V2 Commands that require ParentNS (rootful) are report error

* Updated unmount to require ParentNS

Signed-off-by: Jhon Honce <jhonce@redhat.com>

2 files changed, 14 insertions, 0 deletions

diff --git a/cmd/podman/containers/unmount.go b/cmd/podman/containers/unmount.go
index a4550abbd..7b6eb5553 100644
--- a/cmd/podman/containers/unmount.go
+++ b/cmd/podman/containers/unmount.go
@@ -27,6 +27,9 @@ var (
 		Args: func(cmd *cobra.Command, args []string) error {
 			return parse.CheckAllLatestAndCIDFile(cmd, args, false, false)
 		},
+		Annotations: map[string]string{
+			registry.ParentNSRequired: "",
+		},
 		Example: `podman umount ctrID
   podman umount ctrID1 ctrID2 ctrID3
   podman umount --all`,
diff --git a/cmd/podman/main.go b/cmd/podman/main.go
index 481214a38..3a8958b6d 100644
--- a/cmd/podman/main.go
+++ b/cmd/podman/main.go
@@ -1,6 +1,7 @@
 package main
 
 import (
+	"fmt"
 	"os"
 
 	_ "github.com/containers/libpod/cmd/podman/containers"
@@ -12,7 +13,9 @@ import (
 	"github.com/containers/libpod/cmd/podman/registry"
 	_ "github.com/containers/libpod/cmd/podman/system"
 	_ "github.com/containers/libpod/cmd/podman/volumes"
+	"github.com/containers/libpod/pkg/rootless"
 	"github.com/containers/storage/pkg/reexec"
+	"github.com/spf13/cobra"
 )
 
 func main() {
@@ -26,6 +29,14 @@ func main() {
 	for _, c := range registry.Commands {
 		for _, m := range c.Mode {
 			if cfg.EngineMode == m {
+				// Command cannot be run rootless
+				_, found := c.Command.Annotations[registry.ParentNSRequired]
+				if rootless.IsRootless() && found {
+					c.Command.RunE = func(cmd *cobra.Command, args []string) error {
+						return fmt.Errorf("cannot `%s` in rootless mode", cmd.CommandPath())
+					}
+				}
+
 				parent := rootCmd
 				if c.Parent != nil {
 					parent = c.Parent