aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorOpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com>2020-04-30 21:48:07 +0200
committerGitHub <noreply@github.com>2020-04-30 21:48:07 +0200
commitc31bf2e97644b76163624149bb130528c6a5a394 (patch)
tree460ab98447e435dfdb188fade7dbdeb76043c7b8
parent8c9e5fdaf09fd74fdd02ecae6f833bd552e20deb (diff)
parent399939a3de0740054d7d0f9fc97ab2466beb9916 (diff)
downloadpodman-c31bf2e97644b76163624149bb130528c6a5a394.tar.gz
podman-c31bf2e97644b76163624149bb130528c6a5a394.tar.bz2
podman-c31bf2e97644b76163624149bb130528c6a5a394.zip
Merge pull request #6056 from jwhonce/wip/rootless
V2 Commands that require ParentNS (rootful) are report error
-rw-r--r--cmd/podman/containers/unmount.go3
-rw-r--r--cmd/podman/main.go11
2 files changed, 14 insertions, 0 deletions
diff --git a/cmd/podman/containers/unmount.go b/cmd/podman/containers/unmount.go
index a4550abbd..7b6eb5553 100644
--- a/cmd/podman/containers/unmount.go
+++ b/cmd/podman/containers/unmount.go
@@ -27,6 +27,9 @@ var (
Args: func(cmd *cobra.Command, args []string) error {
return parse.CheckAllLatestAndCIDFile(cmd, args, false, false)
},
+ Annotations: map[string]string{
+ registry.ParentNSRequired: "",
+ },
Example: `podman umount ctrID
podman umount ctrID1 ctrID2 ctrID3
podman umount --all`,
diff --git a/cmd/podman/main.go b/cmd/podman/main.go
index 481214a38..3a8958b6d 100644
--- a/cmd/podman/main.go
+++ b/cmd/podman/main.go
@@ -1,6 +1,7 @@
package main
import (
+ "fmt"
"os"
_ "github.com/containers/libpod/cmd/podman/containers"
@@ -12,7 +13,9 @@ import (
"github.com/containers/libpod/cmd/podman/registry"
_ "github.com/containers/libpod/cmd/podman/system"
_ "github.com/containers/libpod/cmd/podman/volumes"
+ "github.com/containers/libpod/pkg/rootless"
"github.com/containers/storage/pkg/reexec"
+ "github.com/spf13/cobra"
)
func main() {
@@ -26,6 +29,14 @@ func main() {
for _, c := range registry.Commands {
for _, m := range c.Mode {
if cfg.EngineMode == m {
+ // Command cannot be run rootless
+ _, found := c.Command.Annotations[registry.ParentNSRequired]
+ if rootless.IsRootless() && found {
+ c.Command.RunE = func(cmd *cobra.Command, args []string) error {
+ return fmt.Errorf("cannot `%s` in rootless mode", cmd.CommandPath())
+ }
+ }
+
parent := rootCmd
if c.Parent != nil {
parent = c.Parent