Ubuntu
libpod package

kernel 5.19.0-1010-nvidia-lowlatency issue with rootless podman

Bug #2026620 reported by Pierre C. Dussault
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
libpod (Ubuntu)
New
Undecided
Unassigned
linux-signed-nvidia-5.19 (Ubuntu)
New
Undecided
Unassigned

Bug Description

Description: Ubuntu 22.04.2 LTS
Release: 22.04
Podman version 3.4.4+ds1-1ubuntu1.22.04.1

What I expected to happen: podman commands in rootless mode should work.

What happened instead: podman commands in rootless mode do not work, and return an error message that seems to have something to do with permissions.

Whenever I try to type a podman command, such as
    $ podman info
as my regular user, I get:
    cannot clone: Permission denied
    Error: cannot re-exec process

I have completed the steps in the Rootless Tutorial from the official Podman documentation.
I have all the necessary packages to operate rootless podman.
I have added valid subuid and subgid range for my user.
I have user namespaces enabled.
I can't even run
    $ podman info

but
    $ sudo podman info
works fine

If I use
    $ strace -f podman ps
I get this error code:
    clone(child_stack=NULL, flags=CLONE_NEWNS|CLONE_NEWUSER|SIGCHLD <unfinished ...>
    [pid 18832] <... nanosleep resumed>NULL) = 0
    [pid 18836] <... clone resumed>) = -1 EACCES (Permission denied)

By searching through the clone(2) man page, EACCES seems to be an error code to do with extra restrictions concerning version 2 of cgroups. This may be a red herring though.

I have tried uninstalling, purging, and then reinstalling podman. I still have the same problem.

ProblemType: Bug
DistroRelease: Ubuntu 22.04
Package: podman 3.4.4+ds1-1ubuntu1.22.04.1
ProcVersionSignature: Ubuntu 5.19.0-1010.10-nvidia-lowlatency 5.19.17
Uname: Linux 5.19.0-1010-nvidia-lowlatency x86_64
NonfreeKernelModules: nvidia_modeset nvidia
ApportVersion: 2.20.11-0ubuntu82.5
Architecture: amd64
CasperMD5CheckResult: pass
CurrentDesktop: ubuntu:GNOME
Date: Sat Jul 8 08:28:24 2023
InstallationDate: Installed on 2022-10-15 (266 days ago)
InstallationMedia: Ubuntu 22.04.1 LTS "Jammy Jellyfish" - Release amd64 (20220809.1)
ProcEnviron:
 PATH=(custom, no user)
 XDG_RUNTIME_DIR=<set>
 LANG=en_US.UTF-8
 SHELL=/bin/bash
SourcePackage: libpod
UpgradeStatus: No upgrade log present (probably fresh install)

Revision history for this message
Pierre C. Dussault (pcduss) wrote :
Revision history for this message
Pierre C. Dussault (pcduss) wrote :

output of strace -f podman system migrate

Revision history for this message
Pierre C. Dussault (pcduss) wrote :

Confirmed the bug is due to kernel 5.19.0-1010-nvidia-lowlatency
After rebooting into kernel 5.19.0-46-generic , everything was working fine once again.
So I reboot again, back into kernel 5.19.0-1010-nvidia-lowlatency , and the issue is back.

Something in kernel 5.19.0-1010-nvidia-lowlatency is causing a problem with rootless podman.

Pierre C. Dussault (pcduss)
summary: - Any podman command in rootless mode does not work. Root usage works fine
+ kernel 5.19.0-1010-nvidia-lowlatency issue with rootless podman
no longer affects: linux-signed-nvidia (Ubuntu)
Pierre C. Dussault (pcduss)
information type: Public → Public Security
information type: Public Security → Public
Revision history for this message
Chris (mail-christianmayer) wrote :

EACCES is the same code that triggers the failed chromium start that is described in bug https://bugs.launchpad.net/ubuntu/+source/linux-meta-nvidia-5.19/+bug/2017980 as written in comment https://bugs.launchpad.net/ubuntu/+source/linux-meta-nvidia-5.19/+bug/2017980/comments/27

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.