New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
storage-chown-by-maps doesnt handle -EOVERFLOW return by lgetxattr #1183
Comments
Is this a bug in the kernel or a bug in storage? |
IMO this one is storage related |
the fix seems correct to me. @robertzaage could you please open a PR for containers/storage since you already have a patch? |
another reference to this issue: https://bugzilla.redhat.com/show_bug.cgi?id=2072452 |
robertzaage
added a commit
to robertzaage/storage
that referenced
this issue
Apr 6, 2022
Closes containers#1183] Signed-off-by: Robert Zaage <robert@zaage.it>
robertzaage
added a commit
to robertzaage/storage
that referenced
this issue
Apr 6, 2022
Closes containers#1183] Signed-off-by: Robert Zaage <robert@zaage.it>
robertzaage
added a commit
to robertzaage/storage
that referenced
this issue
Apr 6, 2022
Closes containers#1183] Signed-off-by: Robert Zaage <robert@zaage.it>
robertzaage
added a commit
to robertzaage/storage
that referenced
this issue
Apr 6, 2022
Closes containers#1183] Signed-off-by: robertzaage <38880514+robertzaage@users.noreply.github.com>
robertzaage
added a commit
to robertzaage/storage
that referenced
this issue
Apr 6, 2022
Closes containers#1183] Signed-off-by: robertzaage <38880514+robertzaage@users.noreply.github.com>
robertzaage
added a commit
to robertzaage/storage
that referenced
this issue
Apr 6, 2022
Closes containers#1183] Signed-off-by: Robert Zaage <robert@zaage.it>
giuseppe
added a commit
that referenced
this issue
Apr 7, 2022
fix storage-chown-by-maps doesnt handle -EOVERFLOW on lgetxattr [Closes #1183]
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This error occurs when running Podman under RHEL 8.5 (kernel-4.18.0-348.7.1.el8) in rootless mode usind an add. image store and having the keep-id option set. The add. image store was created following this guide by another rootless user. Error handling by
storage-chown-by-maps
seems to be a problem at this point.If the the owner of the fsuser namespace can't be apped into the current user namespace
-EOVERFLOW
is returned by lgetxattr. In the past (before kernel patch was applied), already handled-EOPNOTSUPP
was returned. In current configuration it won't handle the return and dies with following error message:Trace:
Bug was introduced by this kernel patch:
torvalds/linux@f2b00be
RHEL 8.4 / kernel-4.18.0-305.el8
https://access.redhat.com/labs/rhcb/RHEL-8.4/kernel-4.18.0-305.el8/source/blob/security/commoncap.c#L434
RHEL 8.5 / kernel-4.18.0-348.7.1.el8
https://access.redhat.com/labs/rhcb/RHEL-8.5/kernel-4.18.0-348.7.1.el8/source/blob/security/commoncap.c#L446
Affected Code Part:
https://github.com/containers/storage/blob/main/drivers/chown_unix.go#L87
Possible Fix:
https://github.com/robertzaage/storage/pull/1/files#diff-e60559509109696ada9e7f412d847e6a7eac43123aca579745842747a55471fb
Additional Informations:
The text was updated successfully, but these errors were encountered: