New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
'operation not permitted' when running 'buildah mount' inside a buildah container #5483
Comments
Turns out |
Due to differences between the configuration of RPM in the host system and within the |
A friendly reminder that this issue had no activity for 30 days. |
Description
Is it possible to use
buildah mount
inside a buildah container? I'm getting:For context, I'm within several nested rabbit holes. My goal is to see if I can get a public GitHub Actions runner to build a container image from a
ubi-micro
image (which does not have a package manager). The problem is that my workflow uses theubuntu-latest
GitHub actions image, which doesn't have DNF available. I'm trying to work around this by nesting containers:The outer container will run the
ubi
image, Within this, I will usebuildah
to create an inner container fromubi-micro
, mount the inner container within the outer container, and then I can use the outer container'sdnf
command with the--installroot=
option to install stuff within the inner container.I mention that in case there's a better way to approach this problem. 😄
BTW, so far I'm just running this on my local (Fedora) machine... I'd like to get it working there first.
Steps to reproduce the issue:
Additional troubleshooting
No AVC messages are written to the audit log so this doesn't appear to be because of SELinux.
I've added
--security-opt=label=disable --security-opt=seccomp=unconfined
to the outer and innerbuildah from
commands and they don't help.buildah mount
works when run from a privileged podman container:... but there's no
--privileged
flag forbuildah
orpodman build
, unless I'm missing something?Output of
rpm -q buildah
orapt list buildah
:The above was ran on a host with:
Inside the rawhide container, this buildah was used:
Output of
buildah version
:On the host:
Inside the rawhide container:
Output of
cat /etc/*release
:Output of
uname -a
:Output of
cat /etc/containers/storage.conf
:File does not exist - no customizations applied
The text was updated successfully, but these errors were encountered: