Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Error: runc: runc create failed: unable to start container process: error during container init: error mounting : OCI permission denied #1037

Open
aishwaryaredd opened this issue Sep 12, 2024 · 0 comments
Labels
bug Something isn't working

Comments

@aishwaryaredd
Copy link

aishwaryaredd commented Sep 12, 2024

Describe the bug
I am trying to run the containers as rootless user. I was able to start database(Postgesql) as non root user. And when trying to start artifactory container it is giving below error. I am using podman-compose for running them. If I run the command as root user, everything works fine without any issue.

Error
Error: runc: runc create failed: unable to start container process: error during container init: error mounting "/af/certs" to rootfs at "/var/opt/jfrog/artifactory/etc/security/keys/trusted": lstat /af/shared/storage/overlay/5etzgttgsdfe10/merged/var/opt/jfrog/artifactory/etc/security/keys: permission denied: OCI permission denied

Steps to reproduce the behavior:

run the below command as non root user.
podman run --name=artifactory -d --requires=postgresql --label io.podman.compose.project=artifactory --label io.podman.compose.version=1.0.6 --label PODMAN_SYSTEMD_UNIT=[email protected] --label com.docker.compose.project=artifactory --label com.docker.compose.project.working_dir=//artifactory --label com.docker.compose.project.config_files=docker-compose.yaml --label com.docker.compose.container-number=1 --label com.docker.compose.service=artifactory -e JF_ROUTER_ENTRYPOINTS_EXTERNALPORT=8082 -e EXTRA_JAVA_OPTIONS="-***************" -v ********** -v /etc/localtime:/etc/localtime:ro -v //certs:/var/opt/jfrog/artifactory/etc/security/keys/trusted:ro -v /****/certs/cacerts:/var/opt/jfrog/artifactory/etc/cacerts --net artifactory_default --network-alias artifactory --log-driver=json-file --log-opt=max-size=50m --log-opt=max-file=10 --expose 8082 --expose 8081 --restart always --ulimit nproc=62750 --ulimit nofile=32000:40000 docker.bintray.io/jfrog/artifactory-pro:7.90.8

Environment:

  • OS: Linux

$ podman-compose version
podman-compose version: 1.0.6
['podman', '--version', '']
using podman version: 4.6.1
podman-compose version 1.0.6
podman --version
podman version 4.6.1
exit code: 0

@aishwaryaredd aishwaryaredd added the bug Something isn't working label Sep 12, 2024
@aishwaryaredd aishwaryaredd changed the title Error: runc: runc create failed: unable to start container process: error during container init: error mounting "/af/certs" to rootfs at "/var/opt/jfrog/artifactory/etc/security/keys/trusted": lstat /af/shared/storage/overlay/5etzgttgsdfe10/merged/var/opt/jfrog/artifactory/etc/security/keys: permission denied: OCI permission denied Error: runc: runc create failed: unable to start container process: error during container init: error mounting : OCI permission denied Sep 12, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

No branches or pull requests

1 participant