Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

"toolbox reset" nukes files that don't belong to it #8680

Closed
hadess opened this issue Dec 10, 2020 · 16 comments · Fixed by #8750
Closed

"toolbox reset" nukes files that don't belong to it #8680

hadess opened this issue Dec 10, 2020 · 16 comments · Fixed by #8750
Labels
locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments.

Comments

@hadess
Copy link

hadess commented Dec 10, 2020

From containers/toolbox#648:

Running toolbox reset (which just calls podman system reset) just nuked a whole bunch of files that didn't belong to it under /run/user/1000 including the session D-Bus socket. Here's me really hoping that it didn't nuke any other files that might have been linked from there. Note that it will likely nuke files under /run/user/1000/doc/ which are files exported by the xdg-desktop-portal document portal for use with Flatpak. Deleting files there deletes the actual files that users used in the Flatpak containers.

$ find /run/user/1000/
/run/user/1000/
/run/user/1000/gnupg
/run/user/1000/gnome-shell-disable-extensions
/run/user/1000/gnome-shell
/run/user/1000/gnome-shell/runtime-state-LE.:0
/run/user/1000/wayland-0
/run/user/1000/wayland-0.lock
/run/user/1000/.mutter-Xwaylandauth.XN0MV0
/run/user/1000/ICEauthority
/run/user/1000/gnome-session-leader-fifo
/run/user/1000/dconf
/run/user/1000/dconf/user
/run/user/1000/gvfs
/run/user/1000/keyring
/run/user/1000/keyring/ssh
/run/user/1000/keyring/pkcs11
/run/user/1000/keyring/control
/run/user/1000/pulse
/run/user/1000/pulse/pid
/run/user/1000/pulse/native
/run/user/1000/pipewire-0
/run/user/1000/bus
/run/user/1000/systemd
/run/user/1000/systemd/transient
/run/user/1000/systemd/transient/vte-spawn-8f341ea3-9205-4427-aeeb-6b4093fdb785.scope
/run/user/1000/systemd/transient/dbus-:[email protected]
/run/user/1000/systemd/transient/dbus-:[email protected]
/run/user/1000/systemd/transient/dbus-:[email protected]
/run/user/1000/systemd/transient/dbus-:[email protected]
/run/user/1000/systemd/transient/dbus-:[email protected]
/run/user/1000/systemd/transient/app-gnome-gnome\x2dsoftware\x2dservice-2095.scope
/run/user/1000/systemd/transient/app-gnome-org.gnome.Evolution\x2dalarm\x2dnotify-2080.scope
/run/user/1000/systemd/transient/app-gnome-org.gnome.SettingsDaemon.DiskUtilityNotify-2060.scope
/run/user/1000/systemd/transient/app-gnome-solaar-2039.scope
/run/user/1000/systemd/transient/dbus-:[email protected]
/run/user/1000/systemd/transient/dbus-:[email protected]
/run/user/1000/systemd/transient/dbus-:[email protected]
/run/user/1000/systemd/transient/dbus-:[email protected]
/run/user/1000/systemd/transient/dbus-:[email protected]
/run/user/1000/systemd/transient/dbus-:[email protected]
/run/user/1000/systemd/transient/dbus-:[email protected]
/run/user/1000/systemd/transient/app-gnome-gsettings\x2ddata\x2dconvert-1728.scope
/run/user/1000/systemd/private
/run/user/1000/systemd/notify
/run/user/1000/systemd/generator.late
/run/user/1000/systemd/generator.late/app-geoclue\x2ddemo\x2dagent-autostart.service
/run/user/1000/systemd/generator.late/app-user\x2ddirs\x2dupdate\x2dgtk-autostart.service
/run/user/1000/systemd/generator.late/app-gnome\x2dshell\x2doverrides\x2dmigration-autostart.service
/run/user/1000/systemd/generator.late/app-gnome\x2dsoftware\x2dservice-autostart.service
/run/user/1000/systemd/generator.late/app-orca\x2dautostart-autostart.service
/run/user/1000/systemd/generator.late/app-solaar-autostart.service
/run/user/1000/systemd/generator.late/app-gnome\x2dwelcome\x2dtour-autostart.service
/run/user/1000/systemd/generator.late/app-tracker\x2dminer\x2dfs\x2d3-autostart.service
/run/user/1000/systemd/generator.late/app-gnome\x2dinitial\x2dsetup\x2dfirst\x2dlogin-autostart.service
/run/user/1000/systemd/generator.late/app-tracker\x2dminer\x2drss\x2d3-autostart.service
/run/user/1000/systemd/generator.late/app-org.freedesktop.problems.applet-autostart.service
/run/user/1000/systemd/generator.late/app-vboxclient-autostart.service
/run/user/1000/systemd/generator.late/app-vmware\x2duser-autostart.service
/run/user/1000/systemd/generator.late/app-org.gnome.SettingsDaemon.DiskUtilityNotify-autostart.service
/run/user/1000/systemd/generator.late/app-nm\x2dapplet-autostart.service
/run/user/1000/systemd/generator.late/xdg-desktop-autostart.target.wants
/run/user/1000/systemd/generator.late/xdg-desktop-autostart.target.wants/app-geoclue\x2ddemo\x2dagent-autostart.service
/run/user/1000/systemd/generator.late/xdg-desktop-autostart.target.wants/app-user\x2ddirs\x2dupdate\x2dgtk-autostart.service
/run/user/1000/systemd/generator.late/xdg-desktop-autostart.target.wants/app-gnome\x2dshell\x2doverrides\x2dmigration-autostart.service
/run/user/1000/systemd/generator.late/xdg-desktop-autostart.target.wants/app-gnome\x2dsoftware\x2dservice-autostart.service
/run/user/1000/systemd/generator.late/xdg-desktop-autostart.target.wants/app-solaar-autostart.service
/run/user/1000/systemd/generator.late/xdg-desktop-autostart.target.wants/app-tracker\x2dminer\x2dfs\x2d3-autostart.service
/run/user/1000/systemd/generator.late/xdg-desktop-autostart.target.wants/app-tracker\x2dminer\x2drss\x2d3-autostart.service
/run/user/1000/systemd/generator.late/xdg-desktop-autostart.target.wants/app-org.freedesktop.problems.applet-autostart.service
/run/user/1000/systemd/generator.late/xdg-desktop-autostart.target.wants/app-vboxclient-autostart.service
/run/user/1000/systemd/generator.late/xdg-desktop-autostart.target.wants/app-vmware\x2duser-autostart.service
/run/user/1000/systemd/generator.late/xdg-desktop-autostart.target.wants/app-org.gnome.SettingsDaemon.DiskUtilityNotify-autostart.service
/run/user/1000/systemd/generator.late/xdg-desktop-autostart.target.wants/app-nm\x2dapplet-autostart.service
/run/user/1000/systemd/generator.late/xdg-desktop-autostart.target.wants/app-org.gnome.Evolution\x2dalarm\x2dnotify-autostart.service
