summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel J Walsh <dwalsh@redhat.com>2022-04-21 17:03:45 -0400
committerDaniel J Walsh <dwalsh@redhat.com>2022-04-21 17:05:16 -0400
commitcc3790f332d989440eb1720e24e3619fc97c74ee (patch)
treef3861d4c3d17a7e9d0291a6f3288d6f9a411e373
parentbdbd477c286b8bcf27a498d0f8b0e8ba7642a018 (diff)
downloadpodman-cc3790f332d989440eb1720e24e3619fc97c74ee.tar.gz
podman-cc3790f332d989440eb1720e24e3619fc97c74ee.tar.bz2
podman-cc3790f332d989440eb1720e24e3619fc97c74ee.zip
Switch all rootful to rootfull
We are inconsistent on the name, we should stick with rootfull. [NO NEW TESTS NEEDED] Existing tests should handle this and no tests for machines exists yet. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
-rw-r--r--cmd/podman/machine/init.go15
-rw-r--r--cmd/podman/machine/set.go7
-rwxr-xr-xcontrib/cirrus/logformatter2
-rw-r--r--contrib/podmanimage/README.md2
-rw-r--r--contrib/remote/containers.conf2
-rw-r--r--docs/source/markdown/podman-build.1.md2
-rw-r--r--docs/source/markdown/podman-image-scp.1.md2
-rw-r--r--docs/source/markdown/podman-machine-init.1.md6
-rw-r--r--docs/source/markdown/podman-machine-set.1.md20
-rw-r--r--libpod/networking_slirp4netns.go2
-rw-r--r--pkg/bindings/README.md8
-rw-r--r--pkg/domain/infra/abi/images.go6
-rw-r--r--pkg/machine/config.go4
-rw-r--r--pkg/machine/qemu/config.go8
-rw-r--r--pkg/machine/qemu/machine.go20
-rw-r--r--pkg/machine/wsl/machine.go22
-rw-r--r--rootless.md2
-rw-r--r--test/e2e/exec_test.go2
-rw-r--r--test/e2e/mount_rootless_test.go2
-rw-r--r--test/e2e/network_test.go2
-rw-r--r--test/system/270-socket-activation.bats2
-rw-r--r--test/system/helpers.bash2
22 files changed, 76 insertions, 64 deletions
diff --git a/cmd/podman/machine/init.go b/cmd/podman/machine/init.go
index 2d0afbf05..06c1f7248 100644
--- a/cmd/podman/machine/init.go
+++ b/cmd/podman/machine/init.go
@@ -12,6 +12,7 @@ import (
"github.com/containers/podman/v4/pkg/machine"
"github.com/pkg/errors"
"github.com/spf13/cobra"
+ "github.com/spf13/pflag"
)
var (
@@ -106,8 +107,18 @@ func init() {
flags.StringVar(&initOpts.IgnitionPath, IgnitionPathFlagName, "", "Path to ignition file")
_ = initCmd.RegisterFlagCompletionFunc(IgnitionPathFlagName, completion.AutocompleteDefault)
- rootfulFlagName := "rootful"
- flags.BoolVar(&initOpts.Rootful, rootfulFlagName, false, "Whether this machine should prefer rootful container execution")
+ rootfullFlagName := "rootfull"
+ flags.BoolVar(&initOpts.Rootfull, rootfullFlagName, false, "Whether this machine should prefer rootfull container execution")
+ flags.SetNormalizeFunc(aliasFlags)
+}
+
+// aliasFlags is a function to handle backwards compatibility with old flags
+func aliasFlags(f *pflag.FlagSet, name string) pflag.NormalizedName {
+ switch name {
+ case "rootful":
+ name = "rootfull"
+ }
+ return pflag.NormalizedName(name)
}
// TODO should we allow for a users to append to the qemu cmdline?
