podman and SLES15

swadmswadm Established Member

Just trying to get a rootless podman image to run on SLES 15 SP1.
Happy to see that SLE-Module-Containers15-SP1-Updates provides podman 1.8.0-4.20.1
Learned that fuse3 package is required (otherwise "using mount program /usr/bin/fuse-overlayfs: fuse: failed to exec fusermount3: No such file or directory")
But even then, a non-root user will get a permission following error, e.g.:
podmantest@host:~> podman run --name testcontainer --rm -d alpine top
ERRO[0000] error unmounting /home/podmantest/.local/share/containers/storage/overlay/2675cf666fd8d9ed48cb3786d71063395ad988531e7265c7f1f46b10314c5618/merged: invalid argument
Error: error mounting storage for container b8a341ed9ea8bfee36704290c5d2488921b3704b71dfe2b6238bc3c90a8157f3: error creating overlay mount to /home/podmantest/.local/share/containers/storage/overlay/2675cf666fd8d9ed48cb3786d71063395ad988531e7265c7f1f46b10314c5618/merged: using mount program /usr/bin/fuse-overlayfs: fusermount3: mount failed: Operation not permitted
fuse-overlayfs: cannot mount: Operation not permitted
: exit status 1
podmantest@host:~>
In https://github.com/containers/podman/issues/5732 I found "FUSE in a user namespace needs at least Linux 4.18". As SLES15SP1 has 4.12.14, how should I work around this.
Thanks!
Tom

Comments

  • Hey,
    This is a fantastic question and something that I've been running into as well.

    As I understand it (and I'll confirm tomorrow with some of our more knowledgeable engineers), rootless podman/buildah/skopeo does require the new kernel supported in 15 SP2.

    Thank you,
    Andrew Gracey

    P. S. If you are following my guide, I believe I'm running as root and there might be a mistake suggesting that you didn't need to. I was also running some tests on TW that might have led me to conflate the two tests. Sorry if this is the case :(

  • swadmswadm Established Member

    Andrew,
    thanks. I hope that also SP1 will get the newer kernel through current patches.
    Kind regards, Tom

Sign In or Register to comment.