Comments (10)
podman-compose is a different repo. If you have a simple reproducer for this with straight podman that would be very helpful, otherwise this issue should be transferred to podman-compose.
from podman.
Regardless of whether I use podman or podman-compose it fails with the same error. I ran the compose with debug, extracted the command it had generated and tried running it manually and it resulted in the same error.
A full system reset for the root user and the rootless podman user did temporarily resolved the issue for me. I believe it's related to quadlets as I had created a .container file for my Wireguard container, and after disabling that I stopped running into the issue.
from podman.
I also tried just calling podman pull against the image and it resulted in the same error.
from podman.
@giuseppe PTAL
from podman.
can you share the result of:
podman unshare cat /proc/self/uid_map
does it reflect the configuration you've in etc/subuid
? If not, please run podman system migrate
and try again, do you still get the same output?
from podman.
podman@project-hydra:~$ podman unshare cat /proc/self/uid_map
0 1001 1
1 165536 65536
It is as expected. I should also note that it is not a subset of packages like I originally believed. When trying to resolve the issue I performed a podman system reset, which resolved it. After that, I enabled my wireguard.container service and tried to pull down an image that had previously worked, but it got the same error.
After I stopped the service, disabled it, then did another system reset, I was able to pull all the images successfully. As soon as I enable that service I start to get this issue persistently until I reset it. I am going to share that as well:
[Container]
AddCapability=NET_ADMIN NET_RAW
ContainerName=wireguard
Environment=SERVERURL=[Correct Local Ip] SERVERPORT=[Correct Port] PEERS=# PEERDNS=auto INTERNAL_SUBNET=10.10.0.0/24
GIDMap=0:1:50
Image=docker.io/linuxserver/wireguard
Label=io.podman.compose.config-hash=4a0e91e3ad5f9fcf67930731fbf4d771c1b5f0f38ea6c5811c12c502c1304d21 io.podman.compose.project=wireguard io.podman.compose.version=1.1.0 [email protected] com.docker.compose.project=wireguard com.docker.compose.project.working_dir=/home/podman/appdata/wireguard com.docker.compose.project.config_files=podman-compose.yml com.docker.compose.container-number=1 com.docker.compose.service=wireguard
Network=wireguard-network
PublishPort=[Correct Port]:51820/udp
Sysctl=net.ipv4.conf.all.src_valid_mark=1 net.ipv4.conf.all.forwarding=1
UIDMap=0:1:50
Volume=/home/podman/appdata/wireguard/config:/config:Z
[Service]
Restart=always
[Install]
WantedBy=default.target
from podman.
Alright, I don't think it has anything to do with my .container file. I am running into the issue with or without that file there.
from podman.
I'm fairly new to all this stuff, but at the very least I can tell you that a full podman system reset does not reliably fix it. I had to delete the /home/podman/.local/share/containers/ directory in order to resolve the issue while testing today
from podman.
I believe I am also running into the same or similar issue. I am running Fedora Server and have set up a few quadlets to run services as rootless containers. I also use UIDMap
to keep the mappings across containers disjoint. Today, I was trying to update my audiobookshelf service and pull the updated image. Initially, I updated the quadlet file to use the new image, but restarting the service was failing with the processing tar file(container ID 1000 cannot be mapped to a host ID): exit status 1
error. I thought that meant I needed to update my UIDMap
in some way, but I couldn't get it to work. Finally, I tried to simply pull the image and that also creates the error:
$ podman pull ghcr.io/advplyr/audiobookshelf:2.10.1
Trying to pull ghcr.io/advplyr/audiobookshelf:2.10.1...
Getting image source signatures
Copying blob 60dba4733d48 done |
Copying blob e376fac3bde8 done |
Copying blob a5edbc7b296b done |
Copying blob b404b3c3a52d done |
Copying blob d25f557d7f31 skipped: already exists
Copying blob 549237b48d78 done |
Copying blob 579ced6f4ee6 done |
Copying blob 0f5e4b3bfe3a done |
Copying blob 017d1384d304 done |
Copying blob 6a5424a2a7f4 done |
Copying blob 2b7b2cbf90bf done |
Error: copying system image from manifest list: writing blob: adding layer with blob "sha256:a5edbc7b296b518501cd1ac08999e0e4e399c55370bbbf7b1369503bbeb8957c": processing tar file(container ID 1000 cannot be mapped to a host ID): exit status 1
I've found that this also happens on image version 2.10.0, but 2.9.0 is able to successfully pull.
from podman.
Any updates on this?
from podman.
Related Issues (20)
- `podman image scp` should support local Unix sockets HOT 3
- [podman/4.6.1, podman/4.9.4] Intermittent failure in playing kube file HOT 3
- composefs random ENOENTS
- podman version 5.1.1 fail to remove image: tag not known HOT 6
- podman ps: output unreadable with many exposed ports HOT 3
- pushing manifest: unexpected EOF HOT 1
- Error: could not find "rootlessport" HOT 3
- Another race: completion: no such container/pod HOT 5
- Documentation for :Z ignores pod case HOT 3
- race: completion: Top layer ... not found ... storage may be corrupted HOT 17
- Healthcheck output not captured if missing newline
- Permission denied when building from local image using podman remote HOT 1
- race: completion: cannot get cgroup path unless container is running HOT 4
- Mount type volume ignored through socket access HOT 8
- Compatibility with Docker CLI HOT 10
- Named volume incorrectly mapped with any `userns` option but `""` HOT 13
- `image tree` doesn't output expected layer or image ids HOT 2
- minimum memory lower than 4m HOT 2
- "podman machine start" should start default machine "defaultmachine" parameter from "podman machine info" HOT 4
- "OCI permission denied" running busybox HOT 8
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from podman.