Comments (17)
I wonder if this could be the problem. I see that some of these groups are empty:
cc @WxNzEMof
from podman.
Fixed in #22640
from podman.
Do you have any special containers.conf configured? I can see the place where it can panic but it should not happen with a default config.
from podman.
❯ cat /etc/containers/containers.conf
[engine]
init_path = "/nix/store/zgwgcbzq2qz15mvnn67ks3km0amdi7y9-catatonit-0.2.0/bin/catatonit"
[network]
cni_plugin_dirs = ["/nix/store/lz1ll9v7hf6877v5zzqrgvszbqrkv1xj-cni-plugins-1.4.1/bin"]
network_backend = "netavark"
Is this a non-default config?
I can see the place where it can panic
Do you see a reason why it can panic, to handle it with an explanation?
from podman.
I'm seeing this on NixOS using the default podman config.
virtualisation.podman = {
enable = true;
dockerSocket.enable = true;
};
% tree /etc/containers
/etc/containers
├── containers.conf -> /etc/static/containers/containers.conf
├── networks
├── policy.json -> /etc/static/containers/policy.json
├── registries.conf -> /etc/static/containers/registries.conf
└── storage.conf -> /etc/static/containers/storage.conf
2 directories, 4 files
% cat /etc/containers/containers.conf
[engine]
init_path = "/nix/store/zgwgcbzq2qz15mvnn67ks3km0amdi7y9-catatonit-0.2.0/bin/catatonit"
[network]
cni_plugin_dirs = ["/nix/store/lz1ll9v7hf6877v5zzqrgvszbqrkv1xj-cni-plugins-1.4.1/bin"]
network_backend = "netavark"
% ls -l /etc/containers/networks
total 0
% cat /etc/containers/policy.json
{
"default": [
{
"type": "insecureAcceptAnything"
}
],
"transports":
{
"docker-daemon":
{
"": [{"type":"insecureAcceptAnything"}]
}
}
}
% cat /etc/containers/registries.conf
[registries]
[registries.block]
registries = []
[registries.insecure]
registries = []
[registries.search]
registries = ["docker.io", "quay.io"]
% cat /etc/containers/storage.conf
[storage]
driver = "overlay"
graphroot = "/var/lib/containers/storage"
runroot = "/run/containers/storage"
Downgrading to 4.9.3
fixes it. 5.x
seems to have trouble.
from podman.
❯ cat /etc/containers/containers.conf [engine] init_path = "/nix/store/zgwgcbzq2qz15mvnn67ks3km0amdi7y9-catatonit-0.2.0/bin/catatonit" [network] cni_plugin_dirs = ["/nix/store/lz1ll9v7hf6877v5zzqrgvszbqrkv1xj-cni-plugins-1.4.1/bin"] network_backend = "netavark"Is this a non-default config?
I can see the place where it can panic
Do you see a reason why it can panic, to handle it with an explanation?
The default config is no config at all but this won't likely work in the weird nix world. Anyhow non of the keys there should pose any issues so this should not be super relevant AFAIK. Are there nay configs in the user home dir, or /usr/share/containers?
Also could you run podman --log-level trace info
that should show some runtime information.
The panic happens because you seem to have a OCIruntime defined without a path:
podman/pkg/api/handlers/compat/info.go
Line 196 in c9644eb
Of course podman should never panic and handle this case (here likely just ignore it) but I don't see how this can happen unless someone manually specified a runtimes
map in containers.conf
from podman.
i.e. a config file like this reproduces
[engine]
[engine.runtimes]
nonstandard_runtime_name = []
from podman.
Are there nay configs in the user home dir, or /usr/share/containers
I was testing on the system wide socket so it should only be using the global config.
from podman.
The panic happens because you seem to have a OCIruntime defined without a path:
What is the standard path for it? I can modify the config file and try again.
I have no user-specific config in ~/.local/share/containers/
, only storage related.
I get the same errors regardless of system wide, user wide socket:
❯ curl --unix-socket /var/run/docker.sock http://localhost/info
{"cause":"runtime error: index out of range [0] with length 0","message":"runtime error: index out of range [0] with length 0","response":500}
❯ curl --unix-socket /var/run/user/1000/podman/podman.sock http://localhost/info
{"cause":"runtime error: index out of range [0] with length 0","message":"runtime error: index out of range [0] with length 0","response":500}
from podman.
The config paths would be /usr/share/containers/containers.conf /etc/containers/containers.conf ~/.config/containers/containers.conf + possible .d directories
I doubt that both of you would have any of this set but still I cannot find a reason in code why a path would be unset unless a invalid config was present. I also cannot see any difference with 4.9/5.0 in that regard.
from podman.
Oh yes this patch breaks it. Instead of commenting out the paths it should delete the map entry there.
from podman.
Oh yes this patch breaks it. Instead of commenting out the paths it should delete the map entry there.
I mean it doesn't really matter I guess, we should fix it in podman no matter what and then it should not make a functional difference fot that path
from podman.
Ok, so for a quick fix it should be possible to just comment out the whole stanzas? Then podman can consider the UX of this in a future release?
from podman.
Not sure I followed all points here. The complete fix involves handling the error in Podman and adding the path in NixOs packages?
from podman.
Is there another workaround besides just downgrading to podman 4.9.3?
from podman.
Well for starters did you report this to nixos that there patch broke this? Maybe get them to revert it or fix to not have runtimes without paths defined as mentioned above.
Or well submit a patch to podman to not make it panic on "invalid" configs which should happen regardless if nix fixes it in
the config or not.
from podman.
NixOS/nixpkgs#310182 fixes the patch that was triggering the issue in NixOS. Do you want to leave this open to handle empty lists more gracefully? Or should this be closed?
from podman.
Related Issues (20)
- have an IP assigned to the container during build time HOT 4
- 'podman info' cannot be filter like 'podman inspect' HOT 4
- run --events-backend=file sometimes means journal HOT 6
- system invalid internal status podman system migrate HOT 2
- remote, parallel: mount no-dereference, symlink vanishes on container restart
- Quadlet support symlinked subdirectory HOT 12
- rootFsSize changing on a created (not running) container? HOT 1
- remote: start --attach: can only attach to created or running containers: container state improper HOT 1
- More accurate documentation around podman machine volume mounts in WSL 2 HOT 2
- Podman CLI --add-host with multiple host for a single IP HOT 1
- "unable to upgrade to tcp, received 409" when using docker compatibility mode
- Kube Play - Add support for image based volumes HOT 11
- Failed to start pod with rootless container using --cgroup-parent
- podman .build quadlet ImageTag not equivalent to --tag with podman build HOT 4
- Rootless, bridge network and reaching a host service from a container HOT 2
- Regularly get "Disk quota exceeded: OCI runtime error" when running a container HOT 8
- Share SSH agent with Podman container on macOS
- Podman secrets value of type `env` revealed in container inspection HOT 1
- race? Failed to retrieve cgroup stats: open .../user.slice/sha.scope/memory.stats and pids.current: ENOENT HOT 1
- Failed to start podman-clean-transient.service: Unit boot-complete.target not found.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from podman.