Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Denied Permission while pulling images #14056

Closed
dipankar-maitra-arch opened this issue Apr 28, 2022 · 6 comments
Closed

Denied Permission while pulling images #14056

dipankar-maitra-arch opened this issue Apr 28, 2022 · 6 comments
Labels
kind/bug Categorizes issue or PR as related to a bug. locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments.

Comments

@dipankar-maitra-arch
Copy link

dipankar-maitra-arch commented Apr 28, 2022
edited
Loading

Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)
BUG REPORT
/kind bug
Permission Denial
/kind feature
Image Pull
Description

While using podman command - podman pull alpine, getting the following error
Error processing tar file(exit status 1): open /etc/passwd: permission denied
Error: Error committing the finished image: error adding layer with blob "sha256:df9b9388f04ad6279a7410b85cedfdcb2208c0a003da7ab5613af7
1079148139": Error processing tar file(exit status 1): open /etc/passwd: permission denied

Error is same while trying sudo podman pull alpine
However same works when trying using $sudo docker pull alpine

Steps to reproduce the issue:

  1. Install podman on Ubuntu

  2. podman pull alpine

Describe the results you received:

Resolved "alpine" as an alias (/etc/containers/registries.conf.d/000-shortnames.conf)
Trying to pull docker.io/library/alpine:latest...
Getting image source signatures
Copying blob df9b9388f04a done
Copying config 0ac33e5f5a done
Writing manifest to image destination
Storing signatures
Error processing tar file(exit status 1): open /etc/passwd: permission denied
Error: Error committing the finished image: error adding layer with blob "sha256:df9b9388f04ad6279a7410b85cedfdcb2208c0a003da7ab5613af7
1079148139": Error processing tar file(exit status 1): open /etc/passwd: permission denied

Describe the results you expected:

successful image pull

Additional information you deem important (e.g. issue happens only occasionally):
Ubuntu 18.04 LTS is the OS

Output of podman version:

podman version 3.0.1

Output of podman info --debug:

host:
  arch: amd64
  buildahVersion: 1.19.4
  cgroupManager: cgroupfs
  cgroupVersion: v1
  conmon:
    package: 'conmon: /usr/libexec/podman/conmon'
    path: /usr/libexec/podman/conmon
    version: 'conmon version 2.1.0, commit: '
  cpus: 8
  distribution:
    distribution: ubuntu
    version: "18.04"
  eventLogger: journald
  hostname: AZN-WIDINO-DU02
  idMappings:
    gidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 165536
      size: 65536
    uidmap:
	 - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 165536
      size: 65536
  kernel: 5.4.0-1073-azure
  linkmode: dynamic
  memFree: 544571392
  memTotal: 16786436096
  ociRuntime:
    name: crun
    package: 'crun: /usr/bin/crun'
    path: /usr/bin/crun
    version: |-
      crun version 0.18.1-7931a-dirty
      commit: 7931a1eab0590eff4041c1f74e2844b297c31cea
      spec: 1.0.0
      +SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +CRIU +YAJL
  os: linux
  remoteSocket:
    path: /run/user/1000/podman/podman.sock
  security:
    apparmorEnabled: false
    capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP
_SETUID,CAP_SYS_CHROOT
    rootless: true
    seccompEnabled: true
    selinuxEnabled: false
  slirp4netns:
    executable: /usr/bin/slirp4netns
    package: 'slirp4netns: /usr/bin/slirp4netns'
    version: |-
      slirp4netns version 1.1.8
	  commit: unknown
      libslirp: 4.3.1-git
      SLIRP_CONFIG_VERSION_MAX: 3
      libseccomp: 2.3.1
  swapFree: 0
  swapTotal: 0
  uptime: 170h 36m 20.92s (Approximately 7.08 days)
registries:
  search:
  - docker.io
  - quay.io
store:
  configFile: /home/wiproadmin/.config/containers/storage.conf
  containerStore:
    number: 0
    paused: 0
    running: 0
    stopped: 0
  graphDriverName: vfs
  graphOptions: {}
  graphRoot: /home/admin/.local/share/containers/storage
  graphStatus: {}
  imageStore:
    number: 0
  runRoot: /run/user/1000/containers
  volumePath: /home/admin/.local/share/containers/storage/volumes
version:
  APIVersion: 3.0.0
  Built: 0
  BuiltTime: Thu Jan  1 00:00:00 1970
  GitCommit: ""
  GoVersion: go1.15.2
  OsArch: linux/amd64
   Version: 3.0.1

Package info (e.g. output of rpm -q podman or apt list podman):

(paste your output here)

Have you tested with the latest version of Podman and have you checked the Podman Troubleshooting Guide? (https://github.com/containers/podman/blob/main/troubleshooting.md)

Yes

Additional environment details (AWS, VirtualBox, physical, etc.):
@openshift-ci openshift-ci bot added kind/bug Categorizes issue or PR as related to a bug. kind/feature Categorizes issue or PR as related to a new feature. labels Apr 28, 2022
@mheon
Copy link
Member

mheon commented Apr 28, 2022

Any chance you can try with a more recent Podman? 3.0 is very old at this point.

@mheon mheon removed the kind/feature Categorizes issue or PR as related to a new feature. label Apr 28, 2022
@dipankar-maitra-arch
Copy link
Author

dipankar-maitra-arch commented Apr 28, 2022
edited
Loading

I tried this actions/runner-images#4063 (comment) but after all installation, getting the same version for podman i.e., 3.0.1

@rhatdan
Copy link
Member

rhatdan commented Apr 28, 2022

Does it work if you run it as root?

@giuseppe
Copy link
Member

giuseppe commented May 3, 2022

what is the underlying file system?

@vrothberg
Copy link
Member

Friendly ping, @dipankar-maitra-arch

@vrothberg
Copy link
Member

Closing. We can reopen once we know more.

@github-actions github-actions bot added the locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments. label Sep 20, 2023
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Sep 20, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
kind/bug Categorizes issue or PR as related to a bug. locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@giuseppe @rhatdan @mheon @vrothberg @dipankar-maitra-arch