diff --git a/cmd/podman/machine/set.go b/cmd/podman/machine/set.go
index 4c15f1de1..b1dfb51da 100644
--- a/cmd/podman/machine/set.go
+++ b/cmd/podman/machine/set.go
@@ -17,7 +17,7 @@ var (
Long: "Sets an updatable virtual machine setting",
RunE: setMachine,
Args: cobra.MaximumNArgs(1),
- Example: `podman machine set --rootful=false`,
+ Example: `podman machine set --rootfull=false`,
ValidArgsFunction: completion.AutocompleteNone,
}
)
@@ -33,8 +33,9 @@ func init() {
})
flags := setCmd.Flags()
- rootfulFlagName := "rootful"
- flags.BoolVar(&setOpts.Rootful, rootfulFlagName, false, "Whether this machine should prefer rootful container execution")
+ rootfullFlagName := "rootfull"
+ flags.BoolVar(&setOpts.Rootfull, rootfullFlagName, false, "Whether this machine should prefer rootfull container execution")
+ flags.SetNormalizeFunc(aliasFlags)
}
func setMachine(cmd *cobra.Command, args []string) error {
diff --git a/contrib/cirrus/logformatter b/contrib/cirrus/logformatter
index 3ec839aa8..3c52e612b 100755
--- a/contrib/cirrus/logformatter
+++ b/contrib/cirrus/logformatter
@@ -204,7 +204,7 @@ END_HTML
print { $out_fh } "<pre> <!-- begin processed output -->\n";
- # Assume rootful prompt, check for rootless (here and in log itself, below)
+ # Assume rootfull prompt, check for rootless (here and in log itself, below)
my $Prompt = '#';
$Prompt = '$' if $test_name =~ /rootless/;
diff --git a/contrib/podmanimage/README.md b/contrib/podmanimage/README.md
index 4f184ca28..58c14be72 100644
--- a/contrib/podmanimage/README.md
+++ b/contrib/podmanimage/README.md
@@ -70,4 +70,4 @@ file to `/etc/modules.load.d`. See `man modules-load.d` for more details.
### Blog Post with Details
-Dan Walsh wrote a blog post on the [Enable Sysadmin](https://www.redhat.com/sysadmin/) site titled [How to use Podman inside of a container](https://www.redhat.com/sysadmin/podman-inside-container). In it, he details how to use these images as a rootful and as a rootless user. Please refer to this blog for more detailed information.
+Dan Walsh wrote a blog post on the [Enable Sysadmin](https://www.redhat.com/sysadmin/) site titled [How to use Podman inside of a container](https://www.redhat.com/sysadmin/podman-inside-container). In it, he details how to use these images as a rootfull and as a rootless user. Please refer to this blog for more detailed information.
diff --git a/contrib/remote/containers.conf b/contrib/remote/containers.conf
index 9b0b62c42..45f58171a 100644
--- a/contrib/remote/containers.conf
+++ b/contrib/remote/containers.conf
@@ -7,5 +7,5 @@
# Default Remote URI to access the Podman service.
# Examples:
# remote rootless ssh://engineering.lab.company.com/run/user/1000/podman/podman.sock
-# remote rootful ssh://root@10.10.1.136:22/run/podman/podman.sock
+# remote rootfull ssh://root@10.10.1.136:22/run/podman/podman.sock
# remote_uri= ""
diff --git a/docs/source/markdown/podman-build.1.md b/docs/source/markdown/podman-build.1.md
index 1080581d7..5793ecae5 100644
--- a/docs/source/markdown/podman-build.1.md
+++ b/docs/source/markdown/podman-build.1.md
@@ -429,7 +429,7 @@ container full access to local system services such as D-bus and is therefore
considered insecure.
- **ns:**_path_: path to a network namespace to join.
- **private**: create a new namespace for the container (default)
-- **\<network name|ID\>**: Join the network with the given name or ID, e.g. use `--network mynet` to join the network with the name mynet. Only supported for rootful users.
+- **\<network name|ID\>**: Join the network with the given name or ID, e.g. use `--network mynet` to join the network with the name mynet. Only supported for rootfull users.
#### **--no-cache**
diff --git a/docs/source/markdown/podman-image-scp.1.md b/docs/source/markdown/podman-image-scp.1.md
index 1d902da91..6d5a51298 100644
--- a/docs/source/markdown/podman-image-scp.1.md
+++ b/docs/source/markdown/podman-image-scp.1.md
@@ -8,7 +8,7 @@ podman-image-scp - Securely copy an image from one host to another
## DESCRIPTION
**podman image scp** copies container images between hosts on a network. You can load to the remote host or from the remote host as well as in between two remote hosts.
