Podman support

[MGlolenstine]

Because docker has some limitations, especially the "must-be-root-to-run" one, I'd love to see Podman support, as it's often impossible to run docker as a root.

[etrombly]

I think this would be good. From looking at the docs you should be able to pull the image from dockerhub or build it directly with podman. Is there any specific change you needed?

[MGlolenstine]

Correct, I can use an image from Docker hub but have to modify the Dockerfile(e.g. fedora -> docker://fedora) to build the image myself. There's also another problem with Permission denied, which happens when accessing data to copy for the package.
There could be some other problems I'm not aware of though.

[etrombly]

So it looks like you need to use the long form to pull:

podman pull etrombly/rust-crosscompile:latest

it worked as root for me, I didn't set up to run as a regular user to test though.

[MGlolenstine]

Long version worked for me as well, but we can't run it as a regular user, which is the point of Podman. Podman is made to be rootless docker, so that you can get rid of many root exploits which are on docker.

[MGlolenstine]

So it looks like you need to use the long-form to pull:

podman pull etrombly/rust-crosscompile:latest

it worked as root for me, I didn't set up to run as a regular user to test though.

I have a note about your reply.

• For me to fetch the image, I have to run it as podman pull docker://etrombly/rust-crosscompile:latest and if I remove the docker://, it returns the following error

Error: unable to pull etrombly/rust-crosscompile:latest: image name provided is a short name and no search registries are defined in the registries config file.

because Podman tries to search their repos and can't find it.

This is the problem I get with the Podman when run as non-root.

