Merge pull request #3332 from rhatdan/cgroupmanager

Correctly identify the defaults for cgroup-manager

4 files changed, 95 insertions, 21 deletions

diff --git a/cmd/podman/main_local.go b/cmd/podman/main_local.go
index 132f35ab5..7a062cb4b 100644
--- a/cmd/podman/main_local.go
+++ b/cmd/podman/main_local.go
@@ -12,6 +12,7 @@ import (
 
 	"github.com/containers/libpod/cmd/podman/cliconfig"
 	"github.com/containers/libpod/cmd/podman/libpodruntime"
+	"github.com/containers/libpod/libpod"
 	"github.com/containers/libpod/pkg/rootless"
 	"github.com/containers/libpod/pkg/tracing"
 	"github.com/containers/libpod/pkg/util"
@@ -25,8 +26,17 @@ import (
 const remote = false
 
 func init() {
-
-	rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.CGroupManager, "cgroup-manager", "", "Cgroup manager to use (cgroupfs or systemd, default systemd)")
+	cgroupManager := libpod.SystemdCgroupsManager
+	if runtimeConfig, err := libpod.DefaultRuntimeConfig(); err == nil {
+		cgroupManager = runtimeConfig.CgroupManager
+	}
+	cgroupHelp := "Cgroup manager to use (cgroupfs or systemd)"
+	cgroupv2, _ := util.IsCgroup2UnifiedMode()
+	if rootless.IsRootless() && !cgroupv2 {
+		cgroupManager = ""
+		cgroupHelp = "Cgroup manager is not supported in rootless mode"
+	}
+	rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.CGroupManager, "cgroup-manager", cgroupManager, cgroupHelp)
 	// -c is deprecated due to conflict with -c on subcommands
 	rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.CpuProfile, "cpu-profile", "", "Path for the cpu profiling results")
 	rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.Config, "config", "", "Path of a libpod config file detailing container server configuration options")
diff --git a/docs/podman.1.md b/docs/podman.1.md
index c23075718..022514a80 100644
--- a/docs/podman.1.md
+++ b/docs/podman.1.md
@@ -27,7 +27,10 @@ Print usage statement
 
 **--cgroup-manager**=*manager*
 
-CGroup manager to use for container cgroups. Supported values are cgroupfs or systemd (default). Setting this flag can cause certain commands to break when called on containers created by the other CGroup manager type.
+CGroup manager to use for container cgroups. Supported values are cgroupfs or systemd. Default is systemd unless overridden in the libpod.conf file.
+
+Note: Setting this flag can cause certain commands to break when called on containers previously created by the other CGroup manager type.
+Note: CGroup manager is not supported in rootless mode when using CGroups Version V1.
 
 **--cpu-profile**=*path*
 
diff --git a/libpod/oci_linux.go b/libpod/oci_linux.go
index 6e84c0759..b7efa742a 100644
--- a/libpod/oci_linux.go
+++ b/libpod/oci_linux.go
@@ -296,7 +296,11 @@ func (r *OCIRuntime) createOCIContainer(ctr *Container, cgroupParent string, res
 	cmd.Env = append(cmd.Env, fmt.Sprintf("XDG_RUNTIME_DIR=%s", runtimeDir))
 	cmd.Env = append(cmd.Env, fmt.Sprintf("_CONTAINERS_USERNS_CONFIGURED=%s", os.Getenv("_CONTAINERS_USERNS_CONFIGURED")))
 	cmd.Env = append(cmd.Env, fmt.Sprintf("_CONTAINERS_ROOTLESS_UID=%s", os.Getenv("_CONTAINERS_ROOTLESS_UID")))
-	cmd.Env = append(cmd.Env, fmt.Sprintf("HOME=%s", os.Getenv("HOME")))
+	home, err := homeDir()
+	if err != nil {
+		return err
+	}
+	cmd.Env = append(cmd.Env, fmt.Sprintf("HOME=%s", home))
 
 	if r.reservePorts && !ctr.config.NetMode.IsSlirp4netns() {
 		ports, err := bindPorts(ctr.config.PortMappings)
diff --git a/libpod/runtime.go b/libpod/runtime.go
index 78fa22ec8..52ce8062b 100644
--- a/libpod/runtime.go
+++ b/libpod/runtime.go
@@ -5,6 +5,7 @@ import (
 	"fmt"
 	"io/ioutil"
 	"os"
+	"os/user"
 	"path/filepath"
 	"strings"
 	"sync"
@@ -374,6 +375,68 @@ func NewRuntimeFromConfig(ctx context.Context, userConfigPath string, options ..
 	return newRuntimeFromConfig(ctx, userConfigPath, options...)
 }
 
