Merge pull request #3786 from giuseppe/fix-rootless-checks

rootless: drop some superflous checks

4 files changed, 24 insertions, 10 deletions

diff --git a/cmd/podman/pod_create.go b/cmd/podman/pod_create.go
index b6154b4db..d04c85dba 100644
--- a/cmd/podman/pod_create.go
+++ b/cmd/podman/pod_create.go
@@ -78,7 +78,7 @@ func podCreateCmd(c *cliconfig.PodCreateValues) error {
 	if !c.Infra && c.Flag("share").Changed && c.Share != "none" && c.Share != "" {
 		return errors.Errorf("You cannot share kernel namespaces on the pod level without an infra container")
 	}
-	if c.Flag("pod-id-file").Changed && os.Geteuid() == 0 {
+	if c.Flag("pod-id-file").Changed {
 		podIdFile, err = util.OpenExclusiveFile(c.PodIDFile)
 		if err != nil && os.IsExist(err) {
 			return errors.Errorf("pod id file exists. Ensure another pod is not using it or delete %s", c.PodIDFile)
diff --git a/cmd/podman/pod_stats.go b/cmd/podman/pod_stats.go
index 46cacc026..2f1ebd3ac 100644
--- a/cmd/podman/pod_stats.go
+++ b/cmd/podman/pod_stats.go
@@ -15,6 +15,8 @@ import (
 	"github.com/containers/libpod/libpod"
 	"github.com/containers/libpod/libpod/define"
 	"github.com/containers/libpod/pkg/adapter"
+	"github.com/containers/libpod/pkg/cgroups"
+	"github.com/containers/libpod/pkg/rootless"
 	"github.com/pkg/errors"
 	"github.com/spf13/cobra"
 )
@@ -53,9 +55,14 @@ func init() {
 }
 
 func podStatsCmd(c *cliconfig.PodStatsValues) error {
-
-	if os.Geteuid() != 0 {
-		return errors.New("stats is not supported in rootless mode")
+	if rootless.IsRootless() {
+		unified, err := cgroups.IsCgroup2UnifiedMode()
+		if err != nil {
+			return err
+		}
+		if !unified {
+			return errors.New("stats is not supported in rootless mode without cgroups v2")
+		}
 	}
 
 	format := c.Format
diff --git a/cmd/podman/shared/create.go b/cmd/podman/shared/create.go
index 84cba4b75..e29e6b28e 100644
--- a/cmd/podman/shared/create.go
+++ b/cmd/podman/shared/create.go
@@ -55,7 +55,7 @@ func CreateContainer(ctx context.Context, c *GenericCLIResults, runtime *libpod.
 		rootfs = c.InputArgs[0]
 	}
 
-	if c.IsSet("cidfile") && os.Geteuid() == 0 {
+	if c.IsSet("cidfile") {
 		cidFile, err = util.OpenExclusiveFile(c.String("cidfile"))
 		if err != nil && os.IsExist(err) {
 			return nil, nil, errors.Errorf("container id file exists. Ensure another container is not using it or delete %s", c.String("cidfile"))
@@ -70,8 +70,8 @@ func CreateContainer(ctx context.Context, c *GenericCLIResults, runtime *libpod.
 	imageName := ""
 	var data *inspect.ImageData = nil
 
-	// Set the storage if we are running as euid == 0 and there is no rootfs specified
-	if rootfs == "" && os.Geteuid() == 0 {
+	// Set the storage if there is no rootfs specified
+	if rootfs == "" {
 		var writer io.Writer
 		if !c.Bool("quiet") {
 			writer = os.Stderr
diff --git a/cmd/podman/stats.go b/cmd/podman/stats.go
index 3accae1b6..2f696445e 100644
--- a/cmd/podman/stats.go
+++ b/cmd/podman/stats.go
@@ -2,7 +2,6 @@ package main
 
 import (
 	"fmt"
-	"os"
 	"reflect"
 	"strings"
 	"time"
@@ -13,6 +12,8 @@ import (
 	"github.com/containers/libpod/cmd/podman/libpodruntime"
 	"github.com/containers/libpod/libpod"
 	"github.com/containers/libpod/libpod/define"
+	"github.com/containers/libpod/pkg/cgroups"
+	"github.com/containers/libpod/pkg/rootless"
 	"github.com/docker/go-units"
 	"github.com/pkg/errors"
 	"github.com/spf13/cobra"
@@ -66,8 +67,14 @@ func init() {
 }
 
 func statsCmd(c *cliconfig.StatsValues) error {
-	if os.Geteuid() != 0 {
-		return errors.New("stats is not supported for rootless containers")
+	if rootless.IsRootless() {
+		unified, err := cgroups.IsCgroup2UnifiedMode()
+		if err != nil {
+			return err
+		}
+		if !unified {
+			return errors.New("stats is not supported in rootless mode without cgroups v2")
+		}
 	}
 
 	all := c.All