diff options
author | Daniel J Walsh <dwalsh@redhat.com> | 2021-03-08 16:04:20 -0500 |
---|---|---|
committer | Daniel J Walsh <dwalsh@redhat.com> | 2021-03-10 06:34:47 -0500 |
commit | c9ef2607104a0b17e5146b3ee01852edb7d3d688 (patch) | |
tree | 242c642f1495c16038bf4145d583fa67f0e27d0e | |
parent | 5331096b3882cd5c8e587200560e44ef1eb990a3 (diff) | |
download | podman-c9ef2607104a0b17e5146b3ee01852edb7d3d688.tar.gz podman-c9ef2607104a0b17e5146b3ee01852edb7d3d688.tar.bz2 podman-c9ef2607104a0b17e5146b3ee01852edb7d3d688.zip |
Document CONTAINERS_CONF/CONTAINERS_STORAGE_CONF Env variables
Also Switch to using CONTAINERS_REGISTRIES_CONF for registries.conf
overrides.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
-rw-r--r-- | docs/source/markdown/podman.1.md | 8 | ||||
-rwxr-xr-x | hack/podman-socat | 4 | ||||
-rw-r--r-- | libpod/runtime_img_test.go | 4 | ||||
-rw-r--r-- | pkg/registries/registries.go | 5 | ||||
-rw-r--r-- | test/apiv2/rest_api/__init__.py | 4 | ||||
-rw-r--r-- | test/e2e/libpod_suite_remote_test.go | 6 | ||||
-rw-r--r-- | test/e2e/libpod_suite_test.go | 6 | ||||
-rw-r--r-- | test/e2e/login_logout_test.go | 8 | ||||
-rw-r--r-- | test/python/docker/__init__.py | 4 |
9 files changed, 29 insertions, 20 deletions
diff --git a/docs/source/markdown/podman.1.md b/docs/source/markdown/podman.1.md index 6f9e705c2..141d231f3 100644 --- a/docs/source/markdown/podman.1.md +++ b/docs/source/markdown/podman.1.md @@ -279,6 +279,8 @@ Distributions ship the `/usr/share/containers/containers.conf` file with their d Podman uses builtin defaults if no containers.conf file is found. +If the **CONTAINERS_CONF** environment variable is set, then its value is used for the containers.conf file rather than the default. + **mounts.conf** (`/usr/share/containers/mounts.conf`) The mounts.conf file specifies volume mount directories that are automatically mounted inside containers when executing the `podman run` or `podman start` commands. Administrators can override the defaults file by creating `/etc/containers/mounts.conf`. @@ -295,6 +297,8 @@ When Podman runs in rootless mode, the file `$HOME/.config/containers/mounts.con Non root users of Podman can create the `$HOME/.config/containers/registries.conf` file to be used instead of the system defaults. + If the **CONTAINERS_REGISTRIES_CONF** environment variable is set, then its value is used for the registries.conf file rather than the default. + **storage.conf** (`/etc/containers/storage.conf`, `$HOME/.config/containers/storage.conf`) storage.conf is the storage configuration file for all tools using containers/storage @@ -303,8 +307,10 @@ When Podman runs in rootless mode, the file `$HOME/.config/containers/mounts.con When Podman runs in rootless mode, the file `$HOME/.config/containers/storage.conf` is used instead of the system defaults. + If the **CONTAINERS_STORAGE_CONF** environment variable is set, the its value is used for the storage.conf file rather than the default. + ## Rootless mode -Podman can also be used as non-root user. When podman runs in rootless mode, a user namespace is automatically created for the user, defined in /etc/subuid and /etc/subgid. +Podman can also be used as non-root user. When podman runs in rootless mode, a user namespace is automatically created for the user, defined in /etc/subuid and /etc/subgid. Containers created by a non-root user are not visible to other users and are not seen or managed by Podman running as root. diff --git a/hack/podman-socat b/hack/podman-socat