docker fails to build on foreign Debian system

  • Done
  • quality assurance status badge
Details
2 participants
  • Jakub K?dzio?ka
  • Maxim Cournoyer
Owner
unassigned
Submitted by
Jakub K?dzio?ka
Severity
normal
J
J
Jakub K?dzio?ka wrote on 23 May 2020 20:48
(address . bug-guix@gnu.org)
20200523184857.jqzmx5ttlaupvvdv@gravity
I am trying to build the `docker' package on a foreign distro.
Specifically, Debian sid. This results in the following test failures:

--------------------------------------
=== Failed
=== FAIL: daemon/graphdriver/quota TestBlockDev/testBlockDevQuotaDisabled (0.03s)
--- FAIL: TestBlockDev/testBlockDevQuotaDisabled (0.03s)
projectquota_test.go:83: assertion failed: error is not nil: exit status 1: mount failed: mount: /tmp/guix-build-docker-19.03.7.drv-0/xfs-mountPoint-325789281: mount failed: Operation not permitted.

=== FAIL: daemon/graphdriver/quota TestBlockDev/testBlockDevQuotaEnabled (0.02s)
--- FAIL: TestBlockDev/testBlockDevQuotaEnabled (0.02s)
projectquota_test.go:83: assertion failed: error is not nil: exit status 1: mount failed: mount: /tmp/guix-build-docker-19.03.7.drv-0/xfs-mountPoint-054602316: mount failed: Operation not permitted.

=== FAIL: daemon/graphdriver/quota TestBlockDev/testSmallerThanQuota (0.01s)
--- FAIL: TestBlockDev/testSmallerThanQuota (0.01s)
projectquota_test.go:83: assertion failed: error is not nil: exit status 1: mount failed: mount: /tmp/guix-build-docker-19.03.7.drv-0/xfs-mountPoint-879061307: mount failed: Operation not permitted.

=== FAIL: daemon/graphdriver/quota TestBlockDev/testBiggerThanQuota (0.01s)
--- FAIL: TestBlockDev/testBiggerThanQuota (0.01s)
projectquota_test.go:83: assertion failed: error is not nil: exit status 1: mount failed: mount: /tmp/guix-build-docker-19.03.7.drv-0/xfs-mountPoint-487602526: mount failed: Operation not permitted.

=== FAIL: daemon/graphdriver/quota TestBlockDev/testRetrieveQuota (0.01s)
--- FAIL: TestBlockDev/testRetrieveQuota (0.01s)
projectquota_test.go:83: assertion failed: error is not nil: exit status 1: mount failed: mount: /tmp/guix-build-docker-19.03.7.drv-0/xfs-mountPoint-717635877: mount failed: Operation not permitted.

=== FAIL: daemon/graphdriver/quota TestBlockDev (0.38s)
projectquota_test.go:50: meta-data=/tmp/guix-build-docker-19.03.7.drv-0/xfs-image973358730 isize=256 agcount=4, agsize=4096 blks
= sectsz=512 attr=2, projid32bit=1
= crc=0 finobt=0, sparse=0, rmapbt=0
= reflink=0
data = bsize=4096 blocks=16384, imaxpct=25
= sunit=0 swidth=0 blks
naming =version 2 bsize=4096 ascii-ci=0, ftype=1
log =internal log bsize=4096 blocks=853, version=2
= sectsz=512 sunit=0 blks, lazy-count=1
realtime =none extsz=4096 blocks=0, rtextents=0
--------------------------------------

This suggests that there's an issue with permissions. I recalled that
Debian ships a custom kernel patch that disables unprivileged
namespaces by default. However, after setting

kernel.unprivileged_userns_clone = 1

the problem persisted.

I am attaching the full build log.
-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEE5Xa/ss9usT31cTO54xWnWEYTFWQFAl7JcBIACgkQ4xWnWEYT
FWTt0A//QQOODbCTu4vFK3v/Xiij7eV6jW5tb9ckdM+LlDNM48yzWZ19fYBgT0b4
f/vUOp2OEvbFTkYnTK6LwwcVnI18IYX3xGoMDHdBkbyB93NbLiM0P3X5r+hQ5M+3
SdDq1IEUEyjK6aRkGRMtg3fVZwPwOiKxLNEYrI31u8Xw8+mgLVBDD4tE4tcjrSz4
sRagJb1v5t/Z9ofijykQcIR+X86a560M7bitdubyZ76OXxsDI15ReCsxAg9WJw63
28cB8k0xmruLotQhvFVtM0BCwLZ+vMRZ7tdOm57hyOudqkSabYvnnxKl0/PzcyEX
R5Ye+0A/cYIox1xN3eNYX2CstdUSmjSp9BZbhEh4uIM56e/cCKLlwfUV37glbXSW
fZmMa9vCHDepyHl+K3tc4ow6pmGvW6lhwEAixik7ABeoJN/NEsiSm6Qmy6F2coGx
2z+7LA54SUq1Bo5RKNxUYhEcPMD46BHpZRigRpnWbe887SQ+121x3mrlPuEyGB0X
MDFr7zfUdO5M63LcO80lA0yFS0WHJVkQ8VfcQ2G2y0lB25Jbj2Yp1ghnqB9etlbf
fkhhiilXP7tL1YBwEu+O/PwyaD0AUyOyx/uq4wWH2g4ss41ua5NE739lF0Cp52nv
sOn134vcbKDU2S4ud3mvI9E5CpBQvKNc5TWkkr+78Kg9DE3/A3g=
=v66h
-----END PGP SIGNATURE-----


M
M
Maxim Cournoyer wrote on 24 Jun 2022 07:07
(name . Jakub K?dzio?ka)(address . kuba@kadziolka.net)(address . 41491-done@debbugs.gnu.org)
87y1xmzm1c.fsf@gmail.com
Hi,

Closing as there's a new version of Docker available. Hopefully that
solves the issue you had.

Maxim
Closed
?