-Note: `::` is used to specify the image name depending on if you are saving or loading. Images can also be transferred from rootful to rootless storage on the same machine without using sshd. This feature is not supported on the remote client, including Mac and Windows (excluding WSL2) machines.
+Note: `::` is used to specify the image name depending on if you are saving or loading. Images can also be transferred from rootfull to rootless storage on the same machine without using sshd. This feature is not supported on the remote client, including Mac and Windows (excluding WSL2) machines.
**podman image scp [GLOBAL OPTIONS]**
diff --git a/docs/source/markdown/podman-machine-init.1.md b/docs/source/markdown/podman-machine-init.1.md
index 33947bbba..e42c5025b 100644
--- a/docs/source/markdown/podman-machine-init.1.md
+++ b/docs/source/markdown/podman-machine-init.1.md
@@ -59,9 +59,9 @@ Memory (in MB).
Start the virtual machine immediately after it has been initialized.
-#### **--rootful**=*true|false*
+#### **--rootfull**=*true|false*
-Whether this machine should prefer rootful (`true`) or rootless (`false`)
+Whether this machine should prefer rootfull (`true`) or rootless (`false`)
container execution. This option will also determine the remote connection default
if there is no existing remote connection configurations.
@@ -95,7 +95,7 @@ Driver to use for mounting volumes from the host, such as `virtfs`.
```
$ podman machine init
$ podman machine init myvm
-$ podman machine init --rootful
+$ podman machine init --rootfull
$ podman machine init --disk-size 50
$ podman machine init --memory=1024 myvm
$ podman machine init -v /Users:/mnt/Users
diff --git a/docs/source/markdown/podman-machine-set.1.md b/docs/source/markdown/podman-machine-set.1.md
index a4918eacf..e69a7dc14 100644
--- a/docs/source/markdown/podman-machine-set.1.md
+++ b/docs/source/markdown/podman-machine-set.1.md
@@ -19,39 +19,39 @@ subset can be changed after machine initialization.
Print usage statement.
-#### **--rootful**=*true|false*
+#### **--rootfull**=*true|false*
-Whether this machine should prefer rootful (`true`) or rootless (`false`)
+Whether this machine should prefer rootfull (`true`) or rootless (`false`)
container execution. This option will also update the current podman
remote connection default if it is currently pointing at the specified
machine name (or `podman-machine-default` if no name is specified).
Unlike [**podman system connection default**](podman-system-connection-default.1.md)
-this option will also make the API socket, if available, forward to the rootful/rootless
+this option will also make the API socket, if available, forward to the rootfull/rootless
socket in the VM.
## EXAMPLES
-To switch the default VM `podman-machine-default` from rootless to rootful:
+To switch the default VM `podman-machine-default` from rootless to rootfull:
```
-$ podman machine set --rootful
+$ podman machine set --rootfull
```
or more explicitly:
```
-$ podman machine set --rootful=true
+$ podman machine set --rootfull=true
```
-To switch the default VM `podman-machine-default` from rootful to rootless:
+To switch the default VM `podman-machine-default` from rootfull to rootless:
```
-$ podman machine set --rootful=false
+$ podman machine set --rootfull=false
```
-To switch the VM `myvm` from rootless to rootful:
+To switch the VM `myvm` from rootless to rootfull:
```
-$ podman machine set --rootful myvm
+$ podman machine set --rootfull myvm
```
## SEE ALSO
diff --git a/libpod/networking_slirp4netns.go b/libpod/networking_slirp4netns.go
index 4a0ef0b3a..4b1203dc3 100644
--- a/libpod/networking_slirp4netns.go
+++ b/libpod/networking_slirp4netns.go
@@ -210,7 +210,7 @@ func createBasicSlirp4netnsCmdArgs(options *slirp4netnsNetworkOptions, features
return cmdArgs, nil
}
-// setupSlirp4netns can be called in rootful as well as in rootless
+// setupSlirp4netns can be called in rootfull as well as in rootless
func (r *Runtime) setupSlirp4netns(ctr *Container, netns ns.NetNS) error {
path := r.config.Engine.NetworkCmdPath
if path == "" {
diff --git a/pkg/bindings/README.md b/pkg/bindings/README.md
index ebc8a13d1..713adb104 100644
--- a/pkg/bindings/README.md
+++ b/pkg/bindings/README.md
@@ -9,7 +9,7 @@ The bindings require that the Podman system service is running for the specified
by calling the service directly.
### Starting the service with system
-The command to start the Podman service differs slightly depending on the user that is running the service. For a rootful service,
+The command to start the Podman service differs slightly depending on the user that is running the service. For a rootfull service,
start the service like this:
```
# systemctl start podman.socket
@@ -26,7 +26,7 @@ It can be handy to run the system service manually. Doing so allows you to enab
$ podman --log-level=debug system service -t0
```
If you do not provide a specific path for the socket, a default is provided. The location of that socket for
-rootful connections is `/run/podman/podman.sock` and for rootless it is `/run/USERID#/podman/podman.sock`. For more
+rootfull connections is `/run/podman/podman.sock` and for rootless it is `/run/USERID#/podman/podman.sock`. For more
information about the Podman system service, see `man podman-system-service`.
### Creating a connection
@@ -35,7 +35,7 @@ as they will be required to compile a Go program making use of the bindings.
The first step for using the bindings is to create a connection to the socket. As mentioned earlier, the destination
-of the socket depends on the user who owns it. In this case, a rootful connection is made.
+of the socket depends on the user who owns it. In this case, a rootfull connection is made.
```
import (
@@ -59,7 +59,7 @@ The `conn` variable returned from the `bindings.NewConnection` function can then
to interact with containers.
### Examples
-The following examples build upon the connection example from above. They are all rootful connections as well.
+The following examples build upon the connection example from above. They are all rootfull connections as well.
Note: Optional arguments to the bindings methods are set using With*() methods on *Option structures.
Composite types are not duplicated rather the address is used. As such, you should not change an underlying
diff --git a/pkg/domain/infra/abi/images.go b/pkg/domain/infra/abi/images.go
index 74478b26d..43440b594 100644
--- a/pkg/domain/infra/abi/images.go
+++ b/pkg/domain/infra/abi/images.go
@@ -367,7 +367,7 @@ func (ir *ImageEngine) Transfer(ctx context.Context, source entities.ImageScpOpt
if rootless.IsRootless() && (len(dest.User) == 0 || dest.User == "root") { // if we are rootless and do not have a destination user we can just use sudo
return transferRootless(source, dest, podman, parentFlags)
}
- return transferRootful(source, dest, podman, parentFlags)
+ return transferRootfull(source, dest, podman, parentFlags)
}
func (ir *ImageEngine) Tag(ctx context.Context, nameOrID string, tags []string, options entities.ImageTagOptions) error {
@@ -785,8 +785,8 @@ func transferRootless(source entities.ImageScpOptions, dest entities.ImageScpOpt
return cmdLoad.Run()
}
-// TransferRootful creates new podman processes using exec.Command and a new uid/gid alongside a cleared environment
-func transferRootful(source entities.ImageScpOptions, dest entities.ImageScpOptions, podman string, parentFlags []string) error {
+// transferRootfull creates new podman processes using exec.Command and a new uid/gid alongside a cleared environment
+func transferRootfull(source entities.ImageScpOptions, dest entities.ImageScpOptions, podman string, parentFlags []string) error {
basicCommand := []string{podman}
basicCommand = append(basicCommand, parentFlags...)
