Allow running podman inside muvm #199
Description
I tried to run an AMD64 image with podman 5.6.2 inside muvm 0.4.1 and it doesn't work:
$ muvm -- FEXBash
No IPv6 nameserver available for NDP/DHCPv6
Using default interface naming scheme 'v257'.
Failed to open /usr/lib/udev/rules.d/60-nfs.rules, ignoring: Permission denied
FEXBash-dan@m1:~> podman run hello
WARN[0000] "/" is not a shared mount, this could cause issues or missing mounts with rootless containers
ERRO[0000] Refreshing container d652c9732a9640e3268ef48bb9664083a75bd1d831b50c08d3b5797cdd89beea: acquiring lock 1 for container d652c9732a9640e3268ef48bb9664083a75bd1d831b50c08d3b5797cdd89beea: file exists
ERRO[0000] Refreshing container 8b6a7acbc4faebce87929811b6abcaf6423579138d7c8fab63e4581216171174: acquiring lock 2 for container 8b6a7acbc4faebce87929811b6abcaf6423579138d7c8fab63e4581216171174: file exists
...
WARNING: image platform (linux/amd64) does not match the expected platform (linux/arm64)
ERRO[0000] Preparing container c67dedbb2b830151f01d174379a09ca25fa55acc0444624888f64dafea14cf02: pasta failed with exit code 1:
Failed to open() /dev/net/tun: No such file or directory
Failed to set up tap device in namespace
Error: create /etc: permission denied
Looks like it's not able to create /etc, possibly a SELinux problem?
[pid 333] openat(AT_FDCWD, "/home/dan/.local/share/containers/storage/overlay/7455cc45cd7bb84a89deaf55d2950a9eaad06c00fa355d3e28498c98e8f8b87e/merged", O_RDONLY|O_CLOEXEC|O_PATH) = 7
[pid 333] mkdirat(7, "etc", 0755 <unfinished ...>
[pid 337] <... read resumed>, ",\0\0\0\1\0\0\0\6\0\0\0\0\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0M\1\0\0\0\0\0\0etc\0", 1052672) = 44
[pid 337] writev(7, [{iov_base="\220\0\0\0\0\0\0\0\6\0\0\0\0\0\0\0", iov_len=16}, {iov_base="\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\312\232;\0\0\0\0\0\312\232;\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\
0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0", iov_len=128}], 2) = 144
[pid 337] read(7, "4\0\0\0\t\0\0\0\10\0\0\0\0\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0M\1\0\0\0\0\0\0\355\1\0\0\22\0\0\0etc\0", 1052672) = 52
[pid 337] fstatfs(5, {f_type=FUSE_SUPER_MAGIC, f_bsize=4096, f_blocks=168600832, f_bfree=57964791, f_bavail=56289063, f_files=0, f_ffree=0, f_fsid={val=[0, 0]}, f_namelen=255, f_frsize=4096,
f_flags=ST_VALID|ST_RELATIME}) = 0
[pid 337] mkdirat(6, "2", 0755) = 0
[pid 337] openat2(6, "2", {flags=O_RDONLY, resolve=RESOLVE_IN_ROOT}, 24) = 10
[pid 337] fsetxattr(10, "trusted.overlay.opaque", "y", 1, 0) = -1 EPERM (Operation not permitted)
[pid 337] fsetxattr(10, "user.fuseoverlayfs.opaque", "y", 1, 0) = 0
[pid 337] openat2(10, ".wh..wh..opq", {flags=O_WRONLY|O_CREAT|O_NONBLOCK, mode=0700, resolve=RESOLVE_IN_ROOT}, 24) = 11
[pid 337] close(11) = 0
[pid 337] fstat(10, {st_mode=S_IFDIR|0755, st_size=24, ...}) = 0
[pid 337] renameat(6, "2", 5, "./etc") = -1 EACCES (Permission denied)
[pid 337] renameat(6, "2", 5, "./etc") = -1 EACCES (Permission denied)
[pid 337] unlinkat(6, "2", AT_REMOVEDIR) = -1 ENOTEMPTY (Directory not empty)
[pid 337] close(10) = 0
[pid 337] writev(7, [{iov_base="\20\0\0\0\363\377\377\377\10\0\0\0\0\0\0\0", iov_len=16}], 1) = 16
[pid 333] <... mkdirat resumed>) = -1 EACCES (Permission denied)
[pid 337] read(7 <unfinished ...>
[pid 333] close(7) = 0
[pid 333] openat(AT_FDCWD, "/home/dan/.local/share/containers/storage/overlay-containers/containers.lock", O_RDWR|O_CREAT|O_CLOEXEC, 0644) = 7