Skip to content

error message for missing policy.json only mentions /etc/containers/policy.json #23852

Closed
containers/image
#2582
Closed
error message for missing policy.json only mentions /etc/containers/policy.json#23852
containers/image
#2582
Labels
Good First IssueThis issue would be a good issue for a first time contributor to undertake.kind/bugCategorizes issue or PR as related to a bug.locked - please file new issue/PRAssist humans wanting to comment on an old issue or PR with locked comments.
@bcdarwin

Description

@bcdarwin
bcdarwin
opened on Sep 3, 2024

Issue Description

If no policy.json file is present in any of the accepted locations, podman gives an error but it refers only to /etc/containers/policy.json, not to other possible paths for this config.

Steps to reproduce the issue

$ podman run -it --rm registry.access.redhat.com/ubi8/httpd-24

Describe the results you received

Error: open /etc/containers/policy.json: no such file or directory

Describe the results you expected

something like

Error: no policy.json file found at any of the following: <...>

podman info output

host:
  arch: amd64
  buildahVersion: 1.37.2
  cgroupControllers:
  - memory
  - pids
  cgroupManager: systemd
  cgroupVersion: v2
  conmon:
    package: Unknown
    path: /nix/store/wbj667arynb4hagp4cy5a00hmf90s9k4-podman-helper-binary-wrapper/bin/conmon
    version: 'conmon version 2.1.12, commit: '
  cpuUtilization:
    idlePercent: 97.76
    systemPercent: 0.77
    userPercent: 1.47
  cpus: 12
  databaseBackend: sqlite
  distribution:
    codename: uakari
    distribution: nixos
    version: "24.05"
  eventLogger: journald
  freeLocks: 2048
  hostname: ramanujan
  idMappings:
    gidmap:
    - container_id: 0
      host_id: 100
      size: 1
    - container_id: 1
      host_id: 231072
      size: 65536
    uidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 231072
      size: 65536
  kernel: 6.6.47
  linkmode: dynamic
  logDriver: journald
  memFree: 6826962944
  memTotal: 16453926912
  networkBackend: netavark
  networkBackendInfo:
    backend: netavark
    dns:
      package: Unknown
      path: /nix/store/zkcq9b7884nk826csavzvpp3i8w1vjm4-podman-5.2.2/libexec/podman/aardvark-dns
      version: aardvark-dns 1.12.1
    package: Unknown
    path: /nix/store/zkcq9b7884nk826csavzvpp3i8w1vjm4-podman-5.2.2/libexec/podman/netavark
    version: netavark 1.7.0
  ociRuntime:
    name: crun
    package: Unknown
    path: /nix/store/wbj667arynb4hagp4cy5a00hmf90s9k4-podman-helper-binary-wrapper/bin/crun
    version: |-
      crun version 1.16.1
      commit: 1.16.1
      rundir: /run/user/1000/crun
      spec: 1.0.0
      +SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +CRIU +YAJL
  os: linux
  pasta:
    executable: /nix/store/zkcq9b7884nk826csavzvpp3i8w1vjm4-podman-5.2.2/libexec/podman/pasta
    package: Unknown
    version: |
      pasta 2024_07_26.57a21d2
      Copyright Red Hat
      GNU General Public License, version 2 or later
        <https://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
      This is free software: you are free to change and redistribute it.
      There is NO WARRANTY, to the extent permitted by law.
  remoteSocket:
    exists: true
    path: /run/user/1000/podman/podman.sock
  rootlessNetworkCmd: pasta
  security:
    apparmorEnabled: false
    capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
    rootless: true
    seccompEnabled: true
    seccompProfilePath: ""
    selinuxEnabled: false
  serviceIsRemote: false
  slirp4netns:
    executable: /nix/store/zkcq9b7884nk826csavzvpp3i8w1vjm4-podman-5.2.2/libexec/podman/slirp4netns
    package: Unknown
    version: |-
      slirp4netns version 1.3.1
      commit: e5e368c4f5db6ae75c2fce786e31eef9da6bf236
      libslirp: 4.8.0
      SLIRP_CONFIG_VERSION_MAX: 5
      libseccomp: 2.5.5
  swapFree: 17179865088
  swapTotal: 17179865088
  uptime: 4h 55m 11.00s (Approximately 0.17 days)
  variant: ""
plugins:
  authorization: null
  log:
  - k8s-file
  - none
  - passthrough
  - journald
  network:
  - bridge
  - macvlan
  - ipvlan
  volume:
  - local
registries: {}
store:
  configFile: /home/me/.config/containers/storage.conf
  containerStore:
    number: 0
    paused: 0
    running: 0
    stopped: 0
  graphDriverName: overlay
  graphOptions: {}
  graphRoot: /home/me/.local/share/containers/storage
  graphRootAllocated: 233447018496
  graphRootUsed: 171170406400
  graphStatus:
    Backing Filesystem: extfs
    Native Overlay Diff: "true"
    Supports d_type: "true"
    Supports shifting: "false"
    Supports volatile: "true"
    Using metacopy: "false"
  imageCopyTmpDir: /var/tmp
  imageStore:
    number: 0
  runRoot: /run/user/1000/containers
  transientStore: false
  volumePath: /home/me/.local/share/containers/storage/volumes
version:
  APIVersion: 5.2.2
  Built: 315532800
  BuiltTime: Mon Dec 31 19:00:00 1979
  GitCommit: ""
  GoVersion: go1.22.6
  Os: linux
  OsArch: linux/amd64
  Version: 5.2.2

Podman in a container

No

Privileged Or Rootless

Rootless

Upstream Latest Release

Yes

Additional environment details

No response

Additional information

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    Good First IssueThis issue would be a good issue for a first time contributor to undertake.kind/bugCategorizes issue or PR as related to a bug.locked - please file new issue/PRAssist humans wanting to comment on an old issue or PR with locked comments.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions