machine: ensure disk image is writable before resize (fix read-only image init failure)#28447
machine: ensure disk image is writable before resize (fix read-only image init failure)#28447jude-ruben wants to merge 1 commit intocontainers:mainfrom
Conversation
|
|
||
| // Ensure image is writable | ||
| if err := os.Chmod(d.finalPath.GetPath(), 0600); err != nil { | ||
| return fmt.Errorf("failed to set permissions on machine image: %w", err) |
There was a problem hiding this comment.
would like it if you made this error message slightly different so anyone debugging could tell which path immediately they are on? so maybe failed to set permissions on pulled image %s ?
|
did you confirm that any of the other providers also have this problem? |
| img := filepath.Join(GinkgoT().TempDir(),"test.qcow2") | ||
|
|
||
| // Step 2: copy existing image | ||
| exec.Command("cp", mb.imagePath, img).Run() |
There was a problem hiding this comment.
maybe using install here is more efficient?
jude-ruben
force-pushed
the
fix/machine-image-permissions
branch
from
ee9d0de to
377a27b
Compare
@baude ,I verified this behavior only occurs for the QEMU provider. The pulled image is resized during |
|
please run |
Honny1
left a comment
Honny1
left a comment
There was a problem hiding this comment.
Hello @jude-ruben, please rebase on the upstream main branch. We changed import paths recently.
Also please resolve linting issue:
+ ./bin/golangci-lint run --build-tags=apparmor,seccomp,selinux
pkg/machine/e2e/init_test.go:743:62: Error return value of `(*os/exec.Cmd).Run` is not checked (errcheck)
exec.Command("install", "-m", "444", mb.imagePath, img).Run()
^
pkg/machine/e2e/init_test.go:749:3: ginkgo-linter: wrong error assertion. Consider using `Expect(err).ToNot(HaveOccurred())` instead (ginkgolinter)
Expect(err).To(BeNil())
^
pkg/machine/stdpull/local.go:37:1: File is not properly formatted (gofumpt)
if err := os.Chmod(s.finalPath.GetPath(), 0600); err != nil {
^
pkg/machine/stdpull/url.go:84:1: File is not properly formatted (gofumpt)
if err := os.Chmod(d.finalPath.GetPath(), 0600); err != nil {
^
pkg/machine/stdpull/local.go:42:1: unnecessary trailing newline (whitespace)
}
^
Thanks.
4 participants
Problem
Initializing a Podman machine with a read-only disk image (e.g., chmod 444)
fails during the resize step with a permission denied error.
Root Cause
The disk image created from user input may retain read-only permissions.
The resize operation (qemu-img) requires write access but no step ensures
the image is writable before resizing.
Solution
Ensure the disk image is set to writable (0600) before resize operations
using os.Chmod.
Test
Added an e2e test:
podman machine initResult
Fixes #27576