Page MenuHomeVyOS Platform
Create Task
Maniphest T6635

Upgraded Podman 4.9.5 missing policy.json
Open, NormalPublicBUG
Actions

Description

Upgraded podman is missing /etc/containers/policy.json and fails to run without manually adding it.

See
https://forum.vyos.io/t/unable-to-add-container-in-rolling-1-5-missing-etc-containers-policy-json/15003

Details

Difficulty level
Unknown (require assessment)
Version
?
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Perfectly compatible
Issue type
Bug (incorrect behavior)

Related Objects

Event Timeline

nvollmar created this task.Aug 5 2024, 1:30 PM
pasik subscribed.Aug 5 2024, 5:02 PM
nvollmar added a comment.Aug 6 2024, 6:50 AM

Verified on my 1.4 install the policy.json is present, but missing in the latest rolling release

nvollmar added a subscriber: c-po.Aug 6 2024, 7:05 AM

@c-po To me it looks like the custom package from T6598 does not install the policy.json

nvollmar updated the task description. (Show Details)Aug 6 2024, 7:06 AM
Viacheslav triaged this task as Normal priority.Aug 6 2024, 9:35 AM
nvollmar updated the task description. (Show Details)Aug 6 2024, 9:38 AM
Viacheslav subscribed.Aug 6 2024, 9:48 AM

1.4 is not affected

vyos@r15:~$ show version all | match podman
ii  podman                               4.9.5                            amd64        Engine to run OCI-based containers in Pods
vyos@r15:~$ 
vyos@r15:~$ 
vyos@r15:~$ show container image 
REPOSITORY                         TAG         IMAGE ID      CREATED      SIZE
localhost/vyos-flowspec-netfilter  1.0         2b8b95eddb07  2 weeks ago  91.5 MB
docker.io/adguard/adguardhome      v0.107.52   6543abecfa41  4 weeks ago  71.4 MB
vyos@r15:~$ 
vyos@r15:~$ 
vyos@r15:~$ cat /etc/containers/policy.json 
{
    "default": [
        {
            "type": "insecureAcceptAnything"
        }
    ]
}
vyos@r15:~$ 
vyos@r15:~$ 
vyos@r15:~$ show version 
Version:          VyOS 1.4-rolling-202408051021
Release train:    sagitta
Release flavor:   iso
nvollmar added a comment.Aug 6 2024, 10:06 AM

Thanks for verifying. Interesting, is it also using the custom Podman package?

btw, can the 1.4 rolling be built or downloaded somewhere?

dmbaturin added a project: Restricted Project.Sep 16 2024, 4:15 PM
dmbaturin removed a project: Restricted Project.Mon, Oct 14, 8:57 AM
dmbaturin changed Is it a breaking change? from Unspecified (possibly destroys the router) to Perfectly compatible.
dmbaturin changed Issue type from Unspecified (please specify) to Bug (incorrect behavior).
Viacheslav added a comment.Mon, Oct 14, 9:03 AM

@nvollmar Can we close it or do you see some bugs?

nvollmar added a comment.EditedMon, Oct 14, 9:07 AM

@Viacheslav I think this can be closed, I'm not aware of open issues regarding this.

vyosbot added a project: Restricted Project.Mon, Oct 14, 11:32 AM
syncer edited projects, added VyOS Rolling; removed VyOS 1.5 Circinus.Fri, Nov 1, 7:43 PM
syncer added a subscriber: Global Notifications.Fri, Nov 1, 9:19 PM