saveCommand := append(basicCommand, "save")
diff --git a/pkg/machine/config.go b/pkg/machine/config.go
index 6c2fab0e5..5dc5f6105 100644
--- a/pkg/machine/config.go
+++ b/pkg/machine/config.go
@@ -28,7 +28,7 @@ type InitOptions struct {
URI url.URL
Username string
ReExec bool
- Rootful bool
+ Rootfull bool
// The numerical userid of the user that called machine
UID string
}
@@ -95,7 +95,7 @@ type ListResponse struct {
}
type SetOptions struct {
- Rootful bool
+ Rootfull bool
}
type SSHOptions struct {
diff --git a/pkg/machine/qemu/config.go b/pkg/machine/qemu/config.go
index 4d4e3a6c1..6ab25b951 100644
--- a/pkg/machine/qemu/config.go
+++ b/pkg/machine/qemu/config.go
@@ -57,8 +57,8 @@ type MachineVMV1 struct {
QMPMonitor Monitorv1
// RemoteUsername of the vm user
RemoteUsername string
- // Whether this machine should run in a rootful or rootless manner
- Rootful bool
+ // Whether this machine should run in a rootfull or rootless manner
+ Rootfull bool
// UID is the numerical id of the user that called machine
UID int
}
@@ -99,8 +99,8 @@ type ImageConfig struct {
// HostUser describes the host user
type HostUser struct {
- // Whether this machine should run in a rootful or rootless manner
- Rootful bool
+ // Whether this machine should run in a rootfull or rootless manner
+ Rootfull bool
// UID is the numerical id of the user that called machine
UID int
}
diff --git a/pkg/machine/qemu/machine.go b/pkg/machine/qemu/machine.go
index a3dedeedb..4cfd4e8b0 100644
--- a/pkg/machine/qemu/machine.go
+++ b/pkg/machine/qemu/machine.go
@@ -204,7 +204,7 @@ func migrateVM(configPath string, config []byte, vm *MachineVM) error {
vm.QMPMonitor = qmpMonitor
vm.ReadySocket = readySocket
vm.RemoteUsername = old.RemoteUsername
- vm.Rootful = old.Rootful
+ vm.Rootfull = old.Rootfull
vm.UID = old.UID
// Backup the original config file
@@ -258,7 +258,7 @@ func (v *MachineVM) Init(opts machine.InitOptions) (bool, error) {
)
sshDir := filepath.Join(homedir.Get(), ".ssh")
v.IdentityPath = filepath.Join(sshDir, v.Name)
- v.Rootful = opts.Rootful
+ v.Rootfull = opts.Rootfull
switch opts.ImagePath {
case Testing, Next, Stable, "":
@@ -356,8 +356,8 @@ func (v *MachineVM) Init(opts machine.InitOptions) (bool, error) {
names := []string{v.Name, v.Name + "-root"}
// The first connection defined when connections is empty will become the default
- // regardless of IsDefault, so order according to rootful
- if opts.Rootful {
+ // regardless of IsDefault, so order according to rootfull
+ if opts.Rootfull {
uris[0], names[0], uris[1], names[1] = uris[1], names[1], uris[0], names[0]
}
@@ -435,7 +435,7 @@ func (v *MachineVM) Init(opts machine.InitOptions) (bool, error) {
}
func (v *MachineVM) Set(_ string, opts machine.SetOptions) error {
- if v.Rootful == opts.Rootful {
+ if v.Rootfull == opts.Rootfull {
return nil
}
@@ -459,7 +459,7 @@ func (v *MachineVM) Set(_ string, opts machine.SetOptions) error {
if changeCon {
newDefault := v.Name
- if opts.Rootful {
+ if opts.Rootfull {
newDefault += "-root"
}
if err := machine.ChangeDefault(newDefault); err != nil {
@@ -467,7 +467,7 @@ func (v *MachineVM) Set(_ string, opts machine.SetOptions) error {
}
}
- v.Rootful = opts.Rootful
+ v.Rootfull = opts.Rootfull
return v.writeConfig()
}
@@ -1117,7 +1117,7 @@ func (v *MachineVM) setupAPIForwarding(cmd []string) ([]string, string, apiForwa
destSock := fmt.Sprintf("/run/user/%d/podman/podman.sock", v.UID)
forwardUser := "core"
- if v.Rootful {
+ if v.Rootfull {
destSock = "/run/podman/podman.sock"
forwardUser = "root"
}
@@ -1323,11 +1323,11 @@ func (v *MachineVM) waitAPIAndPrintInfo(forwardState apiForwardingState, forward
}
waitAndPingAPI(forwardSock)
- if !v.Rootful {
+ if !v.Rootfull {
fmt.Printf("\nThis machine is currently configured in rootless mode. If your containers\n")
fmt.Printf("require root permissions (e.g. ports < 1024), or if you run into compatibility\n")
fmt.Printf("issues with non-podman clients, you can switch using the following command: \n")
- fmt.Printf("\n\tpodman machine set --rootful%s\n\n", suffix)
+ fmt.Printf("\n\tpodman machine set --rootfull%s\n\n", suffix)
}
fmt.Printf("API forwarding listening on: %s\n", forwardSock)
diff --git a/pkg/machine/wsl/machine.go b/pkg/machine/wsl/machine.go
index dff7bfef9..dc3f33fa7 100644
--- a/pkg/machine/wsl/machine.go
+++ b/pkg/machine/wsl/machine.go
@@ -165,8 +165,8 @@ type MachineVM struct {
Port int
// RemoteUsername of the vm user
RemoteUsername string
- // Whether this machine should run in a rootful or rootless manner
- Rootful bool
+ // Whether this machine should run in a rootfull or rootless manner
+ Rootfull bool
}
type ExitCodeError struct {
@@ -232,7 +232,7 @@ func (v *MachineVM) Init(opts machine.InitOptions) (bool, error) {
homeDir := homedir.Get()
sshDir := filepath.Join(homeDir, ".ssh")
v.IdentityPath = filepath.Join(sshDir, v.Name)
- v.Rootful = opts.Rootful
+ v.Rootfull = opts.Rootfull
if err := downloadDistro(v, opts); err != nil {
return false, err
@@ -316,8 +316,8 @@ func setupConnections(v *MachineVM, opts machine.InitOptions, sshDir string) err
names := []string{v.Name, v.Name + "-root"}
// The first connection defined when connections is empty will become the default
- // regardless of IsDefault, so order according to rootful
- if opts.Rootful {
+ // regardless of IsDefault, so order according to rootfull
+ if opts.Rootfull {
uris[0], names[0], uris[1], names[1] = uris[1], names[1], uris[0], names[0]
}
@@ -733,7 +733,7 @@ func pipeCmdPassThrough(name string, input string, arg ...string) error {
}
func (v *MachineVM) Set(name string, opts machine.SetOptions) error {
- if v.Rootful == opts.Rootful {
+ if v.Rootfull == opts.Rootfull {
return nil
}
@@ -744,7 +744,7 @@ func (v *MachineVM) Set(name string, opts machine.SetOptions) error {
if changeCon {
newDefault := v.Name
- if opts.Rootful {
+ if opts.Rootfull {
newDefault += "-root"
}
if err := machine.ChangeDefault(newDefault); err != nil {
@@ -752,7 +752,7 @@ func (v *MachineVM) Set(name string, opts machine.SetOptions) error {
}
}
- v.Rootful = opts.Rootful
+ v.Rootfull = opts.Rootfull
return v.writeConfig()
}
@@ -768,7 +768,7 @@ func (v *MachineVM) Start(name string, _ machine.StartOptions) error {
return errors.Wrap(err, "WSL bootstrap script failed")
}
- if !v.Rootful {
+ if !v.Rootfull {
fmt.Printf("\nThis machine is currently configured in rootless mode. If your containers\n")
fmt.Printf("require root permissions (e.g. ports < 1024), or if you run into compatibility\n")
fmt.Printf("issues with non-podman clients, you can switch using the following command: \n")
@@ -777,7 +777,7 @@ func (v *MachineVM) Start(name string, _ machine.StartOptions) error {
if name != machine.DefaultMachineName {
suffix = " " + name
}
- fmt.Printf("\n\tpodman machine set --rootful%s\n\n", suffix)
+ fmt.Printf("\n\tpodman machine set --rootfull%s\n\n", suffix)
}
globalName, pipeName, err := launchWinProxy(v)
@@ -833,7 +833,7 @@ func launchWinProxy(v *MachineVM) (bool, string, error) {
destSock := "/run/user/1000/podman/podman.sock"
forwardUser := v.RemoteUsername
- if v.Rootful {
+ if v.Rootfull {
destSock = "/run/podman/podman.sock"
forwardUser = "root"
}
diff --git a/rootless.md b/rootless.md
index 39c961d2a..d485290f2 100644
--- a/rootless.md
+++ b/rootless.md
@@ -18,7 +18,7 @@ can easily fail
* Some system unit configuration options do not work in the rootless container
* systemd fails to apply several options and failures are silently ignored (e.g. CPUShares, MemoryLimit). Should work on cgroup V2.