/run/user/1000/systemd/generator.late/app-org.gnome.Evolution\x2dalarm\x2dnotify-autostart.service
/run/user/1000/systemd/units
/run/user/1000/systemd/units/invocation:vte-spawn-8f341ea3-9205-4427-aeeb-6b4093fdb785.scope
/run/user/1000/systemd/units/invocation:gnome-terminal-server.service
/run/user/1000/systemd/units/invocation:dbus-:[email protected]
/run/user/1000/systemd/units/invocation:dbus-:[email protected]
/run/user/1000/systemd/units/invocation:dbus-:[email protected]
/run/user/1000/systemd/units/invocation:dbus-:[email protected]
/run/user/1000/systemd/units/invocation:evolution-addressbook-factory.service
/run/user/1000/systemd/units/invocation:dbus-:[email protected]
/run/user/1000/systemd/units/invocation:org.gnome.SettingsDaemon.XSettings.service
/run/user/1000/systemd/units/invocation:app-gnome-solaar-2039.scope
/run/user/1000/systemd/units/invocation:app-gnome-org.gnome.SettingsDaemon.DiskUtilityNotify-2060.scope
/run/user/1000/systemd/units/invocation:app-gnome-org.gnome.Evolution\x2dalarm\x2dnotify-2080.scope
/run/user/1000/systemd/units/invocation:app-gnome-gnome\x2dsoftware\x2dservice-2095.scope
/run/user/1000/systemd/units/invocation:dbus-:[email protected]
/run/user/1000/systemd/units/invocation:org.gnome.SettingsDaemon.Wacom.service
/run/user/1000/systemd/units/invocation:org.gnome.SettingsDaemon.UsbProtection.service
/run/user/1000/systemd/units/invocation:org.gnome.SettingsDaemon.Sound.service
/run/user/1000/systemd/units/invocation:org.gnome.SettingsDaemon.Smartcard.service
/run/user/1000/systemd/units/invocation:org.gnome.SettingsDaemon.Sharing.service
/run/user/1000/systemd/units/invocation:org.gnome.SettingsDaemon.ScreensaverProxy.service
/run/user/1000/systemd/units/invocation:org.gnome.SettingsDaemon.Rfkill.service
/run/user/1000/systemd/units/invocation:org.gnome.SettingsDaemon.PrintNotifications.service
/run/user/1000/systemd/units/invocation:org.gnome.SettingsDaemon.Power.service
/run/user/1000/systemd/units/invocation:org.gnome.SettingsDaemon.MediaKeys.service
/run/user/1000/systemd/units/invocation:org.gnome.SettingsDaemon.Keyboard.service
/run/user/1000/systemd/units/invocation:org.gnome.SettingsDaemon.Housekeeping.service
/run/user/1000/systemd/units/invocation:org.gnome.SettingsDaemon.Datetime.service
/run/user/1000/systemd/units/invocation:org.gnome.SettingsDaemon.Color.service
/run/user/1000/systemd/units/invocation:org.gnome.SettingsDaemon.A11ySettings.service
/run/user/1000/systemd/units/invocation:dbus-:[email protected]
/run/user/1000/systemd/units/invocation:dbus-:[email protected]
/run/user/1000/systemd/units/invocation:gvfs-gphoto2-volume-monitor.service
/run/user/1000/systemd/units/invocation:dbus-:[email protected]
/run/user/1000/systemd/units/invocation:evolution-calendar-factory.service
/run/user/1000/systemd/units/invocation:gvfs-goa-volume-monitor.service
/run/user/1000/systemd/units/invocation:gvfs-mtp-volume-monitor.service
/run/user/1000/systemd/units/invocation:gvfs-afc-volume-monitor.service
/run/user/1000/systemd/units/invocation:gvfs-metadata.service
/run/user/1000/systemd/units/invocation:gvfs-udisks2-volume-monitor.service
/run/user/1000/systemd/units/invocation:dbus-:[email protected]
/run/user/1000/systemd/units/invocation:dbus-:[email protected]
/run/user/1000/systemd/units/invocation:evolution-source-registry.service
/run/user/1000/systemd/units/invocation:dbus-:[email protected]
/run/user/1000/systemd/units/invocation:xdg-permission-store.service
/run/user/1000/systemd/units/invocation:at-spi-dbus-bus.service
/run/user/1000/systemd/units/invocation:app-gnome-gsettings\x2ddata\x2dconvert-1728.scope
/run/user/1000/systemd/units/invocation:[email protected]
/run/user/1000/systemd/units/invocation:[email protected]
/run/user/1000/systemd/units/invocation:gnome-session-monitor.service
/run/user/1000/systemd/units/invocation:gvfs-daemon.service
/run/user/1000/systemd/units/invocation:dbus-broker.service
/run/user/1000/systemd/units/invocation:pulseaudio.service
/run/user/1000/systemd/units/invocation:dbus.socket
/run/user/1000/systemd/inaccessible
/run/user/1000/systemd/inaccessible/chr
/run/user/1000/systemd/inaccessible/sock
/run/user/1000/systemd/inaccessible/fifo
/run/user/1000/systemd/inaccessible/dir
find: ‘/run/user/1000/systemd/inaccessible/dir’: Permission denied
/run/user/1000/systemd/inaccessible/reg
$ toolbox reset
'toolbox reset' is deprecated in favor of 'podman system reset'.
WARN[0000] Found deprecated file /home/hadess/.config/containers/libpod.conf, please remove. Use /home/hadess/.config/containers/containers.conf to override defaults. 
WARN[0000] Ignoring libpod.conf EventsLogger setting "journald". Use "/home/hadess/.config/containers/containers.conf" if you want to change this setting and remove libpod.conf files. 
WARN[0000] Found deprecated file /home/hadess/.config/containers/libpod.conf, please remove. Use /home/hadess/.config/containers/containers.conf to override defaults. 
WARN[0000] Ignoring libpod.conf EventsLogger setting "journald". Use "/home/hadess/.config/containers/containers.conf" if you want to change this setting and remove libpod.conf files. 
WARN[0000] Found deprecated file /home/hadess/.config/containers/libpod.conf, please remove. Use /home/hadess/.config/containers/containers.conf to override defaults. 
WARN[0000] Ignoring libpod.conf EventsLogger setting "journald". Use "/home/hadess/.config/containers/containers.conf" if you want to change this setting and remove libpod.conf files. 
WARN[0000] Found deprecated file /home/hadess/.config/containers/libpod.conf, please remove. Use /home/hadess/.config/containers/containers.conf to override defaults. 
WARN[0000] Ignoring libpod.conf EventsLogger setting "journald". Use "/home/hadess/.config/containers/containers.conf" if you want to change this setting and remove libpod.conf files. 

WARNING! This will remove:
        - all containers
        - all pods
        - all images
        - all build cache
Are you sure you want to continue? [y/N] y
A storage.conf file exists at /home/hadess/.config/containers/storage.conf
You should remove this file if you did not modified the configuration.
unlinkat /run/user/1000/gvfs: device or resource busy
$ find /run/user/1000/
/run/user/1000/
/run/user/1000/gvfs
$ cat /home/hadess/.config/containers/libpod.conf
volume_path = "/home/hadess/.local/share/containers/storage/volumes"
image_default_transport = "docker://"
runtime = "crun"
runtime_supports_json = ["crun", "runc"]
runtime_supports_nocgroups = ["crun"]
conmon_path = ["/usr/libexec/podman/conmon", "/usr/local/libexec/podman/conmon", "/usr/local/lib/podman/conmon", "/usr/bin/conmon", "/usr/sbin/conmon", "/usr/local/bin/conmon", "/usr/local/sbin/conmon", "/run/current-system/sw/bin/conmon"]
conmon_env_vars = ["PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"]
cgroup_manager = "systemd"
init_path = ""
static_dir = "/home/hadess/.local/share/containers/storage/libpod"
tmp_dir = "/run/user/1000/libpod/tmp"
max_log_size = -1
no_pivot_root = false
cni_config_dir = "/etc/cni/net.d/"
cni_plugin_dir = ["/usr/libexec/cni", "/usr/lib/cni", "/usr/local/lib/cni", "/opt/cni/bin"]
infra_image = "k8s.gcr.io/pause:3.1"
infra_command = "/pause"
enable_port_reservation = true
label = true
network_cmd_path = ""
num_locks = 2048
lock_type = "shm"
events_logger = "journald"
events_logfile_path = ""
detach_keys = "ctrl-p,ctrl-q"
SDNotify = false
cgroup_check = true

