Red Hat 8.6 FAPolicy Preventing Podman Containers from Running
/Error: unable to start container /user/bin/runc: error while loading shared libraries: libpthread.so.0: cannot open shared object file: Operation not permitted: OCI permission denied
How to Fix
sudo vi /etc/fapolicyd/rules.d/95-allow-open.rules
Append the following 2 lines of text to 95-allow-open.rules
allow perm=open exe=/usr/lib/libpthread.so.0 : all
allow perm=open exe=/usr/lib64/libpthread.so.0 : all
sudo fapolicyd-cli --update
sudo systemctl restart fapolicyd
Food for Thought
This may not be the correct way to fix this issue, however it definitely works. Red Hats documentation is a bit unclear in some regards, in my opinion. For additional information, you can read more about FA Policy using the following link - https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/security_hardening/assembly_blocking-and-allowing-applications-using-fapolicyd_security-hardening