kas-container: podman: Remove --pid=host
We were using the host PID namespace as workaround for problems related
to binfmt and its missing namespace support. As it turns out after
running a bunch of tests this is no longer necessary.
This patch "reverts" 6b025e4910 ("kas-docker: Podman: Fixing isar builds
failing with exec format errors").
Test matrix:
kas layer podman 3.4.4 podman 3.0.1 podman 3.4.4
on Fedora 35 on Debian 11 on Debian 11
(podman from testing)
xenomai-images
ISAR_CROSS_COMPILE = 1 OK OK OK
ISAR_CROSS_COMPILE = 0 OK OK OK
iot-2000 OK FAIL [1] FAIL [1]
[1] The iot-2000 layer is not ISAR based, so we do not run in privileged
mode for such builds which seems to make a difference when using the
--userns=keep-id argument. As it works on Fedora and the error message
indicates "creating of systemd unit failed" it might by systemd related.
podman run --rm -t -i --userns=keep-id debian:buster-slim
Fedora: OK
Debian: Fail
Error: OCI runtime error: error creating systemd unit
`libpod-<snip>.scope`: got `failed`
Signed-off-by: Florian Bezdeka <florian.bezdeka@siemens.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
This commit is contained in:
Florian Bezdeka
Jan Kiszka
parent
1dea24145e
commit
0f5401be19
@ -84,7 +84,6 @@ enable_isar_mode() {
|
||||
if [ "${KAS_CONTAINER_ENGINE}" = "podman" ]; then
|
||||
# sudo is needed for a privileged podman container
|
||||
KAS_CONTAINER_COMMAND="sudo ${KAS_CONTAINER_COMMAND}"
|
||||
KAS_ISAR_ARGS="${KAS_ISAR_ARGS} --pid=host"
|
||||
fi
|
||||
}
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user