[runtimes]
  crun = ["/usr/bin/crun", "/usr/local/bin/crun"]
  runc = ["/usr/bin/runc", "/usr/sbin/runc", "/usr/local/bin/runc", "/usr/local/sbin/runc", "/sbin/runc", "/bin/runc", "/usr/lib/cri-o-runc/sbin/runc", "/run/current-system/sw/bin/runc"]

I never edited /home/hadess/.config/containers/libpod.conf and the same problem occured after removing it.

@hadess
Copy link
Author

hadess commented Dec 10, 2020

$ rpm -q podman toolbox
podman-2.1.1-12.fc33.x86_64
toolbox-0.0.97-1.fc33.x86_64

@giuseppe
Copy link
Member

can you reproduce the same issue with plain podman? Does podman system reset remove the same files?

@hadess
Copy link
Author

hadess commented Dec 10, 2020

can you reproduce the same issue with plain podman? Does podman system reset remove the same files?

At this point, I think it would be best if you tried things yourself. I'm still trying to find out whether it nuked some of my personal files that happened to be linked in the directory from the /run directory.

toolbox calls podman system reset:
https://github.com/containers/toolbox/blob/master/src/cmd/reset.go#L42

@Luap99
Copy link
Member

Luap99 commented Dec 10, 2020

Can you run podman --log-level debug ps.
This should contain something like this:

...
DEBU[0000] Using graph root /home/paul/.local/share/containers/storage 
DEBU[0000] Using run root /run/user/1000/containers     
DEBU[0000] Using static dir /home/paul/.local/share/containers/storage/libpod 
DEBU[0000] Using tmp dir /run/user/1000/libpod/tmp
...

These paths will be removed by system reset.

