-
Notifications
You must be signed in to change notification settings - Fork 97
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
operation not permitted in unpriv.link when creating an image #310
Comments
It's a bit odd that you get an error that indicates the unprivileged wrapper code was used (when you were running it as root without
Are you running this inside a container, or something like that? Is it a stock Ubuntu install? Do you have any strange AppArmor profiles? |
Thanks for the detailed response :) I'm using an Ubuntu bionic VM brought up using vagrant on macOS, it's my personal machine. It's a stock install with various dev tools installed on it. Nothing like AppArmor is on the vm. Here's the raw output of what I ran. vagrant@ubuntu-bionic:~/workspace$ type skopeo
skopeo is hashed (/usr/local/bin/skopeo)
vagrant@ubuntu-bionic:~/workspace$ type umoci
umoci is hashed (/usr/local/bin/umoci)
vagrant@ubuntu-bionic:~/workspace$ skopeo copy docker://opensuse/tumbleweed:latest oci:tumbleweed:latest
Getting image source signatures
Copying blob b3d29a92b70f done
Copying config 95f5e4fd3d done
Writing manifest to image destination
Storing signatures
vagrant@ubuntu-bionic:~/workspace$ sudo umoci unpack --image tumbleweed:latest bundle
• umoci encountered a permission error: maybe --rootless will help?
⨯ create runtime bundle: unpack rootfs: unpack layer: unpack entry: bin/pkill: link: link bundle/rootfs/bin/pgrep bundle/rootfs/bin/pkill: operation not permitted Here's the
I see that there are tests to ensure hardlinks are correctly unpacked. I'm not sure what's up with this particular hardlink. |
Alright, I'll try this in a Bionic VM.
We could probably make the debugging output tell you what the type is if it's a known type. |
OS: Ubuntu 18.04
Kernel: 4.15.0-72-generic
umoci version: 0.4.5
Seems related to #222. To reproduce:
Using
--rootless
returns the same error though.Let me know if there's anything else you'd like me to try or help out with. I'm just playing around with skopeo, umoci, and runc right now, still learning lots.
The text was updated successfully, but these errors were encountered: