diff options
author | Giuseppe Scrivano <gscrivan@redhat.com> | 2018-06-11 16:03:34 +0200 |
---|---|---|
committer | Atomic Bot <atomic-devel@projectatomic.io> | 2018-06-27 14:07:17 +0000 |
commit | 5ff90677c83b78366554493e10f7615119f7e0a1 (patch) | |
tree | 094685755b891f5813a458cfadb5374e68f732fb /cmd/podman | |
parent | 8ee8f847340c3ac2264e183655fb7cdcbbfbb2cd (diff) | |
download | podman-5ff90677c83b78366554493e10f7615119f7e0a1.tar.gz podman-5ff90677c83b78366554493e10f7615119f7e0a1.tar.bz2 podman-5ff90677c83b78366554493e10f7615119f7e0a1.zip |
rootless: add management for the userNS
When running podman as non root user always create an userNS and let
the OCI runtime use it.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #936
Approved by: rhatdan
Diffstat (limited to 'cmd/podman')
-rw-r--r-- | cmd/podman/libpodruntime/runtime.go | 3 | ||||
-rw-r--r-- | cmd/podman/main.go | 10 |
2 files changed, 12 insertions, 1 deletions
diff --git a/cmd/podman/libpodruntime/runtime.go b/cmd/podman/libpodruntime/runtime.go index 042ce87e5..abe0115e9 100644 --- a/cmd/podman/libpodruntime/runtime.go +++ b/cmd/podman/libpodruntime/runtime.go @@ -7,6 +7,7 @@ import ( "github.com/containers/storage" "github.com/projectatomic/libpod/libpod" + "github.com/projectatomic/libpod/pkg/rootless" "github.com/urfave/cli" ) @@ -40,7 +41,7 @@ func GetRootlessStorageOpts() (storage.StoreOptions, error) { func GetDefaultStoreOptions() (storage.StoreOptions, error) { storageOpts := storage.DefaultStoreOptions - if os.Getuid() != 0 { + if rootless.IsRootless() { var err error storageOpts, err = GetRootlessStorageOpts() if err != nil { diff --git a/cmd/podman/main.go b/cmd/podman/main.go index f936a332f..fefd8fdad 100644 --- a/cmd/podman/main.go +++ b/cmd/podman/main.go @@ -11,6 +11,7 @@ import ( "github.com/pkg/errors" "github.com/projectatomic/libpod/pkg/hooks" _ "github.com/projectatomic/libpod/pkg/hooks/0.1.0" + "github.com/projectatomic/libpod/pkg/rootless" "github.com/projectatomic/libpod/version" "github.com/sirupsen/logrus" "github.com/urfave/cli" @@ -26,6 +27,15 @@ func main() { debug := false cpuProfile := false + became, err := rootless.BecomeRootInUserNS() + if err != nil { + logrus.Errorf(err.Error()) + os.Exit(1) + } + if became { + os.Exit(0) + } + if reexec.Init() { return } |