@hadess
Copy link
Author

hadess commented Dec 10, 2020

$ podman --log-level debug system reset
INFO[0000] podman filtering at log level debug          
DEBU[0000] Called reset.PersistentPreRunE(podman --log-level debug system reset) 
DEBU[0000] Reading configuration file "/usr/share/containers/containers.conf" 
DEBU[0000] Merged system config "/usr/share/containers/containers.conf": &{Containers:{Devices:[] Volumes:[] ApparmorProfile:containers-default-0.22.0 Annotations:[] CgroupNS:private Cgroups:enabled DefaultCapabilities:[AUDIT_WRITE CHOWN DAC_OVERRIDE FOWNER FSETID KILL NET_BIND_SERVICE SETFCAP SETGID SETPCAP SETUID SYS_CHROOT] DefaultSysctls:[net.ipv4.ping_group_range=0 1] DefaultUlimits:[] DefaultMountsFile: DNSServers:[] DNSOptions:[] DNSSearches:[] EnableLabeling:true Env:[PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin TERM=xterm] EnvHost:false HTTPProxy:false Init:false InitPath: IPCNS:private LogDriver:k8s-file LogSizeMax:-1 NetNS:slirp4netns NoHosts:false PidsLimit:2048 PidNS:private SeccompProfile:/usr/share/containers/seccomp.json ShmSize:65536k TZ: Umask:0022 UTSNS:private UserNS:host UserNSSize:65536} Engine:{CgroupCheck:false CgroupManager:systemd ConmonEnvVars:[PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin] ConmonPath:[/usr/libexec/podman/conmon /usr/local/libexec/podman/conmon /usr/local/lib/podman/conmon /usr/bin/conmon /usr/sbin/conmon /usr/local/bin/conmon /usr/local/sbin/conmon /run/current-system/sw/bin/conmon] DetachKeys:ctrl-p,ctrl-q EnablePortReservation:true Env:[] EventsLogFilePath:/run/user/1000/libpod/tmp/events/events.log EventsLogger:journald HooksDir:[/usr/share/containers/oci/hooks.d] ImageDefaultTransport:docker:// InfraCommand:/pause InfraImage:k8s.gcr.io/pause:3.2 InitPath:/usr/libexec/podman/catatonit LockType:shm MultiImageArchive:false Namespace: NetworkCmdPath: NoPivotRoot:false NumLocks:2048 OCIRuntime:crun OCIRuntimes:map[crun:[/usr/bin/crun /usr/sbin/crun /usr/local/bin/crun /usr/local/sbin/crun /sbin/crun /bin/crun /run/current-system/sw/bin/crun] kata:[/usr/bin/kata-runtime /usr/sbin/kata-runtime /usr/local/bin/kata-runtime /usr/local/sbin/kata-runtime /sbin/kata-runtime /bin/kata-runtime /usr/bin/kata-qemu /usr/bin/kata-fc] runc:[/usr/bin/runc /usr/sbin/runc /usr/local/bin/runc /usr/local/sbin/runc /sbin/runc /bin/runc /usr/lib/cri-o-runc/sbin/runc /run/current-system/sw/bin/runc]] PullPolicy:missing Remote:false RemoteURI: RemoteIdentity: ActiveService: ServiceDestinations:map[] RuntimePath:[] RuntimeSupportsJSON:[crun runc] RuntimeSupportsNoCgroups:[crun] RuntimeSupportsKVM:[kata kata-runtime kata-qemu kata-fc] SetOptions:{StorageConfigRunRootSet:false StorageConfigGraphRootSet:false StorageConfigGraphDriverNameSet:false StaticDirSet:false VolumePathSet:false TmpDirSet:false} SignaturePolicyPath:/etc/containers/policy.json SDNotify:false StateType:3 StaticDir:/home/hadess/.local/share/containers/storage/libpod StopTimeout:10 TmpDir:/run/user/1000/libpod/tmp VolumePath:/home/hadess/.local/share/containers/storage/volumes} Network:{CNIPluginDirs:[/usr/libexec/cni /usr/lib/cni /usr/local/lib/cni /opt/cni/bin] DefaultNetwork:podman NetworkConfigDir:/home/hadess/.config/cni/net.d}} 
DEBU[0000] Using conmon: "/usr/bin/conmon"              
DEBU[0000] Initializing boltdb state at /home/hadess/.local/share/containers/storage/libpod/bolt_state.db 
DEBU[0000] Using graph driver overlay                   
DEBU[0000] Using graph root /home/hadess/.local/share/containers/storage 
DEBU[0000] Using run root /run/user/1000                
DEBU[0000] Using static dir /home/hadess/.local/share/containers/storage/libpod 
DEBU[0000] Using tmp dir /run/user/1000/libpod/tmp      
DEBU[0000] Using volume path /home/hadess/.local/share/containers/storage/volumes 
DEBU[0000] Set libpod namespace to ""                   
DEBU[0000] Not configuring container store              
DEBU[0000] Initializing event backend journald          
DEBU[0000] using runtime "/usr/bin/runc"                
DEBU[0000] using runtime "/usr/bin/crun"                
WARN[0000] Error initializing configured OCI runtime kata: no valid executable found for OCI runtime kata: invalid argument 
INFO[0000] Setting parallel job count to 19             
INFO[0000] podman filtering at log level debug          
DEBU[0000] Called reset.PersistentPreRunE(podman --log-level debug system reset) 
DEBU[0000] Reading configuration file "/usr/share/containers/containers.conf" 
DEBU[0000] Merged system config "/usr/share/containers/containers.conf": &{Containers:{Devices:[] Volumes:[] ApparmorProfile:containers-default-0.22.0 Annotations:[] CgroupNS:private Cgroups:enabled DefaultCapabilities:[AUDIT_WRITE CHOWN DAC_OVERRIDE FOWNER FSETID KILL NET_BIND_SERVICE SETFCAP SETGID SETPCAP SETUID SYS_CHROOT] DefaultSysctls:[net.ipv4.ping_group_range=0 1] DefaultUlimits:[] DefaultMountsFile: DNSServers:[] DNSOptions:[] DNSSearches:[] EnableLabeling:true Env:[PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin TERM=xterm] EnvHost:false HTTPProxy:false Init:false InitPath: IPCNS:private LogDriver:k8s-file LogSizeMax:-1 NetNS:slirp4netns NoHosts:false PidsLimit:2048 PidNS:private SeccompProfile:/usr/share/containers/seccomp.json ShmSize:65536k TZ: Umask:0022 UTSNS:private UserNS:host UserNSSize:65536} Engine:{CgroupCheck:false CgroupManager:systemd ConmonEnvVars:[PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin] ConmonPath:[/usr/libexec/podman/conmon /usr/local/libexec/podman/conmon /usr/local/lib/podman/conmon /usr/bin/conmon /usr/sbin/conmon /usr/local/bin/conmon /usr/local/sbin/conmon /run/current-system/sw/bin/conmon] DetachKeys:ctrl-p,ctrl-q EnablePortReservation:true Env:[] EventsLogFilePath:/run/user/1000/libpod/tmp/events/events.log EventsLogger:journald HooksDir:[/usr/share/containers/oci/hooks.d] ImageDefaultTransport:docker:// InfraCommand:/pause InfraImage:k8s.gcr.io/pause:3.2 InitPath:/usr/libexec/podman/catatonit LockType:shm MultiImageArchive:false Namespace: NetworkCmdPath: NoPivotRoot:false NumLocks:2048 OCIRuntime:crun OCIRuntimes:map[crun:[/usr/bin/crun /usr/sbin/crun /usr/local/bin/crun /usr/local/sbin/crun /sbin/crun /bin/crun /run/current-system/sw/bin/crun] kata:[/usr/bin/kata-runtime /usr/sbin/kata-runtime /usr/local/bin/kata-runtime /usr/local/sbin/kata-runtime /sbin/kata-runtime /bin/kata-runtime /usr/bin/kata-qemu /usr/bin/kata-fc] runc:[/usr/bin/runc /usr/sbin/runc /usr/local/bin/runc /usr/local/sbin/runc /sbin/runc /bin/runc /usr/lib/cri-o-runc/sbin/runc /run/current-system/sw/bin/runc]] PullPolicy:missing Remote:false RemoteURI: RemoteIdentity: ActiveService: ServiceDestinations:map[] RuntimePath:[] RuntimeSupportsJSON:[crun runc] RuntimeSupportsNoCgroups:[crun] RuntimeSupportsKVM:[kata kata-runtime kata-qemu kata-fc] SetOptions:{StorageConfigRunRootSet:false StorageConfigGraphRootSet:false StorageConfigGraphDriverNameSet:false StaticDirSet:false VolumePathSet:false TmpDirSet:false} SignaturePolicyPath:/etc/containers/policy.json SDNotify:false StateType:3 StaticDir:/home/hadess/.local/share/containers/storage/libpod StopTimeout:10 TmpDir:/run/user/1000/libpod/tmp VolumePath:/home/hadess/.local/share/containers/storage/volumes} Network:{CNIPluginDirs:[/usr/libexec/cni /usr/lib/cni /usr/local/lib/cni /opt/cni/bin] DefaultNetwork:podman NetworkConfigDir:/home/hadess/.config/cni/net.d}} 
DEBU[0000] Using conmon: "/usr/bin/conmon"              
DEBU[0000] Initializing boltdb state at /home/hadess/.local/share/containers/storage/libpod/bolt_state.db 
DEBU[0000] Using graph driver overlay                   
DEBU[0000] Using graph root /home/hadess/.local/share/containers/storage 
DEBU[0000] Using run root /run/user/1000                
DEBU[0000] Using static dir /home/hadess/.local/share/containers/storage/libpod 
DEBU[0000] Using tmp dir /run/user/1000/libpod/tmp      
DEBU[0000] Using volume path /home/hadess/.local/share/containers/storage/volumes 
DEBU[0000] Set libpod namespace to ""                   
DEBU[0000] [graphdriver] trying provided driver "overlay" 
DEBU[0000] overlay: mount_program=/usr/bin/fuse-overlayfs 
DEBU[0000] overlay: mount_program=/usr/bin/fuse-overlayfs 
DEBU[0000] backingFs=extfs, projectQuotaSupported=false, useNativeDiff=false, usingMetacopy=false 
DEBU[0000] Initializing event backend journald          
DEBU[0000] using runtime "/usr/bin/runc"                
DEBU[0000] using runtime "/usr/bin/crun"                
WARN[0000] Error initializing configured OCI runtime kata: no valid executable found for OCI runtime kata: invalid argument 
INFO[0000] Setting parallel job count to 19             

WARNING! This will remove:
        - all containers
        - all pods
        - all images
        - all build cache
Are you sure you want to continue? [y/N] y
DEBU[0001] Reading configuration file "/usr/share/containers/containers.conf" 
DEBU[0001] Merged system config "/usr/share/containers/containers.conf": &{Containers:{Devices:[] Volumes:[] ApparmorProfile:containers-default-0.22.0 Annotations:[] CgroupNS:private Cgroups:enabled DefaultCapabilities:[AUDIT_WRITE CHOWN DAC_OVERRIDE FOWNER FSETID KILL NET_BIND_SERVICE SETFCAP SETGID SETPCAP SETUID SYS_CHROOT] DefaultSysctls:[net.ipv4.ping_group_range=0 1] DefaultUlimits:[] DefaultMountsFile: DNSServers:[] DNSOptions:[] DNSSearches:[] EnableLabeling:true Env:[PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin TERM=xterm] EnvHost:false HTTPProxy:false Init:false InitPath: IPCNS:private LogDriver:k8s-file LogSizeMax:-1 NetNS:slirp4netns NoHosts:false PidsLimit:2048 PidNS:private SeccompProfile:/usr/share/containers/seccomp.json ShmSize:65536k TZ: Umask:0022 UTSNS:private UserNS:host UserNSSize:65536} Engine:{CgroupCheck:false CgroupManager:systemd ConmonEnvVars:[PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin] ConmonPath:[/usr/libexec/podman/conmon /usr/local/libexec/podman/conmon /usr/local/lib/podman/conmon /usr/bin/conmon /usr/sbin/conmon /usr/local/bin/conmon /usr/local/sbin/conmon /run/current-system/sw/bin/conmon] DetachKeys:ctrl-p,ctrl-q EnablePortReservation:true Env:[] EventsLogFilePath:/run/user/1000/libpod/tmp/events/events.log EventsLogger:journald HooksDir:[/usr/share/containers/oci/hooks.d] ImageDefaultTransport:docker:// InfraCommand:/pause InfraImage:k8s.gcr.io/pause:3.2 InitPath:/usr/libexec/podman/catatonit LockType:shm MultiImageArchive:false Namespace: NetworkCmdPath: NoPivotRoot:false NumLocks:2048 OCIRuntime:crun OCIRuntimes:map[crun:[/usr/bin/crun /usr/sbin/crun /usr/local/bin/crun /usr/local/sbin/crun /sbin/crun /bin/crun /run/current-system/sw/bin/crun] kata:[/usr/bin/kata-runtime /usr/sbin/kata-runtime /usr/local/bin/kata-runtime /usr/local/sbin/kata-runtime /sbin/kata-runtime /bin/kata-runtime /usr/bin/kata-qemu /usr/bin/kata-fc] runc:[/usr/bin/runc /usr/sbin/runc /usr/local/bin/runc /usr/local/sbin/runc /sbin/runc /bin/runc /usr/lib/cri-o-runc/sbin/runc /run/current-system/sw/bin/runc]] PullPolicy:missing Remote:false RemoteURI: RemoteIdentity: ActiveService: ServiceDestinations:map[] RuntimePath:[] RuntimeSupportsJSON:[crun runc] RuntimeSupportsNoCgroups:[crun] RuntimeSupportsKVM:[kata kata-runtime kata-qemu kata-fc] SetOptions:{StorageConfigRunRootSet:false StorageConfigGraphRootSet:false StorageConfigGraphDriverNameSet:false StaticDirSet:false VolumePathSet:false TmpDirSet:false} SignaturePolicyPath:/etc/containers/policy.json SDNotify:false StateType:3 StaticDir:/home/hadess/.local/share/containers/storage/libpod StopTimeout:10 TmpDir:/run/user/1000/libpod/tmp VolumePath:/home/hadess/.local/share/containers/storage/volumes} Network:{CNIPluginDirs:[/usr/libexec/cni /usr/lib/cni /usr/local/lib/cni /opt/cni/bin] DefaultNetwork:podman NetworkConfigDir:/home/hadess/.config/cni/net.d}} 
DEBU[0001] Using conmon: "/usr/bin/conmon"              
DEBU[0001] Initializing boltdb state at /home/hadess/.local/share/containers/storage/libpod/bolt_state.db 
DEBU[0001] Using graph driver overlay                   
DEBU[0001] Using graph root /home/hadess/.local/share/containers/storage 
DEBU[0001] Using run root /run/user/1000                
DEBU[0001] Using static dir /home/hadess/.local/share/containers/storage/libpod 
DEBU[0001] Using tmp dir /run/user/1000/libpod/tmp      
DEBU[0001] Using volume path /home/hadess/.local/share/containers/storage/volumes 
DEBU[0001] Set libpod namespace to ""                   
DEBU[0001] Initializing event backend journald          
DEBU[0001] using runtime "/usr/bin/crun"                
WARN[0001] Error initializing configured OCI runtime kata: no valid executable found for OCI runtime kata: invalid argument 
DEBU[0001] using runtime "/usr/bin/runc"                
DEBU[0001] [graphdriver] trying provided driver "overlay" 
DEBU[0001] overlay: mount_program=/usr/bin/fuse-overlayfs 
DEBU[0001] overlay: mount_program=/usr/bin/fuse-overlayfs 
DEBU[0001] backingFs=extfs, projectQuotaSupported=false, useNativeDiff=false, usingMetacopy=false 
A storage.conf file exists at /home/hadess/.config/containers/storage.conf
You should remove this file if you did not modified the configuration.
unlinkat /run/user/1000/gvfs: device or resource busy
$ cat /home/hadess/.config/containers/storage.conf
[storage]
  driver = "overlay"
  runroot = "/run/user/1000"
  graphroot = "/home/hadess/.local/share/containers/storage"
  [storage.options]
    mount_program = "/usr/bin/fuse-overlayfs"

