Warning is not always printed when using a poststop hook with `/bin/false`

[eriksjolund]

1. Build crun from git main branch (git commit 96e9b99) and install the binary to ~/crun/crun
2. Create hooks dir

   mkdir $HOME/hooks.d
   

3. Create policy file $HOME/hooks.d/foobar.json containing

   {
     "version": "1.0.0",
     "hook": {
       "path": "/bin/false"
     },
     "when": {
       "annotations": {
         "^myannotation$": "yes"
       }
     },
     "stages": ["poststop"]
   }
   

4. Create file $HOME/test.bash containing

   #!/bin/bash
   set -o nounset
   runtime=$1
   podman \
     --runtime $runtime \
     --hooks-dir ~/hooks.d \
     run \
     --pull never \
     --rm \
     --annotation myannotation=yes \
     docker.io/library/alpine \
     sh -c "echo hello"
   
   echo return value = $?
   

5. Run bash test.bash ~/crun/crun a few times

   $ bash test.bash ~/crun/crun
   hello
   WARN[0000] Container 66b7ba585f7e989d8078c29992fab3624e71507d2af0d79f5fd586639f7f0527: poststop hook 0: executing []: exit status 1 
   return value = 0
   $ bash test.bash ~/crun/crun
   hello
   return value = 0
   $
   

   result: The warning is not always printed.

discussion

Should the warning always be printed?

side note:
I tried the same with runc but got similar results.

about the system

crun built from git main branch (git commit 96e9b99)

runc version 1.4.0

podman version 5.7.1

$ ~/crun/crun --version
crun version 1.26.0.0.0.1-96e9b
commit: 96e9b992c6839c84c83327d51b1808b7719e8c4d
rundir: /run/user/1005/crun
spec: 1.0.0
+SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +YAJL
$ podman --version
podman version 5.7.1
$ runc --version
runc version 1.4.0
spec: 1.3.0
go: go1.25.4 X:nodwarf5
libseccomp: 2.6.0
$ rpm-ostree status
State: idle
warning: Failed to query journal: couldn't find current boot in journal
Deployments:
● ostree-image-signed:docker://quay.io/fedora/fedora-coreos:rawhide
                   Digest: sha256:32e07fd28e5fa8a9417334ed11b227670c95321eaf8194e2451410438e424502
                  Version: 44.20251219.91.0 (2025-12-19T07:37:08Z)
          LayeredPackages: docker-buildkit docker-buildx emacs-nox golang make

  ostree-image-signed:docker://quay.io/fedora/fedora-coreos:rawhide
                   Digest: sha256:32e07fd28e5fa8a9417334ed11b227670c95321eaf8194e2451410438e424502
                  Version: 44.20251219.91.0 (2025-12-19T07:37:08Z)

[eriksjolund]

Oh I realised the warning

WARN[0000] Container 66b7ba585f7e989d8078c29992fab3624e71507d2af0d79f5fd586639f7f0527: poststop hook 0: executing []: exit status 1 

seems to be written by podman

https://github.com/containers/podman/blob/f9c3f893af1f45a7aa1fe3e7324c3dea656ac2d5/libpod/container_internal.go#L2332