podman: `podman info` fails without sudo

Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)

/kind bug

Description

adel@adel-pc:~  
> podman info
cannot clone: Invalid argument
panic: calling Unlock on unlocked lock

goroutine 1 [running]:
github.com/containers/libpod/vendor/github.com/containers/storage.(*lockfile).Unlock(0xc0000cdcc0)
        /build/podman/src/src/github.com/containers/libpod/vendor/github.com/containers/storage/lockfile_unix.go:144 +0x1ed
github.com/containers/libpod/libpod.makeRuntime.func2(0xc0006f4abe, 0x55b5908f2c00, 0xc0000cdcc0)
        /build/podman/src/src/github.com/containers/libpod/libpod/runtime.go:884 +0x47
github.com/containers/libpod/libpod.makeRuntime(0x55b5908e1ce0, 0xc0000c2048, 0xc0005b60f0, 0x55b5908b05a0, 0xc000814100)
        /build/podman/src/src/github.com/containers/libpod/libpod/runtime.go:897 +0x1a2f
github.com/containers/libpod/libpod.newRuntimeFromConfig(0x55b5908e1ce0, 0xc0000c2048, 0x0, 0x0, 0xc0000c47e0, 0x1, 0x1, 0xc0005b60f0, 0x0, 0x0)
        /build/podman/src/src/github.com/containers/libpod/libpod/runtime.go:564 +0x6a1
github.com/containers/libpod/libpod.NewRuntime(...)
        /build/podman/src/src/github.com/containers/libpod/libpod/runtime.go:355
github.com/containers/libpod/cmd/podman/libpodruntime.getRuntime(0x55b5908e1ce0, 0xc0000c2048, 0xc0006f5bb0, 0x0, 0x3e8, 0x0, 0x1e)
        /build/podman/src/src/github.com/containers/libpod/cmd/podman/libpodruntime/runtime.go:149 +0xbf9
github.com/containers/libpod/cmd/podman/libpodruntime.GetRuntime(...)
        /build/podman/src/src/github.com/containers/libpod/cmd/podman/libpodruntime/runtime.go:26
main.setupRootless(0x55b59179fa00, 0x55b591823320, 0x0, 0x0, 0x0, 0x0)
        /build/podman/src/src/github.com/containers/libpod/cmd/podman/main_local.go:116 +0x144
main.before(0x55b59179fa00, 0x55b591823320, 0x0, 0x0, 0x1, 0xc0000c4610)
        /build/podman/src/src/github.com/containers/libpod/cmd/podman/main.go:106 +0x6e
main.glob..func68(0x55b59179fa00, 0x55b591823320, 0x0, 0x0, 0x0, 0x0)
        /build/podman/src/src/github.com/containers/libpod/cmd/podman/main.go:75 +0x4b
github.com/containers/libpod/vendor/github.com/spf13/cobra.(*Command).execute(0x55b59179fa00, 0xc0000ba030, 0x0, 0x0, 0x55b59179fa00, 0xc0000ba030)
        /build/podman/src/src/github.com/containers/libpod/vendor/github.com/spf13/cobra/command.go:741 +0x572
github.com/containers/libpod/vendor/github.com/spf13/cobra.(*Command).ExecuteC(0x55b5917a11c0, 0xc0000b0cc0, 0x7ffed30ea503, 0x6)
        /build/podman/src/src/github.com/containers/libpod/vendor/github.com/spf13/cobra/command.go:852 +0x2ee
github.com/containers/libpod/vendor/github.com/spf13/cobra.(*Command).Execute(...)
        /build/podman/src/src/github.com/containers/libpod/vendor/github.com/spf13/cobra/command.go:800
main.main()
        /build/podman/src/src/github.com/containers/libpod/cmd/podman/main.go:142 +0x8a

Output of podman version:

Version:            1.3.0
RemoteAPI Version:  1
Go Version:         go1.12.4
Built:              Fri May 10 11:46:12 2019
OS/Arch:            linux/amd64

Output of podman info --debug:

