landgraf / filesystem

Forked from filesystem 2 years ago
Clone
Source Code
GIT

eae5204 Make the /proc and /sys %ghost

Authored and Committed by landgraf 2 years ago
raw patch tree parent
1 file changed. 12 lines added. 4 lines removed.
filesystem.spec
file modified
+12 -4 
    Make the /proc and /sys %ghost
    
    When working in rootless container environment with user namespaces,
    those directories are pre-populated by the container runtime as
    bind-mounts from host.
    
    Such bind-mounts though naturally inherit ownership/permissions from the
    host's filesystem.rpm, and non-privileged "root" inside container can
    not be allowed to touch files owned by host's UID=0.  Those directories
    are then shown as owned by 'nobody:nobody'.
    
    When filesystem.rpm holds those /proc and /sys in payload, rpm tries to
    re-chown the file to root:root on every package update transaction.
    This operation can not succeed because 'root:root' inside container maps
    to some large UID/GID on host -- and so the RPM transaction fails.
    
    As a workaround (there's no better way currently), remove /proc and /sys
    from the packaged payload, mark those directories %ghost and create them
    by scriptlet.
    
    Resolves: rhbz#1548403
    Version: 3.16
    
    Signed-off-by: Pavel Raiskup <praiskup@redhat.com>
file modified
+12 -4
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.