Bugzilla – Bug 1226599
toolbox -u fails on on mounting /proc
Last modified: 2024-07-01 09:47:48 UTC
Not sure if expected however user toolbox container can't be executed on Micro 6.0 (both SLE/Leap). localhost:~ # cat /etc/os-release NAME="SL-Micro" VERSION="6.0" VERSION_ID="6.0" PRETTY_NAME="SUSE Linux Micro 6.0" ID="sl-micro" ID_LIKE="suse" ANSI_COLOR="0;32" CPE_NAME="cpe:/o:suse:sl-micro:6.0" HOME_URL="https://www.suse.com/products/micro/" DOCUMENTATION_URL="https://documentation.suse.com/sl-micro/6.0/" localhost:~ # toolbox -u Container 'toolbox-root-user' already exists. Trying to start... (To remove the container and start with a fresh toolbox, run: podman rm 'toolbox-root-user') WARN[0000] Path "/etc/SUSEConnect" from "/etc/containers/mounts.conf" doesn't exist, skipping WARN[0000] Path "/etc/zypp/credentials.d/SCCcredentials" from "/etc/containers/mounts.conf" doesn't exist, skipping Error: unable to start container "f7598792a2bd47d8967ce93d00afd4444a46abcfbf68ea32f3baba00b67751c4": crun: mount `proc` to `proc`: Operation not permitted: OCI permission denied /usr/bin/toolbox: failed to start container 'toolbox-root-user' localhost:~ # rpm -q toolbox podman toolbox-2.3+git20231030.3a6ef35-3.1.noarch podman-4.9.3-1.3.x86_64 localhost:~ # toolbox Container 'toolbox-root' already exists. Trying to start... (To remove the container and start with a fresh toolbox, run: podman rm 'toolbox-root') WARN[0000] Path "/etc/SUSEConnect" from "/etc/containers/mounts.conf" doesn't exist, skipping WARN[0000] Path "/etc/zypp/credentials.d/SCCcredentials" from "/etc/containers/mounts.conf" doesn't exist, skipping Container started. Entering container. To exit, type 'exit'. toolbox-root:/ #
https://github.com/containers/podman/issues/20453
Are there any mounts on top of any path inside /proc (what is the output of mount / cat /proc/self/mountinfo)? That's usually the cause of these kinds of errors. There shouldn't be any on a standard host system though.
A clean default install, self-install image does not allow custom partitioning. localhost:~ # mount /dev/vda3 on / type btrfs (ro,relatime,seclabel,discard=async,space_cache=v2,subvolid=268,subvol=/@/.snapshots/2/snapshot) /dev/vda3 on /root type btrfs (rw,relatime,seclabel,discard=async,space_cache=v2,subvolid=261,subvol=/@/root) /dev/vda3 on /var type btrfs (rw,relatime,seclabel,discard=async,space_cache=v2,subvolid=263,subvol=/@/var) overlay on /etc type overlay (rw,relatime,seclabel,lowerdir=/sysroot/var/lib/overlay/1/etc:/sysroot/etc,upperdir=/sysroot/var/lib/overlay/2/etc,workdir=/sysroot/var/lib/overlay/2/work-etc) devtmpfs on /dev type devtmpfs (rw,nosuid,seclabel,size=4096k,nr_inodes=484093,mode=755,inode64) tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev,seclabel,inode64) devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,seclabel,gid=5,mode=620,ptmxmode=000) sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime,seclabel) securityfs on /sys/kernel/security type securityfs (rw,nosuid,nodev,noexec,relatime) cgroup2 on /sys/fs/cgroup type cgroup2 (rw,nosuid,nodev,noexec,relatime,seclabel,nsdelegate,memory_recursiveprot) pstore on /sys/fs/pstore type pstore (rw,nosuid,nodev,noexec,relatime,seclabel) bpf on /sys/fs/bpf type bpf (rw,nosuid,nodev,noexec,relatime,mode=700) proc on /proc type proc (rw,nosuid,nodev,noexec,relatime) tmpfs on /run type tmpfs (rw,nosuid,nodev,seclabel,size=803076k,nr_inodes=819200,mode=755,inode64) selinuxfs on /sys/fs/selinux type selinuxfs (rw,nosuid,noexec,relatime) systemd-1 on /proc/sys/fs/binfmt_misc type autofs (rw,relatime,fd=32,pgrp=1,timeout=0,minproto=5,maxproto=5,direct,pipe_ino=18616) mqueue on /dev/mqueue type mqueue (rw,nosuid,nodev,noexec,relatime,seclabel) hugetlbfs on /dev/hugepages type hugetlbfs (rw,nosuid,nodev,relatime,seclabel,pagesize=2M) debugfs on /sys/kernel/debug type debugfs (rw,nosuid,nodev,noexec,relatime,seclabel) tracefs on /sys/kernel/tracing type tracefs (rw,nosuid,nodev,noexec,relatime,seclabel) tmpfs on /tmp type tmpfs (rw,nosuid,nodev,seclabel,nr_inodes=1048576,inode64) fusectl on /sys/fs/fuse/connections type fusectl (rw,nosuid,nodev,noexec,relatime) configfs on /sys/kernel/config type configfs (rw,nosuid,nodev,noexec,relatime) /dev/vda2 on /boot/efi type vfat (rw,relatime,fmask=0022,dmask=0022,codepage=437,iocharset=iso8859-1,shortname=mixed,errors=remount-ro) /dev/vda3 on /.snapshots type btrfs (rw,relatime,seclabel,discard=async,space_cache=v2,subvolid=257,subvol=/@/.snapshots) /dev/vda3 on /boot/writable type btrfs (rw,relatime,seclabel,discard=async,space_cache=v2,subvolid=264,subvol=/@/boot/writable) /dev/vda3 on /boot/grub2/i386-pc type btrfs (rw,relatime,seclabel,discard=async,space_cache=v2,subvolid=266,subvol=/@/boot/grub2/i386-pc) /dev/vda3 on /boot/grub2/x86_64-efi type btrfs (rw,relatime,seclabel,discard=async,space_cache=v2,subvolid=267,subvol=/@/boot/grub2/x86_64-efi) /dev/vda3 on /home type btrfs (rw,relatime,seclabel,discard=async,space_cache=v2,subvolid=259,subvol=/@/home) /dev/vda3 on /opt type btrfs (rw,relatime,seclabel,discard=async,space_cache=v2,subvolid=260,subvol=/@/opt) /dev/vda3 on /srv type btrfs (rw,relatime,seclabel,discard=async,space_cache=v2,subvolid=262,subvol=/@/srv) /dev/vda3 on /usr/local type btrfs (rw,relatime,seclabel,discard=async,space_cache=v2,subvolid=265,subvol=/@/usr/local) tmpfs on /run/user/0 type tmpfs (rw,nosuid,nodev,relatime,seclabel,size=401536k,nr_inodes=100384,mode=700,inode64) tracefs on /sys/kernel/debug/tracing type tracefs (rw,nosuid,nodev,noexec,relatime,seclabel) localhost:~ # # Just install SLE Micro 6.X by yourself and you'll see. Might be the fastest to way to resolve this https://www.suse.com/download/sle-micro/ it's literally matter of <5 minutes.