Details
-
Bug
-
Resolution: Not a Bug
-
Medium
-
None
-
4.10-1.2.0
-
False
-
False
-
1
-
0
-
0.0
Description
Description
Building container image inside sandboxed (kata) containers using buildah
Steps to reproduce
cat >build.yaml <<EOF apiVersion: v1 kind: Pod metadata: name: buildah namespace: sandboxed-builds spec: runtimeClassName: kata containers: - name: buildah image: quay.io/buildah/stable:v1.23.0 command: ["sleep", "infinity"] securityContext: privileged: true EOF oc create ns sandboxed-builds oc apply -f build.yaml oc exec -it buildah bash mknod /dev/fuse -m 0666 c 10 229 mkdir /build && cd /build cat >Dockerfile <<EOF FROM quay.io/fedora/fedora:33 RUN date EOF buildah bud -f Dockerfile .
Expected result
Successful container image build
Actual result
process exited with error: fork/exec /bin/sh: no such file or directorysubprocess exited with status 1
Impact
The use-case of isolated builds and build pipeline using sandboxed containers becomes weak.
Env
kata-containers-2.3.0
Additional helpful info
The issue is not there for runc containers.
Also I have not check with upstream kata and initrd.