Bugzilla – Bug 1143349
docker --userns-remap=default fails on-start
Last modified: 2020-01-13 23:40:07 UTC
When trying to start a fresh Docker install with --userns-remap=default, it fails to start and gives the following error: > failed to start daemon: Error during groupname lookup for "dockremap": getent unable to find entry "dockremap" in group database Looks to be a regression, and a strange one at that -- there shouldn't be a need to check for the "dockremap" group since sub[ug]ids are associated with users and not groups. In the past this worked fine so there was probably a change made some time ago. The fix from our side is to create the users in the package, but I'll send a patch upstream to fix this (IMHO) incorrect behaviour.
Fixed in openSUSE, on its way to SLE.
SUSE-SU-2020:0035-1: An update that solves one vulnerability and has 5 fixes is now available. Category: security (moderate) Bug References: 1122469,1143349,1150397,1152308,1153367,1158590 CVE References: CVE-2019-16884 Sources used: SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src): containerd-1.2.10-5.19.1, containerd-kubic-1.2.10-5.19.1, docker-19.03.5_ce-6.31.1, docker-kubic-19.03.5_ce-6.31.1, docker-runc-kubic-1.0.0rc8+gitr3917_3e425f80a8c9-6.27.1, golang-github-docker-libnetwork-0.7.0.1+gitr2877_3eb39382bfa6-4.18.1, golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2877_3eb39382bfa6-4.18.1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (src): containerd-1.2.10-5.19.1, docker-19.03.5_ce-6.31.1, golang-github-docker-libnetwork-0.7.0.1+gitr2877_3eb39382bfa6-4.18.1 SUSE Linux Enterprise Module for Containers 15-SP1 (src): containerd-1.2.10-5.19.1, docker-19.03.5_ce-6.31.1, docker-runc-1.0.0rc8+gitr3917_3e425f80a8c9-6.27.1, golang-github-docker-libnetwork-0.7.0.1+gitr2877_3eb39382bfa6-4.18.1 SUSE Linux Enterprise Module for Containers 15 (src): containerd-1.2.10-5.19.1, docker-19.03.5_ce-6.31.1, docker-runc-1.0.0rc8+gitr3917_3e425f80a8c9-6.27.1, golang-github-docker-libnetwork-0.7.0.1+gitr2877_3eb39382bfa6-4.18.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2020:0065-1: An update that solves one vulnerability and has 5 fixes is now available. Category: security (moderate) Bug References: 1122469,1143349,1150397,1152308,1153367,1158590 CVE References: CVE-2019-16884 Sources used: SUSE Linux Enterprise Module for Containers 12 (src): containerd-1.2.10-16.26.1, docker-19.03.5_ce-98.51.1, docker-runc-1.0.0rc8+gitr3917_3e425f80a8c9-1.35.1, golang-github-docker-libnetwork-0.7.0.1+gitr2877_3eb39382bfa6-28.1 SUSE CaaS Platform 3.0 (src): containerd-kubic-1.2.10-16.26.1, docker-kubic-19.03.5_ce-98.51.1, docker-runc-kubic-1.0.0rc8+gitr3917_3e425f80a8c9-1.35.1, golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2877_3eb39382bfa6-28.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
openSUSE-SU-2020:0045-1: An update that solves one vulnerability and has 5 fixes is now available. Category: security (moderate) Bug References: 1122469,1143349,1150397,1152308,1153367,1158590 CVE References: CVE-2019-16884 Sources used: openSUSE Leap 15.1 (src): containerd-1.2.10-lp151.2.9.1, docker-19.03.5_ce-lp151.2.15.1, docker-runc-1.0.0rc8+gitr3917_3e425f80a8c9-lp151.3.12.1, golang-github-docker-libnetwork-0.7.0.1+gitr2877_3eb39382bfa6-lp151.2.9.1