summaryrefslogtreecommitdiff
path: root/cmd/podman
diff options
context:
space:
mode:
authorGiuseppe Scrivano <gscrivan@redhat.com>2018-06-11 16:03:34 +0200
committerAtomic Bot <atomic-devel@projectatomic.io>2018-06-27 14:07:17 +0000
commit5ff90677c83b78366554493e10f7615119f7e0a1 (patch)
tree094685755b891f5813a458cfadb5374e68f732fb /cmd/podman
parent8ee8f847340c3ac2264e183655fb7cdcbbfbb2cd (diff)
downloadpodman-5ff90677c83b78366554493e10f7615119f7e0a1.tar.gz
podman-5ff90677c83b78366554493e10f7615119f7e0a1.tar.bz2
podman-5ff90677c83b78366554493e10f7615119f7e0a1.zip
rootless: add management for the userNS
When running podman as non root user always create an userNS and let the OCI runtime use it. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #936 Approved by: rhatdan
Diffstat (limited to 'cmd/podman')
-rw-r--r--cmd/podman/libpodruntime/runtime.go3
-rw-r--r--cmd/podman/main.go10
2 files changed, 12 insertions, 1 deletions
diff --git a/cmd/podman/libpodruntime/runtime.go b/cmd/podman/libpodruntime/runtime.go
index 042ce87e5..abe0115e9 100644
--- a/cmd/podman/libpodruntime/runtime.go
+++ b/cmd/podman/libpodruntime/runtime.go
@@ -7,6 +7,7 @@ import (
"github.com/containers/storage"
"github.com/projectatomic/libpod/libpod"
+ "github.com/projectatomic/libpod/pkg/rootless"
"github.com/urfave/cli"
)
@@ -40,7 +41,7 @@ func GetRootlessStorageOpts() (storage.StoreOptions, error) {
func GetDefaultStoreOptions() (storage.StoreOptions, error) {
storageOpts := storage.DefaultStoreOptions
- if os.Getuid() != 0 {
+ if rootless.IsRootless() {
var err error
storageOpts, err = GetRootlessStorageOpts()
if err != nil {
diff --git a/cmd/podman/main.go b/cmd/podman/main.go
index f936a332f..fefd8fdad 100644
--- a/cmd/podman/main.go
+++ b/cmd/podman/main.go
@@ -11,6 +11,7 @@ import (
"github.com/pkg/errors"
"github.com/projectatomic/libpod/pkg/hooks"
_ "github.com/projectatomic/libpod/pkg/hooks/0.1.0"
+ "github.com/projectatomic/libpod/pkg/rootless"
"github.com/projectatomic/libpod/version"
"github.com/sirupsen/logrus"
"github.com/urfave/cli"
@@ -26,6 +27,15 @@ func main() {
debug := false
cpuProfile := false
+ became, err := rootless.BecomeRootInUserNS()
+ if err != nil {
+ logrus.Errorf(err.Error())
+ os.Exit(1)
+ }
+ if became {
+ os.Exit(0)
+ }
+
if reexec.Init() {
return
}