summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGiuseppe Scrivano <gscrivan@redhat.com>2019-10-07 14:02:54 +0200
committerGiuseppe Scrivano <gscrivan@redhat.com>2019-10-09 23:39:18 +0200
commit5963077e93937046b6b13d6f1da8c1f932c0e6ff (patch)
tree9666910e2f6d3c25dcafe0f8dbb35f01027e36db
parent3ba3e1c7510d1780b6527a4aa52e40ac2c5b576a (diff)
downloadpodman-5963077e93937046b6b13d6f1da8c1f932c0e6ff.tar.gz
podman-5963077e93937046b6b13d6f1da8c1f932c0e6ff.tar.bz2
podman-5963077e93937046b6b13d6f1da8c1f932c0e6ff.zip
cli: support --systemd=always
it enforces the systemd mode also when the command name doesn't match /usr/sbin/init or systemd. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
-rwxr-xr-xAPI.md2
-rw-r--r--cmd/podman/cliconfig/defaults.go5
-rw-r--r--cmd/podman/common.go6
-rw-r--r--cmd/podman/shared/create.go14
-rw-r--r--cmd/podman/shared/intermediate.go2
-rw-r--r--cmd/podman/shared/intermediate_varlink.go5
-rw-r--r--cmd/podman/varlink/io.podman.varlink2
-rw-r--r--docs/podman-create.1.md9
-rw-r--r--docs/podman-run.1.md7
9 files changed, 33 insertions, 19 deletions
diff --git a/API.md b/API.md
index a9905c940..a2a093bec 100755
--- a/API.md
+++ b/API.md
@@ -1591,7 +1591,7 @@ subgidname [?string](#?string)
sysctl [?[]string](#?[]string)
-systemd [?bool](#?bool)
+systemd [?string](#?string)
tmpfs [?[]string](#?[]string)
diff --git a/cmd/podman/cliconfig/defaults.go b/cmd/podman/cliconfig/defaults.go
index d5dae0874..ce695d153 100644
--- a/cmd/podman/cliconfig/defaults.go
+++ b/cmd/podman/cliconfig/defaults.go
@@ -1,10 +1,5 @@
package cliconfig
-const (
- // DefaultSystemD value
- DefaultSystemD bool = true
-)
-
var (
// DefaultHealthCheckInterval default value
DefaultHealthCheckInterval = "30s"
diff --git a/cmd/podman/common.go b/cmd/podman/common.go
index 2a3f8f3ad..e93586b62 100644
--- a/cmd/podman/common.go
+++ b/cmd/podman/common.go
@@ -455,9 +455,9 @@ func getCreateFlags(c *cliconfig.PodmanCommand) {
"sysctl", []string{},
"Sysctl options (default [])",
)
- createFlags.Bool(
- "systemd", cliconfig.DefaultSystemD,
- "Run container in systemd mode if the command executable is systemd or init",
+ createFlags.String(
+ "systemd", "true",
+ `Run container in systemd mode ("true"|"false"|"always" (default "true")`,
)
createFlags.StringArray(
"tmpfs", []string{},
diff --git a/cmd/podman/shared/create.go b/cmd/podman/shared/create.go
index 675dfbad6..7c56db8db 100644
--- a/cmd/podman/shared/create.go
+++ b/cmd/podman/shared/create.go
@@ -662,9 +662,17 @@ func ParseCreateOpts(ctx context.Context, c *GenericCLIResults, runtime *libpod.
