Description
Description
I'm trying to port my previously docker-based gitea service to a rootless container version. I am using podman compose on a Fedora CoreOS system. I currently have the following docker compose file:
version: "3"
networks:
home:
external: true
services:
server:
image: gitea/gitea:latest-rootless
container_name: gitea
restart: always
networks:
- home
volumes:
- ./gitea:/data:Z
- /etc/localtime:/etc/localtime:ro
ports:
- "3000:3000"
- "3222:2222"
security_opt:
- label=disable
I'll note that I've tried with and without the security_opt entry to override label SELinux protections (I know it's not recommended) and also tried with sudo setenforce 0/1 values but I always get the following error:
...
{"msg":"exec container process `/usr/bin/dumb-init`: Permission denied","level":"error","time":"2024-11-17T22:57:02.854823Z"}
{"msg":"exec container process `/usr/bin/dumb-init`: Permission denied","level":"error","time":"2024-11-17T22:57:15.489072Z"}
My guess would be that the rootless container for some reason is running as a user that doesn't have permission to run executables in /usr/bin but why exactly would this be the case in a rootless container?
I've tried both latest-rootless and nightly-rootless with the same result. I have not tried older versions yet.
Reproduction
Install a fedora CoreOS system
Migrate your data folder from a debian based system that uses docker, make modifications to reflect my existing config.
Make sure folder permissions are set as the user running the podman container. For example, chown -R 1000:1000 ./your-gitea-data-folders.
Try to start the rootless container. You should get dumb-init errors.
Gitea Version
nightly-rootless, latest-rootless
Can you reproduce the bug on the Gitea demo site?
No
Log Gist
No response
Screenshots
No response
Git Version
No response
Operating System
Fedora CoreOS
How are you running Gitea?
Podman images using podman compose. See above compose file.
Database
None