Wednesday, November 4, 2020

Minio on podman failed to run due to wrong selinux tag

 I tried to install minio on podman, following this guide.

I created a directory for data

# mkdir /data

I then start minio container

# podman run -dit -p 9000:9000 -e "MINIO_ACCESS_KEY=minioadmin" -e "MINIO_SECRET_KEY=myminioadmin" -v /data:/data  minio/minio server /data

The container was started, but exited as soon as it finished starting up

# podman ps

CONTAINER ID  IMAGE                         COMMAND       CREATED        STATUS            PORTS                   NAMES

# podman ps -a
CONTAINER ID  IMAGE                         COMMAND       CREATED        STATUS            PORTS                   NAMES
fb7073bc3baf  server /data  6 minutes ago  Exited (1) 6 minutes ago>9000/tcp  wonderful_galois

Checking the log, I found out that the container failed to start due to permission error on the /data
# podman logs fb 

The error is as in below image
selinux error while starting minio container

I checked the directory, but the permission is correct
# ls -ld /data
drwxr-xr-x. 3 root root 24 Nov  4 03:55 /data

This must be selinux. So I searched around for a proper tag for minio related files and directories. Referring to this article, I decided to use the tag for content as per that article.
# chcon -R system_u:object_r:container_file_t:s0 /data

Now, time to test. I rerun the container.
# podman start fb
# podman ps
CONTAINER ID  IMAGE                         COMMAND       CREATED         STATUS            PORTS                   NAMES
fb7073bc3baf  server /data  14 minutes ago  Up 2 seconds ago>9000/tcp  wonderful_galois

Yes, it worked. If you guys ever encounter the permission issue, make sure to check the selinux tag, besides checking the standard unix permission on the directory.

No comments: