diff options
| author | Ashley Cui <acui@redhat.com> | 2022-06-24 10:22:25 -0400 |
|---|---|---|
| committer | Ashley Cui <acui@redhat.com> | 2022-06-29 09:19:09 -0400 |
| commit | d9ff0fd15da268fae9744a60522ecdf94744b74a (patch) | |
| tree | 4cc2cf5b9b3e15245769cdc735ba221aa7b28b1f /cmd/podman/machine/machine.go | |
| parent | 4274906a80c830492e0634602350c1626288e968 (diff) | |
| download | podman-d9ff0fd15da268fae9744a60522ecdf94744b74a.tar.gz podman-d9ff0fd15da268fae9744a60522ecdf94744b74a.tar.bz2 podman-d9ff0fd15da268fae9744a60522ecdf94744b74a.zip | |
Only allow Rootless runs of Podman Machine
Podman Machine crashes if run as root. When creating the machine, we write the ignition so that the UID of the core user matches the UID of the user on the host. We by default, create the root user on the machine with UID 0. If the user on the host is root, the core UID and the Root UID collide, causing a the VM not to boot.
[NO NEW TESTS NEEDED]
Signed-off-by: Ashley Cui <acui@redhat.com>
Diffstat (limited to 'cmd/podman/machine/machine.go')
| -rw-r--r-- | cmd/podman/machine/machine.go | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/cmd/podman/machine/machine.go b/cmd/podman/machine/machine.go index 5a8a06b9d..d3d44b45e 100644 --- a/cmd/podman/machine/machine.go +++ b/cmd/podman/machine/machine.go @@ -5,6 +5,7 @@ package machine import ( "errors" + "fmt" "net" "os" "path/filepath" @@ -17,6 +18,7 @@ import ( "github.com/containers/podman/v4/cmd/podman/validate" "github.com/containers/podman/v4/libpod/events" "github.com/containers/podman/v4/pkg/machine" + "github.com/containers/podman/v4/pkg/rootless" "github.com/containers/podman/v4/pkg/util" "github.com/sirupsen/logrus" "github.com/spf13/cobra" @@ -162,3 +164,10 @@ func closeMachineEvents(cmd *cobra.Command, _ []string) error { } return nil } + +func rootlessOnly(cmd *cobra.Command, args []string) error { + if !rootless.IsRootless() { + return fmt.Errorf("cannot run command %q as root", cmd.CommandPath()) + } + return nil +} |