+func homeDir() (string, error) {
+	home := os.Getenv("HOME")
+	if home == "" {
+		usr, err := user.Current()
+		if err != nil {
+			return "", errors.Wrapf(err, "unable to resolve HOME directory")
+		}
+		home = usr.HomeDir
+	}
+	return home, nil
+}
+
+func getRootlessConfigPath() (string, error) {
+	home, err := homeDir()
+	if err != nil {
+		return "", err
+	}
+
+	return filepath.Join(home, ".config/containers/libpod.conf"), nil
+}
+
+func getConfigPath() string {
+	if rootless.IsRootless() {
+		rootlessConfigPath, err := getRootlessConfigPath()
+		if err != nil {
+			if _, err := os.Stat(rootlessConfigPath); err == nil {
+				return rootlessConfigPath
+			}
+		}
+	}
+	if _, err := os.Stat(OverrideConfigPath); err == nil {
+		// Use the override configuration path
+		return OverrideConfigPath
+	}
+	if _, err := os.Stat(ConfigPath); err == nil {
+		return ConfigPath
+	}
+	return ""
+}
+
+// DefaultRuntimeConfig reads default config path and returns the RuntimeConfig
+func DefaultRuntimeConfig() (*RuntimeConfig, error) {
+	configPath := getConfigPath()
+
+	contents, err := ioutil.ReadFile(configPath)
+	if err != nil {
+		return nil, errors.Wrapf(err, "error reading configuration file %s", configPath)
+	}
+
+	// This is ugly, but we need to decode twice.
+	// Once to check if libpod static and tmp dirs were explicitly
+	// set (not enough to check if they're not the default value,
+	// might have been explicitly configured to the default).
+	// A second time to actually get a usable config.
+	tmpConfig := new(RuntimeConfig)
+	if _, err := toml.Decode(string(contents), tmpConfig); err != nil {
+		return nil, errors.Wrapf(err, "error decoding configuration file %s",
+			configPath)
+	}
+	return tmpConfig, nil
+}
+
 func newRuntimeFromConfig(ctx context.Context, userConfigPath string, options ...RuntimeOption) (runtime *Runtime, err error) {
 	runtime = new(Runtime)
 	runtime.config = new(RuntimeConfig)
@@ -402,11 +465,13 @@ func newRuntimeFromConfig(ctx context.Context, userConfigPath string, options ..
 	runtime.config.StaticDir = filepath.Join(storageConf.GraphRoot, "libpod")
 	runtime.config.VolumePath = filepath.Join(storageConf.GraphRoot, "volumes")
 
-	configPath := ConfigPath
-	foundConfig := true
+	configPath := getConfigPath()
 	rootlessConfigPath := ""
 	if rootless.IsRootless() {
-		home := os.Getenv("HOME")
+		home, err := homeDir()
+		if err != nil {
+			return nil, err
+		}
 		if runtime.config.SignaturePolicyPath == "" {
 			newPath := filepath.Join(home, ".config/containers/policy.json")
 			if _, err := os.Stat(newPath); err == nil {
@@ -414,7 +479,10 @@ func newRuntimeFromConfig(ctx context.Context, userConfigPath string, options ..
 			}
 		}
 
-		rootlessConfigPath = filepath.Join(home, ".config/containers/libpod.conf")
+		rootlessConfigPath, err = getRootlessConfigPath()
+		if err != nil {
+			return nil, err
+		}
 
 		runtimeDir, err := util.GetRootlessRuntimeDir()
 		if err != nil {
@@ -436,21 +504,10 @@ func newRuntimeFromConfig(ctx context.Context, userConfigPath string, options ..
 			// when it doesn't exist
 			return nil, errors.Wrapf(err, "cannot stat %s", configPath)
 		}
-	} else if rootless.IsRootless() {
-		configPath = rootlessConfigPath
-		if _, err := os.Stat(configPath); err != nil {
-			foundConfig = false
-		}
-	} else if _, err := os.Stat(OverrideConfigPath); err == nil {
-		// Use the override configuration path
-		configPath = OverrideConfigPath
-	} else if _, err := os.Stat(ConfigPath); err != nil {
-		// Both stat checks failed, no config found
-		foundConfig = false
 	}
 
 	// If we have a valid configuration file, load it in
-	if foundConfig {
+	if configPath != "" {
 		contents, err := ioutil.ReadFile(configPath)
 		if err != nil {
 			return nil, errors.Wrapf(err, "error reading configuration file %s", configPath)
@@ -559,7 +616,7 @@ func newRuntimeFromConfig(ctx context.Context, userConfigPath string, options ..
 			}
 		}
 
-		if !foundConfig {
+		if configPath != "" {
 			os.MkdirAll(filepath.Dir(rootlessConfigPath), 0755)
 			file, err := os.OpenFile(rootlessConfigPath, os.O_RDWR|os.O_CREATE|os.O_EXCL, 0666)
 			if err != nil && !os.IsExist(err) {