error: failed to open: /home/rust/src/target/release/.cargo-lock

Caused by:
  Permission denied (os error 13)
mkdir: cannot create directory 'package': File exists
cp: cannot create regular file 'package/gui_test.exe': Permission denied
Could not resolve: USERENV.dll
cp: cannot create regular file 'package/iconv.dll': Permission denied
cp: cannot create regular file 'package/libatk-1.0-0.dll': Permission denied
cp: cannot create regular file 'package/libbz2-1.dll': Permission denied
cp: cannot create regular file 'package/libcairo-2.dll': Permission denied
cp: cannot create regular file 'package/libcairo-gobject-2.dll': Permission denied
cp: cannot create regular file 'package/libepoxy-0.dll': Permission denied
cp: cannot create regular file 'package/libexpat-1.dll': Permission denied
cp: cannot create regular file 'package/libffi-6.dll': Permission denied
cp: cannot create regular file 'package/libfontconfig-1.dll': Permission denied
cp: cannot create regular file 'package/libfreetype-6.dll': Permission denied
cp: cannot create regular file 'package/libfribidi-0.dll': Permission denied
cp: cannot create regular file 'package/libgcc_s_seh-1.dll': Permission denied
cp: cannot create regular file 'package/libgdk-3-0.dll': Permission denied
cp: cannot create regular file 'package/libgdk_pixbuf-2.0-0.dll': Permission denied
cp: cannot create regular file 'package/libgio-2.0-0.dll': Permission denied
cp: cannot create regular file 'package/libglib-2.0-0.dll': Permission denied
cp: cannot create regular file 'package/libgmodule-2.0-0.dll': Permission denied
cp: cannot create regular file 'package/libgobject-2.0-0.dll': Permission denied
cp: cannot create regular file 'package/libgtk-3-0.dll': Permission denied
cp: cannot create regular file 'package/libharfbuzz-0.dll': Permission denied
cp: cannot create regular file 'package/libintl-8.dll': Permission denied
cp: cannot create regular file 'package/libjpeg-62.dll': Permission denied
cp: cannot create regular file 'package/libpango-1.0-0.dll': Permission denied
cp: cannot create regular file 'package/libpangocairo-1.0-0.dll': Permission denied
cp: cannot create regular file 'package/libpangoft2-1.0-0.dll': Permission denied
cp: cannot create regular file 'package/libpangowin32-1.0-0.dll': Permission denied
cp: cannot create regular file 'package/libpcre-1.dll': Permission denied
cp: cannot create regular file 'package/libpixman-1-0.dll': Permission denied
cp: cannot create regular file 'package/libpng16-16.dll': Permission denied
cp: cannot create regular file 'package/libssp-0.dll': Permission denied
cp: cannot create regular file 'package/libtiff-5.dll': Permission denied
cp: cannot create regular file 'package/libwinpthread-1.dll': Permission denied
cp: cannot create regular file 'package/zlib1.dll': Permission denied
cp: cannot create regular file 'package/share/glib-2.0/schemas/gschema.dtd': Permission denied
cp: cannot create regular file 'package/share/glib-2.0/schemas/gschemas.compiled': Permission denied
cp: cannot create regular file 'package/share/glib-2.0/schemas/org.gtk.Demo.gschema.xml': Permission denied
cp: cannot create regular file 'package/share/glib-2.0/schemas/org.gtk.Settings.ColorChooser.gschema.xml': Permission denied
cp: cannot create regular file 'package/share/glib-2.0/schemas/org.gtk.Settings.Debug.gschema.xml': Permission denied
cp: cannot create regular file 'package/share/glib-2.0/schemas/org.gtk.Settings.EmojiChooser.gschema.xml': Permission denied
cp: cannot create regular file 'package/share/glib-2.0/schemas/org.gtk.Settings.FileChooser.gschema.xml': Permission denied
cp: cannot create regular file 'package/share/glib-2.0/schemas/org.gtk.exampleapp.gschema.xml': Permission denied
cp: cannot create regular file 'package/share/icons/icons/Adwaita/16x16/actions/action-unavailable-symbolic.symbolic.png': Permission denied
cp: cannot create regular file 'package/share/icons/icons/Adwaita/16x16/actions/address-book-new-symbolic.symbolic.png': Permission denied
cp: cannot create regular file 'package/share/icons/icons/Adwaita/16x16/actions/application-exit-symbolic.symbolic.png': Permission denied
cp: cannot create regular file 'package/share/icons/icons/Adwaita/16x16/actions/appointment-new-symbolic.symbolic.png': Permission denied
cp: cannot create regular file 'package/share/icons/icons/Adwaita/16x16/actions/bookmark-new-symbolic.symbolic.png': Permission denied
cp: cannot create regular file 'package/share/icons/icons/Adwaita/16x16/actions/call-start-symbolic.symbolic.png': Permission denied
cp: cannot create regular file 'package/share/icons/icons/Adwaita/16x16/actions/call-stop-symbolic.symbolic.png': Permission denied
cp: cannot create regular file 'package/share/icons/icons/Adwaita/16x16/actions/camera-switch-symbolic.symbolic.png': Permission denied
cp: cannot create regular file 'package/share/icons/icons/Adwaita/16x16/actions/chat-message-new-symbolic.symbolic.png': Permission denied
cp: cannot create regular file 'package/share/icons/icons/Adwaita/16x16/actions/color-select-symbolic.symbolic.png': Permission denied
cp: cannot create regular file 'package/share/icons/icons/Adwaita/16x16/actions/contact-new-symbolic.symbolic.png': Permission denied
cp: cannot create regular file 'package/share/icons/icons/Adwaita/16x16/actions/document-edit-symbolic.symbolic.png': Permission denied
cp: cannot create regular file 'package/share/icons/icons/Adwaita/16x16/actions/document-new-symbolic.symbolic.png': Permission denied
cp: cannot create regular file 'package/share/icons/icons/Adwaita/16x16/actions/document-open-recent-symbolic.symbolic.png': Permission denied
-- SNIP: tons of theme files failed to copy --
cp: cannot create regular file 'package/share/themes/Windows10/xfwm4/top-left-inactive.xpm': Permission denied
cp: cannot create regular file 'package/share/themes/Windows10/xfwm4/top-right-active.xpm': Permission denied
cp: cannot create regular file 'package/share/themes/Windows10/xfwm4/top-right-inactive.xpm': Permission denied
/usr/bin/package.sh: line 19: package/share/gtk-3.0/settings.ini: Permission denied
mingw-strip: package/gui_test.exe: could not create temporary file to hold stripped copy: cause of error unknown
mingw-strip: package/iconv.dll: could not create temporary file to hold stripped copy: cause of error unknown
mingw-strip: package/libatk-1.0-0.dll: could not create temporary file to hold stripped copy: cause of error unknown
mingw-strip: package/libbz2-1.dll: could not create temporary file to hold stripped copy: cause of error unknown
mingw-strip: package/libcairo-2.dll: could not create temporary file to hold stripped copy: cause of error unknown
mingw-strip: package/libcairo-gobject-2.dll: could not create temporary file to hold stripped copy: cause of error unknown
mingw-strip: package/libepoxy-0.dll: could not create temporary file to hold stripped copy: cause of error unknown
mingw-strip: package/libexpat-1.dll: could not create temporary file to hold stripped copy: cause of error unknown
mingw-strip: package/libffi-6.dll: could not create temporary file to hold stripped copy: cause of error unknown
mingw-strip: package/libfontconfig-1.dll: could not create temporary file to hold stripped copy: cause of error unknown
mingw-strip: package/libfreetype-6.dll: could not create temporary file to hold stripped copy: cause of error unknown
mingw-strip: package/libfribidi-0.dll: could not create temporary file to hold stripped copy: cause of error unknown
mingw-strip: package/libgcc_s_seh-1.dll: could not create temporary file to hold stripped copy: cause of error unknown
mingw-strip: package/libgdk-3-0.dll: could not create temporary file to hold stripped copy: cause of error unknown
mingw-strip: package/libgdk_pixbuf-2.0-0.dll: could not create temporary file to hold stripped copy: cause of error unknown
mingw-strip: package/libgio-2.0-0.dll: could not create temporary file to hold stripped copy: cause of error unknown
mingw-strip: package/libglib-2.0-0.dll: could not create temporary file to hold stripped copy: cause of error unknown
mingw-strip: package/libgmodule-2.0-0.dll: could not create temporary file to hold stripped copy: cause of error unknown
mingw-strip: package/libgobject-2.0-0.dll: could not create temporary file to hold stripped copy: cause of error unknown
mingw-strip: package/libgtk-3-0.dll: could not create temporary file to hold stripped copy: cause of error unknown
mingw-strip: package/libharfbuzz-0.dll: could not create temporary file to hold stripped copy: cause of error unknown
mingw-strip: package/libintl-8.dll: could not create temporary file to hold stripped copy: cause of error unknown
mingw-strip: package/libjpeg-62.dll: could not create temporary file to hold stripped copy: cause of error unknown
mingw-strip: package/libpango-1.0-0.dll: could not create temporary file to hold stripped copy: cause of error unknown
mingw-strip: package/libpangocairo-1.0-0.dll: could not create temporary file to hold stripped copy: cause of error unknown
mingw-strip: package/libpangoft2-1.0-0.dll: could not create temporary file to hold stripped copy: cause of error unknown
mingw-strip: package/libpangowin32-1.0-0.dll: could not create temporary file to hold stripped copy: cause of error unknown
mingw-strip: package/libpcre-1.dll: could not create temporary file to hold stripped copy: cause of error unknown
mingw-strip: package/libpixman-1-0.dll: could not create temporary file to hold stripped copy: cause of error unknown
mingw-strip: package/libpng16-16.dll: could not create temporary file to hold stripped copy: cause of error unknown
mingw-strip: package/libssp-0.dll: could not create temporary file to hold stripped copy: cause of error unknown
mingw-strip: package/libtiff-5.dll: could not create temporary file to hold stripped copy: cause of error unknown
mingw-strip: package/libwinpthread-1.dll: could not create temporary file to hold stripped copy: cause of error unknown
mingw-strip: Warning: 'package/share' is a directory
mingw-strip: package/zlib1.dll: could not create temporary file to hold stripped copy: cause of error unknown
zip I/O error: Permission denied
zip error: Could not create output file (package.zip)

[etrombly]

The permissions problem is because I run the compile and package as a different user in the container. For docker containers it makes sense, because you don't want to run things as root if you don't have to. But in rootless podman, root is actually the user you launch podman with. I see three options for fixing it:

1. Switch it back to running as root in the container
2. Have it create the package directory somewhere in the container, /tmp probably. Then copy the package.zip out after the container is done. seems like a bit of a hassle though.
3. I could add documentation that if you are running podman you need to set up permissions. Here's a good article on it https://www.redhat.com/sysadmin/user-namespaces-selinux-rootless-containers

Also if you are running on a system that has SELinux configure you may need to add :z to the end of the volume parameter.

-v $(pwd):/home/rust/src:z

Not sure which would be the best, 1 is probably the easiest. Have to think on it a bit.

[etrombly]

I changed it back to running as root to build, can you test to see if that fixes it for you?

[MGlolenstine]

Surely,
I'll test it out tomorrow when I get to work!
Thanks for working on this!