index 7bc571816..6ee6b89d8 100755 --- a/hack/podman-socat +++ b/hack/podman-socat @@ -54,8 +54,8 @@ trap "cleanup $TMPDIR" EXIT # Need locations to store stuff mkdir -p "${TMPDIR}"/{podman,crio,crio-run,cni/net.d,ctnr,tunnel} -export REGISTRIES_CONFIG_PATH=${TMPDIR}/registry.conf -cat >"$REGISTRIES_CONFIG_PATH" <<-EOT +export CONTAINERS_REGISTRIES_CONF=${TMPDIR}/registry.conf +cat >"$CONTAINERS_REGISTRIES_CONF" <<-EOT [registries.search] registries = ['docker.io'] [registries.insecure] diff --git a/libpod/runtime_img_test.go b/libpod/runtime_img_test.go index 7d6390c85..c25f3f08c 100644 --- a/libpod/runtime_img_test.go +++ b/libpod/runtime_img_test.go @@ -37,7 +37,7 @@ func TestGetRegistries(t *testing.T) { registryPath, err := createTmpFile([]byte(registry)) assert.NoError(t, err) defer os.Remove(registryPath) - os.Setenv("REGISTRIES_CONFIG_PATH", registryPath) + os.Setenv("CONTAINERS_REGISTRIES_CONF", registryPath) registries, err := sysreg.GetRegistries() assert.NoError(t, err) assert.True(t, reflect.DeepEqual(registries, []string{"one"})) @@ -46,7 +46,7 @@ func TestGetRegistries(t *testing.T) { func TestGetInsecureRegistries(t *testing.T) { registryPath, err := createTmpFile([]byte(registry)) assert.NoError(t, err) - os.Setenv("REGISTRIES_CONFIG_PATH", registryPath) + os.Setenv("CONTAINERS_REGISTRIES_CONF", registryPath) defer os.Remove(registryPath) registries, err := sysreg.GetInsecureRegistries() assert.NoError(t, err) diff --git a/pkg/registries/registries.go b/pkg/registries/registries.go index bf5dee2ce..34c9138e3 100644 --- a/pkg/registries/registries.go +++ b/pkg/registries/registries.go @@ -24,7 +24,10 @@ var userRegistriesFile = filepath.Join(os.Getenv("HOME"), ".config/containers/re // FIXME: This should be centralized in a global SystemContext initializer inherited throughout the code, // not haphazardly called throughout the way it is being called now. func SystemRegistriesConfPath() string { - if envOverride := os.Getenv("REGISTRIES_CONFIG_PATH"); len(envOverride) > 0 { + if envOverride, ok := os.LookupEnv("CONTAINERS_REGISTRIES_CONF"); ok { + return envOverride + } + if envOverride, ok := os.LookupEnv("REGISTRIES_CONFIG_PATH"); ok { return envOverride } diff --git a/test/apiv2/rest_api/__init__.py b/test/apiv2/rest_api/__init__.py index db0257f03..b7b8a7649 100644 --- a/test/apiv2/rest_api/__init__.py +++ b/test/apiv2/rest_api/__init__.py @@ -27,7 +27,7 @@ class Podman(object): self.cmd.append("--root=" + os.path.join(self.anchor_directory, "crio")) self.cmd.append("--runroot=" + os.path.join(self.anchor_directory, "crio-run")) - os.environ["REGISTRIES_CONFIG_PATH"] = os.path.join(self.anchor_directory, "registry.conf") + os.environ["CONTAINERS_REGISTRIES_CONF"] = os.path.join(self.anchor_directory, "registry.conf") p = configparser.ConfigParser() p.read_dict( { @@ -36,7 +36,7 @@ class Podman(object): "registries.block": {"registries": "[]"}, } ) - with open(os.environ["REGISTRIES_CONFIG_PATH"], "w") as w: + with open(os.environ["CONTAINERS_REGISTRIES_CONF"], "w") as w: p.write(w) os.environ["CNI_CONFIG_PATH"] = os.path.join(self.anchor_directory, "cni", "net.d") diff --git a/test/e2e/libpod_suite_remote_test.go b/test/e2e/libpod_suite_remote_test.go index a26765ee9..3115c246f 100644 --- a/test/e2e/libpod_suite_remote_test.go +++ b/test/e2e/libpod_suite_remote_test.go @@ -48,17 +48,17 @@ func (p *PodmanTestIntegration) PodmanExtraFiles(args []string, extraFiles []*os func (p *PodmanTestIntegration) setDefaultRegistriesConfigEnv() { defaultFile := filepath.Join(INTEGRATION_ROOT, "test/registries.conf") - os.Setenv("REGISTRIES_CONFIG_PATH", defaultFile) + os.Setenv("CONTAINERS_REGISTRIES_CONF", defaultFile) } func (p *PodmanTestIntegration) setRegistriesConfigEnv(b []byte) { outfile := filepath.Join(p.TempDir, "registries.conf") - os.Setenv("REGISTRIES_CONFIG_PATH", outfile) + os.Setenv("CONTAINERS_REGISTRIES_CONF", outfile) ioutil.WriteFile(outfile, b, 0644) } func resetRegistriesConfigEnv() { - os.Setenv("REGISTRIES_CONFIG_PATH", "") + os.Setenv("CONTAINERS_REGISTRIES_CONF", "") } func PodmanTestCreate(tempDir string) *PodmanTestIntegration { pti := PodmanTestCreateUtil(tempDir, true) diff --git a/test/e2e/libpod_suite_test.go b/test/e2e/libpod_suite_test.go index 0ae30ca10..cc03ccc96 100644 --- a/test/e2e/libpod_suite_test.go +++ b/test/e2e/libpod_suite_test.go @@ -31,17 +31,17 @@ func (p *PodmanTestIntegration) PodmanExtraFiles(args []string, extraFiles []*os func (p *PodmanTestIntegration) setDefaultRegistriesConfigEnv() { defaultFile := filepath.Join(INTEGRATION_ROOT, "test/registries.conf") - os.Setenv("REGISTRIES_CONFIG_PATH", defaultFile) + os.Setenv("CONTAINERS_REGISTRIES_CONF", defaultFile) } func (p *PodmanTestIntegration) setRegistriesConfigEnv(b []byte) { outfile := filepath.Join(p.TempDir, "registries.conf") - os.Setenv("REGISTRIES_CONFIG_PATH", outfile) + os.Setenv("CONTAINERS_REGISTRIES_CONF", outfile) ioutil.WriteFile(outfile, b, 0644) } func resetRegistriesConfigEnv() { - os.Setenv("REGISTRIES_CONFIG_PATH", "") + os.Setenv("CONTAINERS_REGISTRIES_CONF", "") } func PodmanTestCreate(tempDir string) *PodmanTestIntegration { diff --git a/test/e2e/login_logout_test.go b/test/e2e/login_logout_test.go index 99876de29..6269bb92b 100644 --- a/test/e2e/login_logout_test.go +++ b/test/e2e/login_logout_test.go @@ -125,15 +125,15 @@ var _ = Describe("Podman login and logout", func() { // Environment is per-process, so this looks very unsafe; actually it seems fine because tests are not // run in parallel unless they opt in by calling t.Parallel(). So don’t do that. - oldRCP, hasRCP := os.LookupEnv("REGISTRIES_CONFIG_PATH") + oldRCP, hasRCP := os.LookupEnv("CONTAINERS_REGISTRIES_CONF") defer func() { if hasRCP { - os.Setenv("REGISTRIES_CONFIG_PATH", oldRCP) + os.Setenv("CONTAINERS_REGISTRIES_CONF", oldRCP) } else { - os.Unsetenv("REGISTRIES_CONFIG_PATH") + os.Unsetenv("CONTAINERS_REGISTRIES_CONF") } }() - os.Setenv("REGISTRIES_CONFIG_PATH", registriesConf.Name()) + os.Setenv("CONTAINERS_REGISTRIES_CONF", registriesConf.Name()) session := podmanTest.Podman([]string{"login", "-u", "podmantest", "-p", "test"}) session.WaitWithDefaultTimeout() diff --git a/test/python/docker/__init__.py b/test/python/docker/__init__.py index da5630eac..59b7987f4 100644 --- a/test/python/docker/__init__.py +++ b/test/python/docker/__init__.py @@ -39,7 +39,7 @@ class Podman(object): self.cmd.append("--root=" + os.path.join(self.anchor_directory, "crio")) self.cmd.append("--runroot=" + os.path.join(self.anchor_directory, "crio-run")) - os.environ["REGISTRIES_CONFIG_PATH"] = os.path.join( + os.environ["CONTAINERS_REGISTRIES_CONF"] = os.path.join( self.anchor_directory, "registry.conf" ) p = configparser.ConfigParser() @@ -50,7 +50,7 @@ class Podman(object): "registries.block": {"registries": "[]"}, } ) - with open(os.environ["REGISTRIES_CONFIG_PATH"], "w") as w: + with open(os.environ["CONTAINERS_REGISTRIES_CONF"], "w") as w: p.write(w) os.environ["CNI_CONFIG_PATH"] = os.path.join( |