Podman (crun) regression in Ubuntu 22.04: OCI runtime error: chmod `run/shm`: Operation not supported
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
cloud-images |
Invalid
|
Undecided
|
Unassigned | ||
crun (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Jammy |
Fix Released
|
Undecided
|
Julian Andres Klode | ||
Mantic |
Won't Fix
|
Undecided
|
Unassigned |
Bug Description
[Impact]
podman containers using the default crun backend do not work anymore with the 6.5 HWE kernel in 22.04
[Test plan]
1. Boot jammy with 6.5 HWE kernel (e.g. install linux-virtual-
2. Make sure you have crun installed, and not runc, because podman can also use runc and this bug is about crun.
3. `podman build -t systemd .` with the Dockerfile:
FROM ubuntu:noble
RUN apt install -U systemd -y
CMD ["/lib/
4. Run it `podman run --systemd always systemd` you should not get
Error: OCI runtime error: chmod `run/shm`: Operation not supported
5. Repeat the above steps on the jammy GA kernel, to make sure we did not regress that use case which is unaffected by this bug.
Optimally submitter can do end-to-
[Where problems could occur]
The patch ignores ENOTSUP for fchmodat() in one function, so at most we could silently hide some other issues in fchmodat() inside that function, e.g. AppArmor denials. But generally that is what you would want as a behavior for ENOTSUP...
[Original bug report]
The problem is very well described in https:/
## COPY FROM LINK
I think there might be a regression in this release of the ubuntu-22.04 image which breaks podman.[1]
The image updated the kernel from 6.2.y to 6.5.y, but podman/crun don't seem to be updated.
Our build fails with this error link to run:[2]
STEP 1/1: FROM ghcr.io/
Trying to pull ghcr.io/
Getting image source signatures
Copying blob sha256:
Copying blob sha256:
Copying config sha256:
Writing manifest to image destination
Storing signatures
COMMIT localhost/builder
--> 1eba10d0345
Successfully tagged localhost/
Successfully tagged ghcr.io/
1eba10d0345cc6d
Error: OCI runtime error: chmod `run/shm`: Operation not supported
Error: Process completed with exit code 126.
This is with this image version:
Current runner version: '2.313.0'
Operating System
Ubuntu
22.04.4
LTS
Runner Image
Image: ubuntu-22.04
Version: 20240225.1.0
Included Software: https:/
Image Release: https:/
Trying to reproduce, it seems like I am only able to get this image version 20240218.1.0 where the issue does not appear.
Tried to reproduce in this repo[3], but I'm not able to get this with image version 20240225.1.0.
Is this a known issue and version 20240225.1.0 is not in use anymore?
This blog post seems to suggest that the crun version is too old.[4]
[1]https:/
[2]https:/
[3]https:/
[4]https:/
Related branches
- Andreas Hasenack: Needs Fixing
-
Diff: 85 lines (+52/-1)4 files modifieddebian/changelog (+7/-0)
debian/control (+2/-1)
debian/patches/lp-2056442-ignore-ENOTSUP-when-chmod-a-symlink.patch (+42/-0)
debian/patches/series (+1/-0)
description: | updated |
Changed in crun (Ubuntu Jammy): | |
assignee: | nobody → Julian Andres Klode (juliank) |
tags: |
added: verification-done-jammy removed: verification-needed-jammy |
Changed in cloud-images: | |
status: | New → Invalid |
If you find out which commit(s) in crun need to be cherry-picked and how to reproducibly verify that this fixes the issue, I'm happy to upload them for you.