Pulling Image with Podman fails

ℹ️ Support 📦 Appliances (Docker, Snappy, VM, NCP, AIO)
,
1

Hi folks,
pulling the lates container image somehow fails:

— Ouput Start —
podman pull nextcloud:latest
Trying to pull Docker…
Getting image source signatures
Copying blob 0b95dc92ce55 skipped: already exists
Copying blob 3630ff9f8131 skipped: already exists
Copying blob 49efbc577363 skipped: already exists
Copying blob df983cae2963 skipped: already exists
Copying blob 52fed2cf4dcf skipped: already exists
Copying blob 3f9582a2cbe7 skipped: already exists
Copying blob 67f8c0d52f1b done
Copying blob badf42672f1b skipped: already exists
Copying blob 2b1486dc588a [--------------------------------------] 0.0b / 11.5MiB
Copying blob 38903b4023ba done
Copying blob 1db4595db504 done
Copying blob 8bcad7e27384 done
Copying blob 3b90b0af60c1 done
Copying blob 26e509c2dec8 done
Copying blob f01f672c2271 done
Copying blob 146812f86d95 done
Copying blob ac4aa6a3de18 done
Copying blob ad4c257af01e done
Copying blob bc8cd4993290 done
Copying blob aea05912b5bb done
Error: copying system image from manifest list: reading blob sha256:2b1486dc588a5812b6b7233175bd774ac8789e48fadfaa4ff363d8fd6acb091b: fetching blob: StatusCode: 403,

<meta http-equiv="Content-Type" ...

— Ouput End ---------------------------

I’m on linux (fedora 37).
It used to work, however, I want to update the container, it always fails with blob 2b1486dc588a and I get a http status code 403.

There’s a firewall between, however there is no log entry to find, this also schould not necessarily result in a 403 code.

What could it be?

Best regards

2

hello @op welcome to the forum :handshake:

I think the issue is related to podman better ask their community…

3

Hi, thanks for the reply and welcome.

It actually was related to the firewall I’m using.
I ruled that out too early.

It is a hardware firewall acting as a transparent reverse proxy that intercepts https connections in order to scan for viruses.

Fore some reason the scan engine was not able to scan blob 2b1486dc588a.

The firewall is configured to block any file that it is not able to scan.
And to make things worse, it looks like as it does not log blocked files at all.
(I belive they were intending that the user will see an notification in browser that this or that file has been blocked. However this notification does not appear on command line)

This does not happen frequent, its the only occasion I recognise this using docker/podman.
On the other hand, I’m not using many container, just 4.

Would be interesting to know why the scan fails on that particular blob.

1 Like
4

This topic was automatically closed after 21 days. New replies are no longer allowed.