FS#71397 : [containers-common] seccomp filter OCI permission denied

FS#71397 - [containers-common] seccomp filter OCI permission denied

Attached to Project: Community Packages
Opened by Darrell (denns) - Tuesday, 29 June 2021, 16:38 GMT
Last edited by Morten Linderud (Foxboron) - Friday, 09 July 2021, 12:52 GMT

Task Type	Bug Report
Category	Packages
Status	Closed
Assigned To	David Runge (dvzrv) Morten Linderud (Foxboron)
Architecture	All
Severity	Medium
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	0
Private	No

Details

containers-common-0.40.1-1 breaks runc. Container's can't be started.

> pacman -Q containers-common podman runc
containers-common 0.40.1-1
podman 3.2.2-1
runc 1.0.0-1
> podman run -it --rm ubuntu:20.04
Error: container_linux.go:380: starting container process caused: error adding seccomp filter rule for syscall bdflush: permission denied: OCI permission denied

See also:
https://github.com/containers/common/issues/631
https://github.com/containers/podman/issues/10735

A workaround is to install crun, which containers-common will prefer by default if installed.

This task depends upon

Closed by Morten Linderud (Foxboron)
Friday, 09 July 2021, 12:52 GMT
Reason for closing: Fixed
Additional comments about closing: Switched podman to crun

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#71397 - [containers-common] seccomp filter OCI permission denied

Details

Loading...