The runc container runtime 1.2.5 leading to container creation failure in RHOCP 4

Solution Verified - Updated -

Issue

  • The pods that have set shareProcessNamespace: true become stuck in the Init state post upgrade for Rook-Ceph (ODF), GPU and MetalLB FRR pods.

  • After upgrading from 4.19.17 to 4.19.19 the frr-k8s pods are stuck in Init state with similar errors:

    Failed to create pod sandbox: rpc error: code = Unknown desc = container create failed: time="2025-11-21T09:35:58Z" level=error msg="runc create failed: unable to start container process: error during container init: error closing exec fds: get handle to /proc/thread-self/fd: unsafe procfs detected: openat2 fsmount:fscontext:proc/thread-self/fd/: operation not permitted"

Environment

  • Red Hat OpenShift Container Platform (RHOCP)
    • 4.20.4+
    • 4.19.19
    • 4.19.20
    • 4.18.29
    • 4.17.44
    • 4.16.53
    • 4.14.59
    • 4.12.83+
  • runc as the container runtime

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content