return nil, errors.Errorf("invalid image-volume type %q. Pick one of bind, tmpfs, or ignore", c.String("image-volume"))
}
- var systemd bool
- if command != nil && c.Bool("systemd") && (command[0] == "/usr/sbin/init" || (filepath.Base(command[0]) == "systemd")) {
- systemd = true
+ systemd := c.String("systemd") == "always"
+ if !systemd && command != nil {
+ x, err := strconv.ParseBool(c.String("systemd"))
+ if err != nil {
+ return nil, errors.Wrapf(err, "cannot parse bool %s", c.String("systemd"))
+ }
+ if x && (command[0] == "/usr/sbin/init" || (filepath.Base(command[0]) == "systemd")) {
+ systemd = true
+ }
+ }
+ if systemd {
if signalString == "" {
stopSignal, err = signal.ParseSignal("RTMIN+3")
if err != nil {
diff --git a/cmd/podman/shared/intermediate.go b/cmd/podman/shared/intermediate.go
index cccdd1bea..0f71dc087 100644
--- a/cmd/podman/shared/intermediate.go
+++ b/cmd/podman/shared/intermediate.go
@@ -449,7 +449,7 @@ func NewIntermediateLayer(c *cliconfig.PodmanCommand, remote bool) GenericCLIRes
m["subgidname"] = newCRString(c, "subgidname")
m["subuidname"] = newCRString(c, "subuidname")
m["sysctl"] = newCRStringSlice(c, "sysctl")
- m["systemd"] = newCRBool(c, "systemd")
+ m["systemd"] = newCRString(c, "systemd")
m["tmpfs"] = newCRStringArray(c, "tmpfs")
m["tty"] = newCRBool(c, "tty")
m["uidmap"] = newCRStringSlice(c, "uidmap")
diff --git a/cmd/podman/shared/intermediate_varlink.go b/cmd/podman/shared/intermediate_varlink.go
index 9dbf83950..c95470a72 100644
--- a/cmd/podman/shared/intermediate_varlink.go
+++ b/cmd/podman/shared/intermediate_varlink.go
@@ -152,7 +152,7 @@ func (g GenericCLIResults) MakeVarlink() iopodman.Create {
Subuidname: StringToPtr(g.Find("subuidname")),
Subgidname: StringToPtr(g.Find("subgidname")),
Sysctl: StringSliceToPtr(g.Find("sysctl")),
- Systemd: BoolToPtr(g.Find("systemd")),
+ Systemd: StringToPtr(g.Find("systemd")),
Tmpfs: StringSliceToPtr(g.Find("tmpfs")),
Tty: BoolToPtr(g.Find("tty")),
Uidmap: StringSliceToPtr(g.Find("uidmap")),
@@ -321,6 +321,7 @@ func VarlinkCreateToGeneric(opts iopodman.Create) GenericCLIResults {
var memSwapDefault int64 = -1
netModeDefault := "bridge"
+ systemdDefault := "true"
if rootless.IsRootless() {
netModeDefault = "slirp4netns"
}
@@ -409,7 +410,7 @@ func VarlinkCreateToGeneric(opts iopodman.Create) GenericCLIResults {
m["subgidname"] = stringFromVarlink(opts.Subgidname, "subgidname", nil)
m["subuidname"] = stringFromVarlink(opts.Subuidname, "subuidname", nil)
m["sysctl"] = stringSliceFromVarlink(opts.Sysctl, "sysctl", nil)
- m["systemd"] = boolFromVarlink(opts.Systemd, "systemd", cliconfig.DefaultSystemD)
+ m["systemd"] = stringFromVarlink(opts.Systemd, "systemd", &systemdDefault)
m["tmpfs"] = stringSliceFromVarlink(opts.Tmpfs, "tmpfs", nil)
m["tty"] = boolFromVarlink(opts.Tty, "tty", false)
m["uidmap"] = stringSliceFromVarlink(opts.Uidmap, "uidmap", nil)
diff --git a/cmd/podman/varlink/io.podman.varlink b/cmd/podman/varlink/io.podman.varlink
index 2408dc80c..13e8394fb 100644
--- a/cmd/podman/varlink/io.podman.varlink
+++ b/cmd/podman/varlink/io.podman.varlink
@@ -363,7 +363,7 @@ type Create (
subuidname: ?string,
subgidname: ?string,
sysctl: ?[]string,
- systemd: ?bool,
+ systemd: ?string,
tmpfs: ?[]string,
tty: ?bool,
uidmap: ?[]string,
diff --git a/docs/podman-create.1.md b/docs/podman-create.1.md
index 418ad2c4e..35602f97b 100644
--- a/docs/podman-create.1.md
+++ b/docs/podman-create.1.md
@@ -709,11 +709,16 @@ Network Namespace - current sysctls allowed:
Sysctls beginning with net.*
Note: if you use the --network=host option these sysctls will not be allowed.
-x
-**--systemd**=*true|false*
+
+**--systemd**=*true|false|always*
Run container in systemd mode. The default is *true*.
+The value *always* enforces the systemd mode is enforced without
+looking at the executable name. Otherwise, if set to true and the
+command you are running inside the container is systemd or
+/usr/sbin/init.
+
If the command you are running inside of the container is systemd or
/usr/sbin/init, Podman will setup tmpfs mount points in the following
directories:
diff --git a/docs/podman-run.1.md b/docs/podman-run.1.md
index 5cbe1a38f..e255119d7 100644
--- a/docs/podman-run.1.md
+++ b/docs/podman-run.1.md
@@ -747,10 +747,15 @@ Network Namespace - current sysctls allowed:
Note: if you use the `--network=host` option these sysctls will not be allowed.
-**--systemd**=*true|false*
+**--systemd**=*true|false|always*
Run container in systemd mode. The default is *true*.
+The value *always* enforces the systemd mode is enforced without
+looking at the executable name. Otherwise, if set to true and the
+command you are running inside the container is systemd or
+/usr/sbin/init.
+
If the command you are running inside of the container is systemd or
/usr/sbin/init, Podman will setup tmpfs mount points in the following
directories: