Hi Eric,
Thank you for the detailed report and for identifying the Debian commit
that introduced this regression. Your analysis was very helpful.
I've triaged this bug and confirmed the root cause as you say: the nvtop
3.2.0-2 upload (originating from Debian) added an unconditional setcap
cap_perfmon to the postinst script, which breaks execution in rootless
Podman containers because they cannot satisfy host capabilities during
execve.
This will be forwarded to the Debian package maintainers for a policy
decision on how to handle the CAP_PERFMON capability — specifically
whether to make it conditional on Intel GPU detection or implement
graceful degradation when the capability is unavailable.
In the meantime, if you do not need Intel GPU memory reporting, you can
restore nvtop functionality in your container with:
sudo setcap -r /usr/bin/nvtop
This removes the CAP_PERFMON capability from the binary, allowing it to
run normally in rootless containers (Intel memory region stats will show
as "unknown" rather than total memory).
Thanks again for the thorough investigation.
** Changed in: nvtop (Ubuntu)
Status: New => Triaged
** Changed in: nvtop (Ubuntu)
Importance: Undecided => Medium
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2148148
Title:
Fail to run in Ubuntu 26.04 Podman rootless container: Operation not
permitted
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nvtop/+bug/2148148/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
