mheon 4 years ago
I’m going to reopen because we only partially solved this.
We can definitely edit /etc/passwd in the image. That does not work in the read-only case, but that would also make it impossible to add users, so we could still use the old approach.