I didn't create that file myself.

@hadess
Copy link
Author

hadess commented Dec 10, 2020

Looks like somebody changed the meaning/default value of runroot since Jan 2019 (when /home/hadess/.config/containers/storage.conf above was automatically created). Nuking this file and running podman --log-level debug ps shows:

DEBU[0000] Using run root /run/user/1000/containers     

The code should make sure that "runroot" isn't the same as XDG_RUNTIME_DIR before emptying it...

@hadess
Copy link
Author

hadess commented Dec 10, 2020

podman in Fedora 29 created that storage.conf file:
#2231

@hadess
Copy link
Author

hadess commented Dec 16, 2020

I'm disappointed at the urgency shown in trying to fix this problem. There's the possibility of data loss for long-term users of this piece of software, and it seems that it's being completely ignored.

@rhatdan
Copy link
Member

rhatdan commented Dec 16, 2020

@hadess well you could always open a PR to fix this. If you notice we have nearly 250 issues now on Podman, and the number is growing. That does not include all of the other projects that are part of container engines.

@hadess
Copy link
Author

hadess commented Dec 16, 2020

It's a data loss bug, and not about the data inside the container either, I really thought it would get higher priority, as in, drop everything to stop users potentially having their data destroyed.

@rhatdan
Copy link
Member

rhatdan commented Dec 16, 2020

This is the first we have heard about it, so it is not that prevalent, and most users are not resetting their storage.

@rhatdan
Copy link
Member

rhatdan commented Dec 16, 2020

Any ways I though together a PR to prevent it. PTAL.

@hadess
Copy link
Author

hadess commented Dec 16, 2020

This is the first we have heard about it, so it is not that prevalent, and most users are not resetting their storage.

Or maybe folks don't know why it happened, never figured out what the problem was, and blamed their OS, or the desktop they're running when it falls over. Hard to know.

rhatdan added a commit to rhatdan/podman that referenced this issue Dec 16, 2020
In certain cases XDG_RUNTIME_DIR was deleted by accident based on
settings in the storage.conf. This patch verifies that when doing
a storage reset, we don't accidently remove XDG_RUNTIME_DIR.

Fixes: containers#8680

Signed-off-by: Daniel J Walsh <[email protected]>
@hadess
Copy link
Author

hadess commented Dec 17, 2020

Thanks for looking into this.

@nitkon
Copy link
Contributor

nitkon commented May 4, 2021

+1
Podman version 2.2.1
rootless_user: podman system reset -f
A storage.conf file exists at /home/nitkon/.config/containers/storage.conf
You should remove this file if you did not modified the configuration.

@mheon
Copy link
Member

mheon commented May 4, 2021

This is fixed as of v3.0.0.

@github-actions github-actions bot added the locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments. label Sep 22, 2023
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Sep 22, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments.
Projects
None yet
Development

Successfully merging a pull request may close this issue.

6 participants