Even though the number of user lookups have been reduced from two to one
via https://github.com/containers/libpod/pull/1978, we still see the
following error from time to time:
time="2019-11-22T19:19:33Z" level=debug msg="ExitCode msg: \"unable to find user root: no matching entries in passwd file\""
time="2019-11-22T19:19:33Z" level=error msg="unable to find user root: no matching entries in passwd file"
The TLDR; is that podman/docker, when passed a --user=<name> parameter,
will parse the /etc/passwd file inside the container and detect the
uid/gid to switch to. The problem seems to be that sometimes this
/etc/passwd is either read as empty or non-existant when we try and
parse it (the root-cause of which is the real underlying bug).
Tested this by running a reproducer on three machines for a total
of ~800 runs and had 0 occurrences of this error. Previously I could
reproduce this issue in about 30 to 60 runs at most.
Related rhbz: 1776766
Related-Bug: #1803544
NB: Cherry-pick not 100% clean
Change-Id: Ia9860107c35e543a05775596076873ea950b7400
(cherry picked from commit 393e96b5b9e8affd35b48fb45f0a75b253629074)
(cherry picked from commit 871c1a30326c3c5b0e3703a0ab64deedc1ded5a6)
Reviewed: https:/ /review. opendev. org/720588 /git.openstack. org/cgit/ openstack/ tripleo- heat-templates/ commit/ ?id=cea234d40ef 70a740421759771 b97c5b20aac8d5
Committed: https:/
Submitter: Zuul
Branch: stable/stein
commit cea234d40ef70a7 40421759771b97c 5b20aac8d5
Author: Michele Baldessari <email address hidden>
Date: Tue Nov 26 17:18:03 2019 +0100
Use '0' instead of root in container-puppet.py
Even though the number of user lookups have been reduced from two to one /github. com/containers/ libpod/ pull/1978, we still see the "2019-11- 22T19:19: 33Z" level=debug msg="ExitCode msg: \"unable to find user root: no matching entries in passwd file\"" "2019-11- 22T19:19: 33Z" level=error msg="unable to find user root: no matching entries in passwd file"
via https:/
following error from time to time:
time=
time=
The TLDR; is that podman/docker, when passed a --user=<name> parameter,
will parse the /etc/passwd file inside the container and detect the
uid/gid to switch to. The problem seems to be that sometimes this
/etc/passwd is either read as empty or non-existant when we try and
parse it (the root-cause of which is the real underlying bug).
Since it seems that root-causing this will take a rather large amount of /github. com/containers/ libpod/ blob/master/ vendor/ github. com/opencontain ers/runc/ libcontainer/ user/user. go#L333
time, we can just pass the UID directly which will not fail when
the parsing code cannot find the specified user in /etc/passwd, as it
simply uses the provided UID:
https:/
Tested this by running a reproducer on three machines for a total
of ~800 runs and had 0 occurrences of this error. Previously I could
reproduce this issue in about 30 to 60 runs at most.
Related rhbz: 1776766
Related-Bug: #1803544
NB: Cherry-pick not 100% clean
Change-Id: Ia9860107c35e54 3a0577559607687 3ea950b7400 d35b48fb45f0a75 b253629074) b0e3703a0ab64de edc1ded5a6)
(cherry picked from commit 393e96b5b9e8aff
(cherry picked from commit 871c1a30326c3c5