podman with pasta (passt) fails with apparmor https://bugzilla.opensuse.org/show_bug.cgi?id=1221840 On Sun, Apr 7, 2024 at 1:46 AM Berthold Höllmann < berthold-tumbleweed@höllmanns.de> wrote:
I had some podman containers run woch the 4.* version, but after upgrading to podman 5.0.1 they fail to start.
,---- | > podman run hello | Error: pasta failed with exit code 1: | Couldn't open network namespace /run/user/1000/netns/netns-254f2095-273b-04d1-9b6f-af01071a4f4e: Permission denied `----
The problem seems to be related to the usage of pasta with the new podman:
,---- | > pasta | Could not open /proc/self/uid_map: Permission denied | Couldn't configure user mappings | Couldn't mount /proc: Permission denied | Failed to join network namespace: Permission denied | Could not open /proc/sys/net/ipv4/ping_group_range: Permission denied | Cannot set ping_group_range, ICMP requests might fail `----
I suspect apparmor for causing these permission problems, but are helpless on how to solve this.