[Silverblue] Failed to start Toolbox container!

Ask Fedora
,
1

Hiya, I recently reinstalled Silverblue. Everything seems to be working fine, except for Toolbox, which doesn’t want to start containers after creating them.

bash-5.2$ toolbox enter
Error: failed to start container fedora-toolbox-39

I tried running the container using Podman, and it appears I’m not permitted to start the container?

bash-5.2$ podman start fedora-toolbox-39
Error: unable to start container "bf77362dd5da5f3f5d04c52f9a58b7caf73b39b798489eeaaa6f609b8e88334c": crun: make `/var/home/maeve/.local/share/containers/storage/overlay/7808cc9f39b4bfc66c7a896c91769b841284fa4828f70af97805ef4f2f86bca9/merged` private: Permission denied: OCI permission denied

Running Toolbox with root worked fine, and I managed to enter a container. So I checked whether or not Podman was working at all without root, which thankfully, it was.

bash-5.2$ podman pull fedora:latest && podman run -it fedora
Trying to pull registry.fedoraproject.org/fedora:latest...
Getting image source signatures
Copying blob 718a00fe3212 skipped: already exists  
Copying config 368a084ba1 done   | 
Writing manifest to image destination
368a084ba17dcba88f5b23acfa47481131010219524fd9c41af87d709a04845b
[root@25669c5dc528 /]# ls
afs  bin  boot  dev  etc  home  lib  lib64  lost+found  media  mnt  opt  proc  root  run  sbin  srv  sys  tmp  usr  var
[root@25669c5dc528 /]#

I really don’t know how to fix this issue. Has anyone experienced this problem before? And could somebody help me, please?

2

What toolbox were you trying to enter? it looks like you were trying to enter a Fedora 39 image to me? Did you create a toolbox prior to this with Fedora 39 ?

What does toolbox list return ? or podman container list ?

3

I created a container:

bash-5.2$ toolbox create
Error: container fedora-toolbox-39 already exists
Enter with: toolbox enter
Run 'toolbox --help' for usage.

When I list my Toolbox containers it shows up:

bash-5.2$ toolbox list
IMAGE ID      IMAGE NAME                                    CREATED
e23f4a7692f4  registry.fedoraproject.org/fedora-toolbox:39  2 months ago

CONTAINER ID  CONTAINER NAME     CREATED            STATUS   IMAGE NAME
64f963d7c202  fedora-toolbox-39  About an hour ago  created  registry.fedoraproject.org/fedora-toolbox:39

But for whatever reason it doesn’t show up when listing my Podman containers:

bash-5.2$ podman container list
CONTAINER ID  IMAGE       COMMAND     CREATED     STATUS      PORTS       NAMES
4

What does podman ps -a and sudo podman ps -a show?

5

It showed this output:

bash-5.2$ podman ps -a
CONTAINER ID  IMAGE                                         COMMAND               CREATED            STATUS      PORTS       NAMES
64f963d7c202  registry.fedoraproject.org/fedora-toolbox:39  toolbox --log-lev...  About an hour ago  Created                 fedora-toolbox-39

Doing this as root with sudo didn’t show anything.

6

Interesting, so fedora-toolbox-39 exists, and isn’t a root container. Removing the container, and the image, and then starting from scratch results in the same issue, I presume?

7

Yeah, I’ve reset Podman with podman system reset, and it didn’t do anything.

8

Just for the sake of completeness, can you try:

toolbox create -n somealternativecontainername and see if it creates a usable container?

9

I don’t think it let’s you specify the container name.

bash-5.2$ toolbox create -n test
Error: unknown shorthand flag: 'n' in -n
Run 'toolbox --help' for usage.

The manual doesn’t show anything to do so, at least.

NAME
       toolbox - Tool for containerized command line environments on Linux

SYNOPSIS
       toolbox [--assumeyes | -y]
               [--help | -h]
               [--log-level LEVEL]
               [--log-podman]
               [--verbose | -v]
               COMMAND [ARGS...]
10

Ah, sorry, I work with distrobox most of the time, and -n is just for setting a “name” for a container.

Looks like toolbox doesn’t do that.

Try this instead, just to make sure something isn’t broken in toolbox itself:

toolbox create --distro fedora --release f38 to create an F38 toolbox, and see if that works.

11

toolbox create --distro fedora --release f38

This doesn’t work either, unfortunately.

I did try to manually specifying what container to use, and it told me it’s unsupported…?

bash-5.2$ toolbox enter --container frosty_hodgkin
Error: container frosty_hodgkin is too old and no longer supported 
Recreate it with Toolbox version 0.0.17 or newer.

I’m running a much newer version, so it doesn’t make any sense.

bash-5.2$ toolbox --version
toolbox version 0.0.99.5

I tried using a container I manually created with the following command, as well, although that didn’t work.

podman container create registry.fedoraproject.org/fedora-toolbox
12

Huh, honestly, I think I’d be filing a bug at this point, on the fedora bugzilla, against toolbox.

I’m not sure what’s going on there.

1 Like
13

In any case, thanks for your help!

14

Yeah, sorry I couldn’t be of more help.

15

I saw you tried this :
podman container create registry.fedoraproject.org/fedora-toolbox

Could you try :

toolbox create --image fedora-toolbox:39 --container my_minimal_toolbox

1 Like
16

Nope, didn’t make a difference!

17

Anyways, I tried to use Distrobox, and I ended up getting the same error message, so it isn’t an issue specific to Toolbox. Someone over on the Fedora Discord seems to think it might be because of my shared home directory.

When I reinstalled Fedora, I ended up installing NixOS alongside it; with them both sharing the same home partition. I don’t know if that might be the issue, but I’ll take a look at replicating it in a virtual machine.

Here’s the fstab configuration for my home partition:

UUID=9a1d3448-c80e-4244-98dc-7110599265e0 /var/home               btrfs   rw,subvolid=5      0 0
18

After you have done this

  • toolbox create --image fedora-toolbox:39 --container my_minimal_toolbox
    which would have downloaded a Fedora 39:latest image, and named it my_minimal_toolbox

  • You tried to do toolbox enter my_minimal_toolbox and nothing happened?

  • Can you try and run toolbox list and then podman container list It should show the image you just created my_minimal_toolbox :thinking:

  • Looking back through your thread, I have to ask. . . Are you currently in a container :thinking:
    I see a bash prompt I used to see when running systemd-nspawn containers with -bD flag :thinking:
    2024-02-19_11-55-14

Would be good to run machinectl list , machinectl status my_minimal_toolbox to see if there are containers running on your system.

Another question is if your user ( If you have one created) allowed to spawn containers. . .

19

I’m not in a container, this is a fresh install of Fedora, that’s why I have the default Bash prompt.

I tried to enter the container using toolbox enter my_minimal_toolbox. Running toolbox list shows the container, but podman list doesn’t- I still have to do podman ps -a for it to show up.

I have permission to make containers as well:

bash-5.2$ podman run -it fedora:latest
[root@424d78ffbbbf /]#
20

Would be good to run machinectl list , machinectl status my_minimal_toolbox to see if there are containers running on your system.

Check these commands to see if your user is able to run / create containers and is in the right groups.

  • You can check a user’s group memberships with the id command:
    id <username>

  • Replace <username> with the actual username. Look for the podman group in the output.
    uid=1000(username) gid=1000(username) groups=1000(username),10(wheel),1001(podman)

1 Like