cannot clone: Invalid argument
panic: calling Unlock on unlocked lock

goroutine 1 [running]:
github.com/containers/libpod/vendor/github.com/containers/storage.(*lockfile).Unlock(0xc0000cfcc0)
        /build/podman/src/src/github.com/containers/libpod/vendor/github.com/containers/storage/lockfile_unix.go:144 +0x1ed
github.com/containers/libpod/libpod.makeRuntime.func2(0xc00070eabe, 0x555644731c00, 0xc0000cfcc0)
        /build/podman/src/src/github.com/containers/libpod/libpod/runtime.go:884 +0x47
github.com/containers/libpod/libpod.makeRuntime(0x555644720ce0, 0xc0000c4048, 0xc0005e80f0, 0x5556446ef5a0, 0xc000820080)
        /build/podman/src/src/github.com/containers/libpod/libpod/runtime.go:897 +0x1a2f
github.com/containers/libpod/libpod.newRuntimeFromConfig(0x555644720ce0, 0xc0000c4048, 0x0, 0x0, 0xc000010750, 0x1, 0x1, 0xc0005e80f0, 0x0, 0x0)
        /build/podman/src/src/github.com/containers/libpod/libpod/runtime.go:564 +0x6a1
github.com/containers/libpod/libpod.NewRuntime(...)
        /build/podman/src/src/github.com/containers/libpod/libpod/runtime.go:355
github.com/containers/libpod/cmd/podman/libpodruntime.getRuntime(0x555644720ce0, 0xc0000c4048, 0xc00070fbb0, 0x0, 0x3e8, 0x0, 0x1e)
        /build/podman/src/src/github.com/containers/libpod/cmd/podman/libpodruntime/runtime.go:149 +0xbf9
github.com/containers/libpod/cmd/podman/libpodruntime.GetRuntime(...)
        /build/podman/src/src/github.com/containers/libpod/cmd/podman/libpodruntime/runtime.go:26
main.setupRootless(0x5556455dea00, 0xc00032c430, 0x0, 0x1, 0x0, 0x0)
        /build/podman/src/src/github.com/containers/libpod/cmd/podman/main_local.go:116 +0x144
main.before(0x5556455dea00, 0xc00032c430, 0x0, 0x1, 0x1, 0xc000010578)
        /build/podman/src/src/github.com/containers/libpod/cmd/podman/main.go:106 +0x6e
main.glob..func68(0x5556455dea00, 0xc00032c430, 0x0, 0x1, 0x0, 0x0)
        /build/podman/src/src/github.com/containers/libpod/cmd/podman/main.go:75 +0x4b
github.com/containers/libpod/vendor/github.com/spf13/cobra.(*Command).execute(0x5556455dea00, 0xc0000b2170, 0x1, 0x1, 0x5556455dea00, 0xc0000b2170)
        /build/podman/src/src/github.com/containers/libpod/vendor/github.com/spf13/cobra/command.go:741 +0x572
github.com/containers/libpod/vendor/github.com/spf13/cobra.(*Command).ExecuteC(0x5556455e01c0, 0xc0000b2cf0, 0x7ffc40dd54fb, 0x6)
        /build/podman/src/src/github.com/containers/libpod/vendor/github.com/spf13/cobra/command.go:852 +0x2ee
github.com/containers/libpod/vendor/github.com/spf13/cobra.(*Command).Execute(...)
        /build/podman/src/src/github.com/containers/libpod/vendor/github.com/spf13/cobra/command.go:800
main.main()
        /build/podman/src/src/github.com/containers/libpod/cmd/podman/main.go:142 +0x8a

Additional environment details (AWS, VirtualBox, physical, etc.):

> uname -a
Linux adel-pc 4.9.178-1-MANJARO #1 SMP PREEMPT Tue May 21 19:31:19 UTC 2019 x86_64 GNU/Linux

With sudo the command sudo podman info --debug works and outputs:

adel@adel-pc:~            
> sudo podman info --debug
debug:                    
  compiler: gc                          
  git commit: ""
  go version: go1.12.4       
  podman version: 1.3.0        
host:                      
  BuildahVersion: 1.8.2    
  Conmon:    
    package: Unknown
    path: /usr/bin/conmon             
    version: 'conmon version , commit: 8fba206232c249a8fc4e2fac1469fb2fddbf5cf7'
  Distribution:
    distribution: manjaro
    version: unknown
  MemFree: 3711102976
  MemTotal: 7782268928
  OCIRuntime:
    package: Unknown
    path: /usr/bin/runc
    version: |-
      runc version 1.0.0-rc8
      commit: 425e105d5a03fabd737a126ad93d62a9eeede87f
      spec: 1.0.1-dev
  SwapFree: 9448923136
  SwapTotal: 9448923136
  arch: amd64
  cpus: 4
  hostname: adel-pc
  kernel: 4.9.178-1-MANJARO
  os: linux
  rootless: false
  uptime: 42m 34.67s
registries:
  blocked: null
  insecure: null
  search:
  - docker.io
  - registry.fedoraproject.org
  - quay.io
  - registry.access.redhat.com
  - registry.centos.org
store:
  ConfigFile: /etc/containers/storage.conf
  ContainerStore:
    number: 0
  GraphDriverName: overlay
  GraphOptions:
  - overlay.mountopt=nodev
  GraphRoot: /var/lib/containers/storage
  GraphStatus:
    Backing Filesystem: extfs
    Native Overlay Diff: "true"
    Supports d_type: "true"
    Using metacopy: "false"
  ImageStore:
    number: 0
  RunRoot: /var/run/containers/storage
  VolumePath: /var/lib/containers/storage/volumes

About this issue

Original URL
State: closed
Created 5 years ago
Comments: 17 (17 by maintainers)

Commits related to this issue

runtime: unlock the alive lock only once Unlock the alive lock only once in the deferred func call. Fixes: #3207 Signed-off-by: Valentin Rothberg <rothberg@redhat.com> — committed to vrothberg/libpod by vrothberg 5 years ago
runtime: unlock the alive lock only once Unlock the alive lock only once in the deferred func call. Fixes: #3207 Signed-off-by: Valentin Rothberg <rothberg@redhat.com> — committed to vrothberg/libpod by vrothberg 5 years ago
runtime: unlock the alive lock only once Unlock the alive lock only once in the deferred func call. Fixes: #3207 Signed-off-by: Valentin Rothberg <rothberg@redhat.com> — committed to vrothberg/libpod by vrothberg 5 years ago
runtime: unlock the alive lock only once Unlock the alive lock only once in the deferred func call. Fixes: #3207 Signed-off-by: Valentin Rothberg <rothberg@redhat.com> — committed to samc24/libpod by vrothberg 5 years ago

Most upvoted comments

I updated the Linux kernel to 4.19.45-1-MANJARO and enabled the user namespaces by sysctl kernel.unprivileged_userns_clone=1 Now podman info works as expected. I am closing the issue. Thank you!

adel-mamin on May 29, 2019

@giuseppe’s suspicion is correct, the system does not have user namespace support. I guess that every distro configures that a bit different, but here’s a link how to enable it in Manjaro: https://forum.manjaro.org/t/how-to-permanently-enable-user-namespaces-in-manjaro-linux/71614/2

vrothberg on May 29, 2019

Error: could not get runtime: cannot re-exec process:

I fear there is no support for user namespaces in the kernel.

What do you see with ls /proc/self/ns; cat /proc/self/uid_map ?

giuseppe on May 28, 2019