* Use of certain options will cause service startup failures (e.g. PrivateNetwork). The systemd services requiring `PrivateNetwork` can be made to work by passing `--cap-add SYS_ADMIN`, but the security implications should be carefully evaluated. In most cases, it's better to create an override.conf drop-in that sets `PrivateNetwork=no`. This also applies to containers run by root.
-* Can not share container images with CRI-O or other rootful users
+* Can not share container images with CRI-O or other rootfull users
* Difficult to use additional stores for sharing content
* Does not work on NFS or parallel filesystem homedirs (e.g. [GPFS](https://www.ibm.com/support/knowledgecenter/en/SSFKCN/gpfs_welcome.html))
* NFS and parallel filesystems enforce file creation on different UIDs on the server side and does not understand User Namespace.
diff --git a/test/e2e/exec_test.go b/test/e2e/exec_test.go
index 3987746d0..4cfaa9a2e 100644
--- a/test/e2e/exec_test.go
+++ b/test/e2e/exec_test.go
@@ -123,7 +123,7 @@ var _ = Describe("Podman exec", func() {
})
It("podman exec in keep-id container drops privileges", func() {
- SkipIfNotRootless("This function is not enabled for rootful podman")
+ SkipIfNotRootless("This function is not enabled for rootfull podman")
ctrName := "testctr1"
testCtr := podmanTest.Podman([]string{"run", "-d", "--name", ctrName, "--userns=keep-id", ALPINE, "top"})
testCtr.WaitWithDefaultTimeout()
diff --git a/test/e2e/mount_rootless_test.go b/test/e2e/mount_rootless_test.go
index 30d7ce8a9..830c2dcda 100644
--- a/test/e2e/mount_rootless_test.go
+++ b/test/e2e/mount_rootless_test.go
@@ -17,7 +17,7 @@ var _ = Describe("Podman mount", func() {
)
BeforeEach(func() {
- SkipIfNotRootless("This function is not enabled for rootful podman")
+ SkipIfNotRootless("This function is not enabled for rootfull podman")
SkipIfRemote("Podman mount not supported for remote connections")
tempdir, err = CreateTempDirInTempDir()
if err != nil {
diff --git a/test/e2e/network_test.go b/test/e2e/network_test.go
index 89a9005f5..a7981a4d8 100644
--- a/test/e2e/network_test.go
+++ b/test/e2e/network_test.go
@@ -254,7 +254,7 @@ var _ = Describe("Podman network", func() {
expectedNetworks := []string{name}
if !rootless.IsRootless() {
- // rootful image contains "podman/cni/87-podman-bridge.conflist" for "podman" network
+ // rootfull image contains "podman/cni/87-podman-bridge.conflist" for "podman" network
expectedNetworks = append(expectedNetworks, "podman")
}
session := podmanTest.Podman(append([]string{"network", "inspect"}, expectedNetworks...))
diff --git a/test/system/270-socket-activation.bats b/test/system/270-socket-activation.bats
index 6d582be18..19f68abdd 100644
--- a/test/system/270-socket-activation.bats
+++ b/test/system/270-socket-activation.bats
@@ -90,7 +90,7 @@ function teardown() {
@test "podman system service - socket activation - kill rootless pause" {
if ! is_rootless; then
- skip "there is no pause process when running rootful"
+ skip "there is no pause process when running rootfull"
fi
run_podman run -d $IMAGE sleep 90
cid="$output"
diff --git a/test/system/helpers.bash b/test/system/helpers.bash
index 0d336592f..bbe09b4cc 100644
--- a/test/system/helpers.bash
+++ b/test/system/helpers.bash
@@ -483,7 +483,7 @@ function skip_if_root_ubuntu {
if is_ubuntu; then
if ! is_remote; then
if ! is_rootless; then
- skip "Cannot run this test on rootful ubuntu, usually due to user errors"
+ skip "Cannot run this test on rootfull ubuntu, usually due to user errors"
fi
fi
fi