Bug ID 1137066
Summary Podman: --systemd containers freeze
Classification openSUSE
Product openSUSE Tumbleweed
Version Current
Hardware Other
OS Other
Status NEW
Severity Normal
Priority P5 - None
Component Containers
Assignee containers-bugowner@suse.de
Reporter rtorreromarijnissen@suse.com
QA Contact qa-bugs@suse.de
Found By ---
Blocker --- 

Hi,

I'm trying to follow
https://developers.redhat.com/blog/2019/04/24/how-to-run-systemd-in-a-container
to run a systemd container (I know systemd inside a container doesn't usually
make much sense, but for some development use cases, it does).

When following that guide, after starting the container that I just build, I
get:

$ podman run --systemd=true -ti -p 8000:80 systemd                       
systemd 239 running in system mode. (+PAM +AUDIT +SELINUX +IMA -APPARMOR +SMACK
+SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID
+ELFUTILS +KMOD +IDN2 -IDN +PCRE2 default-hierarchy=hybrid)
Detected virtualization container-other.
Detected architecture x86-64.

Welcome to Fedora 29 (Container Image)!

Set hostname to <92dd1d256183>.
Initializing machine ID from random generator.
Failed to install release agent, ignoring: Permission denied
Failed to create /user.slice/user-1000.slice/session-1.scope/init.scope control
group: Permission denied
Failed to allocate manager object: Permission denied
[!!!!!!] Failed to allocate manager object, freezing.
Freezing execution

I'm suspecting the +SELINUX -APPARMOR have something to do.

Some additional details:

$ podman version
Version:            1.3.1
RemoteAPI Version:  1
Go Version:         go1.12.5
OS/Arch:            linux/amd64

$ podman info
host:
  BuildahVersion: 1.8.2
  Conmon:
    package: podman-1.3.1-1.2.x86_64
    path: /usr/lib/podman/bin/conmon
    version: 'conmon version 0.2.0, commit: '
  Distribution:
    distribution: '"opensuse-tumbleweed"'
    version: "20190529"
  MemFree: 5762859008
  MemTotal: 33643986944
  OCIRuntime:
    package: runc-1.0.0~rc8-1.2.x86_64
    path: /usr/bin/runc
    version: |-
      runc version 1.0.0-rc8
      spec: 1.0.1-dev
  SwapFree: 0
  SwapTotal: 0
  arch: amd64
  cpus: 4
  hostname: nobill-desktop
  kernel: 5.1.3-1-default
  os: linux
  rootless: true
  uptime: 6h 24m 3.76s (Approximately 0.25 days)
registries:
  blocked: null
  insecure: null
  search:
  - docker.io
store:
  ConfigFile: /home/rtorrero/.config/containers/storage.conf
  ContainerStore:
    number: 4
  GraphDriverName: vfs
  GraphOptions: null
  GraphRoot: /home/rtorrero/.local/share/containers/storage
  GraphStatus: {}
  ImageStore:
    number: 5
  RunRoot: /tmp/1000
  VolumePath: /home/rtorrero/.local/share/containers/storage/volumes

This happens on latest amd64 tumbleweed snapshot. Are there any other details I
can provide that might be useful?

Thanks!

You are receiving this mail because: