ubi9/httpd-24 dnf update breaks rootless run #226
Description
Container platform
Podman/Docker
Version
ubi9/httpd-24
podman version 5.2.2
OS version of the container image
RHEL 9
Bugzilla, Jira
No response
Description
When I update the the latest packages using dnf update -a in my container file, I can no longer run the container in rootless mode using podman. See my container file:
FROM registry.access.redhat.com/ubi9/httpd-24:latest
USER root
RUN dnf update -y && dnf clean all -y
USER default
And here is my podman run command and the error message:
podman run --rm -p 8080:8080 --name httpd -d httpd-updated:latest && podman logs -f httpd
189ab4ae8a7826d38f200d034281981fcd9c14e2181a1f04698c9a8353f51118
=> sourcing 10-set-mpm.sh ...
=> sourcing 20-copy-config.sh ...
=> sourcing 40-ssl-certs.sh ...
---> Generating SSL key pair for httpd...
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 192.168.0.151. Set the 'ServerName' directive globally to suppress this message
(13)Permission denied: AH00058: Error retrieving pid file run/httpd.pid
AH00059: Remove it before continuing if it is corrupted.
Note if I build the image without the dnf update -y line it works fine, it's only updating to the latest packages, that breaks rootless running.
Reproducer
build and run this image using podman in rootless mode:
Dockerfile
FROM registry.access.redhat.com/ubi9/httpd-24:latest
USER root
RUN dnf update -y && dnf clean all -y
USER default
Build with podman
podman build -t httpd -f ./Dockerfile
Run with podman rootless
podman run --rm -p 8080:8080 --name httpd-test -d httpd:latest && podman logs -f httpd-test