When the process running the crates is having limited privileges, it trigger an Internal error.
First of all, this a strange setup, it happens when I was trying to debug a container, so I'm not sure if this is a valid bug.
Here is the minimal example which will trigger the error:
fn main() {
println!("Hello, world!");
match procfs::process::all_processes() {
Ok(all) => {
for p in all {
//for n in p.unwrap().namespaces().unwrap().0.values() {
match p {
Ok(o) => match o.namespaces() {
Ok(n) => {
println!("{:?}", n);
}
Err(e) => {
println!("{e}");
}
},
Err(e) => {
println!("{e}")
}
}
}
}
Err(e) => {
println!("{e}")
}
}
}This can be build in a container with the following Containerfile:
FROM rust
RUN mkdir /app
COPY src /app/src
COPY Cargo.* /app/
WORKDIR /app
RUN --mount=type=cache,target=/app/target/ \
--mount=type=cache,target=/usr/local/cargo/git/db \
--mount=type=cache,target=/usr/local/cargo/registry/ \
cargo install --path .
#RUN procfs-bug
CMD ["procfs-bug"]Then, this can be build in a container with:
$ sudo podman build . -t procfs-bug
And when it runs with the following configuration, it will trigger the internal error
$ sudo podman run -it --pid=host procfs-bug
Hello, world!
Internal error: bug at /usr/local/cargo/registry/src/index.crates.io-1949cf8c6b5b557f/procfs-0.18.0/src/process/namespaces.rs:33 (please report this procfs bug)
Internal Unwrap Error: Unable to stat "/proc/1/ns/net"
Internal error: bug at /usr/local/cargo/registry/src/index.crates.io-1949cf8c6b5b557f/procfs-0.18.0/src/process/namespaces.rs:33 (please report this procfs bug)
Internal Unwrap Error: Unable to stat "/proc/2/ns/net"
Internal error: bug at /usr/local/cargo/registry/src/index.crates.io-1949cf8c6b5b557f/procfs-0.18.0/src/process/namespaces.rs:33 (please report this procfs bug)
Internal Unwrap Error: Unable to stat "/proc/3/ns/net"
Internal error: bug at /usr/local/cargo/registry/src/index.crates.io-1949cf8c6b5b557f/procfs-0.18.0/src/process/namespaces.rs:33 (please report this procfs bug)
Internal Unwrap Error: Unable to stat "/proc/4/ns/net"
Internal error: bug at /usr/local/cargo/registry/src/index.crates.io-1949cf8c6b5b557f/procfs-0.18.0/src/process/namespaces.rs:33 (please report this procfs bug)
Internal Unwrap Error: Unable to stat "/proc/5/ns/net"
Internal error: bug at /usr/local/cargo/registry/src/index.crates.io-1949cf8c6b5b557f/procfs-0.18.0/src/process/namespaces.rs:33 (please report this procfs bug)
Internal Unwrap Error: Unable to stat "/proc/6/ns/net"
Internal error: bug at /usr/local/cargo/registry/src/index.crates.io-1949cf8c6b5b557f/procfs-0.18.0/src/process/namespaces.rs:33 (please report this procfs bug)
Internal Unwrap Error: Unable to stat "/proc/7/ns/net"
Internal error: bug at /usr/local/cargo/registry/src/index.crates.io-1949cf8c6b5b557f/procfs-0.18.0/src/process/namespaces.rs:33 (please report this procfs bug)
Internal Unwrap Error: Unable to stat "/proc/8/ns/net"
Internal error: bug at /usr/local/cargo/registry/src/index.crates.io-1949cf8c6b5b557f/procfs-0.18.0/src/process/namespaces.rs:33 (please report this procfs bug)
Internal Unwrap Error: Unable to stat "/proc/13/ns/net"
Internal error: bug at /usr/local/cargo/registry/src/index.crates.io-1949cf8c6b5b557f/procfs-0.18.0/src/process/namespaces.rs:33 (please report this procfs bug)
Internal Unwrap Error: Unable to stat "/proc/15/ns/net"
Internal error: bug at /usr/local/cargo/registry/src/index.crates.io-1949cf8c6b5b557f/procfs-0.18.0/src/process/namespaces.rs:33 (please report this procfs bug)
Internal Unwrap Error: Unable to stat "/proc/16/ns/net"
Internal error: bug at /usr/local/cargo/registry/src/index.crates.io-1949cf8c6b5b557f/procfs-0.18.0/src/process/namespaces.rs:33 (please report this procfs bug)
Internal Unwrap Error: Unable to stat "/proc/17/ns/net"
Internal error: bug at /usr/local/cargo/registry/src/index.crates.io-1949cf8c6b5b557f/procfs-0.18.0/src/process/namespaces.rs:33 (please report this procfs bug)
Internal Unwrap Error: Unable to stat "/proc/18/ns/net"
Internal error: bug at /usr/local/cargo/registry/src/index.crates.io-1949cf8c6b5b557f/procfs-0.18.0/src/process/namespaces.rs:33 (please report this procfs bug)
Internal Unwrap Error: Unable to stat "/proc/19/ns/net"
Internal error: bug at /usr/local/cargo/registry/src/index.crates.io-1949cf8c6b5b557f/procfs-0.18.0/src/process/namespaces.rs:33 (please report this procfs bug)
Internal Unwrap Error: Unable to stat "/proc/20/ns/net"
...
If you don't know podman, the options I set will give the container access to the host /proc as the root user but remove some capabilities.
When the process running the crates is having limited privileges, it trigger an
Internal error.First of all, this a strange setup, it happens when I was trying to debug a container, so I'm not sure if this is a valid bug.
Here is the minimal example which will trigger the error:
This can be build in a container with the following
Containerfile:Then, this can be build in a container with:
And when it runs with the following configuration, it will trigger the internal error
If you don't know podman, the options I set will give the container access to the host
/procas the root user but remove some capabilities.