Control: Tag -1 upstream
The full context of this conversation is archived at
https://bugs.debian.org/1100135
Sam Hartman <
hartmans@debian.org> writes:
package: apparmor
version: 4.1.0~beta5-3
severity: important
x-debbugs-cc: podman@packages.debian.org, pasta@packages.debian.org, golang-github-containers-common@packages.debian.org, tim.miller@hadronindustries.com
Recently I started running into the following error shutting down
containers with podman stop:
* rootless netns: kill network process: permission denied
This error is produced by
golang-github-containers-common/libnetwork/internal/rootlessnetns/netns_linux.go
in the cleanup function:
if err := n.cleanupRootlessNetns(); err != nil {
multiErr = multierror.Append(multiErr, wrapError("kill network process", err))
}
And that function effectively just finds and kills the pasta or
slirp4netns process:
if err == nil {
// kill the slirp/pasta process so we do not leak it
err = unix.Kill(pid, unix.SIGTERM)
if err == unix.ESRCH {
err = nil
}
Sam, I think your analyis makes sense. I see that you have now re-assigned this to
the golang-github-containers-common package, which does contain the code above.
May I ask you to file this bug at
https://github.com/containers/common/issues/new?template=BLANK_ISSUE and
tag me and dwalsh to it? I'd make sure that we make the right decision
here. As a heads-up, I've CC'ed Dan and Paul to this email.
Thanks!
-rt
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)