Confined selinux users of type staff_u and user_u cannot run rootless podman containers

Solution Verified - Updated -

Issue

  • Container does not run with users with SELinux type staff_u and user_u.
  • Error encountered :
~]$ podman run -it registry.access.redhat.com/rhel7 sleep 20
Trying to pull registry.access.redhat.com/rhel7:latest...
standard_init_linux.go:219: exec user process caused: permission denied

AND

type=USER_AVC msg=audit(1624868719.321:235): pid=940 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc:  received policyload notice (seqno=2)  exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'

Environment

  • container-selinux
  • Red Hat Enterprise Linux 8

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content