workstation/tickets
13
0
Issues 25 Activity

unable to build new fedora-toolbox images in Koji for F35+ #243

New issue
Closed
opened 2021-09-01 04:20:18 +00:00 by petersen · 8 comments
petersen commented 2021-09-01 04:20:18 +00:00
Owner
Copy link

I just wanted to give a heads-up/alert to the WG that it is currently not still possible to build fedora-toolbox:35 and fedora-toolbox:36 container images in Koji OSBS AFAIK. There is an infrastructure ticket opened, but it seems not getting so much attention yet. Maybe some containers person(s) could help to push this forward?

Not having a post-branched image available for F35 Beta is a shame for Silverblue, but it will be kind of a showstopper for GA.

I just wanted to give a heads-up/alert to the WG that it is currently not still possible to build `fedora-toolbox:35` and `fedora-toolbox:36` container images in Koji OSBS AFAIK. There is an infrastructure [ticket](https://pagure.io/fedora-infrastructure/issue/10145) opened, but it seems not getting so much attention yet. Maybe some containers person(s) could help to push this forward? Not having a post-branched image available for F35 Beta is a shame for Silverblue, but it will be kind of a showstopper for GA.
aday commented 2021-09-07 09:15:28 +00:00
Owner
Copy link

Metadata Update from @aday:

  • Issue set to the milestone: Fedora 35
  • Issue tagged with: meeting
**Metadata Update from @aday**: - Issue set to the milestone: Fedora 35 - Issue tagged with: meeting
aday commented 2021-09-07 14:37:41 +00:00
Owner
Copy link

Discussed in today's meeting - this issue is affecting more than toolbox builds and there's been recent discussion about workarounds. We'll wait and see how things pan out.

Discussed in today's meeting - this issue is affecting more than toolbox builds and there's been recent discussion about workarounds. We'll wait and see how things pan out.
aday commented 2021-09-07 14:37:41 +00:00
Owner
Copy link

Metadata Update from @aday:

  • Issue untagged with: meeting
**Metadata Update from @aday**: - Issue **un**tagged with: meeting
catanzaro commented 2021-09-07 15:21:14 +00:00
Owner
Copy link

I don't think waiting is going to work here.

The problem here is the well-known clone3 syscall issue. Basically there is a new syscall that glibc is using, but which is prohibited by docker and podman seccomp policies. If the syscall is prohibited, glibc would usually fall back to the older clone syscall, but in this case the wrong error code is returned and so glibc does not do its normal fallback. The solution is to run newer versions of docker and/or podman on the systems that are experiencing these problems.

If we really want this fixed, we need to nominate it as a special release blocker to force infrastructure upgrades. There's not really anything that normal developers can do about infrastructure. To the extent that there is a desire to keep certain infrastructure components running RHEL 7, then we either need to rethink that, or else update RHEL 7.

I don't think waiting is going to work here. The problem here is the well-known clone3 syscall issue. Basically there is a new syscall that glibc is using, but which is prohibited by docker and podman seccomp policies. If the syscall is prohibited, glibc would usually fall back to the older clone syscall, but in this case the wrong error code is returned and so glibc does not do its normal fallback. The solution is to run newer versions of docker and/or podman on the systems that are experiencing these problems. If we really want this fixed, we need to nominate it as a special release blocker to force infrastructure upgrades. There's not really anything that normal developers can do about infrastructure. To the extent that there is a desire to keep certain infrastructure components running RHEL 7, then we either need to rethink that, or else update RHEL 7.
aday commented 2021-09-13 10:00:34 +00:00
Owner
Copy link

The infrastructure ticket was closed as fixed 3 days ago. I see successful toolbox builds in Koji, but nothing for F35.

Can someone confirm whether it's possible to build F35+ toolbox images, now?

The infrastructure ticket was closed as fixed 3 days ago. I see successful toolbox builds in Koji, but nothing for F35. Can someone confirm whether it's possible to build F35+ toolbox images, now?
aday commented 2021-09-13 10:03:18 +00:00
Owner
Copy link

Metadata Update from @aday:

  • Issue tagged with: testing
**Metadata Update from @aday**: - Issue tagged with: testing
petersen commented 2021-09-14 13:45:11 +00:00
Author
Owner
Copy link

Both fedora-toolbox:35 and fedora-toolbox:36 images are now in the stable registry since last week.

Both `fedora-toolbox:35` and `fedora-toolbox:36` images are now in the stable registry since last week.
petersen commented 2021-09-14 13:45:12 +00:00
Author
Owner
Copy link

Metadata Update from @petersen:

  • Issue close_status updated to: Fixed
  • Issue status updated to: Closed (was: Open)
**Metadata Update from @petersen**: - Issue close_status updated to: Fixed - Issue status updated to: Closed (was: Open)
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
No results found.
Labels
Clear labels   
a11y

Issues related to Fedora GNOME accessibility

  
btrfs
  
Closed As
Can't fix
Closed with the reason of Can't fix

  
Closed As
Deferred to upstream
Closed with the reason of Deferred to upstream

  
Closed As
Fixed
Closed with the reason of Fixed

  
Closed As
Won't fix
Closed with the reason of Won't fix

  
default-apps

   
easyfix

Easy fixes for new contributors

  
experience

Issues related to the desktop experience

  
help-wanted

Volunteers wanted to help with this issue

  
installation

Issues related to the installer

  
meeting

For next Workstation working group meeting

  
meeting-request

Propose issue for a future meeting

  
nvidia

   
packaging

Requires packaging work

  
pending-action

Has an action that hasn't been completed

  
qa

Related to QA processes, infrastructure, policy. (Not for any issue which affects product quality.)

  
testing

Requires testing and validation

  
user-docs

Issues with the workstation user docs

  
wg-docs

Issues with the working group docs

  
wg-meta

For Workstation WG issues

No labels
a11y
btrfs
Closed As
Can't fix
Closed As
Deferred to upstream
Closed As
Fixed
Closed As
Won't fix
default-apps
easyfix
experience
help-wanted
installation
meeting
meeting-request
nvidia
packaging
pending-action
qa
testing
user-docs
wg-docs
wg-meta
Milestone
Clear milestone
No items
No milestone
Fedora 35
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
3 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
workstation/tickets#243
No description provided.