diff options
| author | Valentin Rothberg <rothberg@redhat.com> | 2018-12-22 14:59:43 +0100 |
|---|---|---|
| committer | Valentin Rothberg <rothberg@redhat.com> | 2019-01-04 11:42:03 +0100 |
| commit | 75578aad61c1e9fae021223ece70cb83e3e2bcf2 (patch) | |
| tree | 2be4469136fd0f7c179352d6a721d2e9f0a61f47 /cmd | |
| parent | 9ffd4806163e410d51d0f0cbece45b7405ff9fee (diff) | |
| download | podman-75578aad61c1e9fae021223ece70cb83e3e2bcf2.tar.gz podman-75578aad61c1e9fae021223ece70cb83e3e2bcf2.tar.bz2 podman-75578aad61c1e9fae021223ece70cb83e3e2bcf2.zip | |
add container-init support
Add support for executing an init binary as PID 1 in a container to
forward signals and reap processes. When the `--init` flag is set for
podman-create or podman-run, the init binary is bind-mounted to
`/dev/init` in the container and "/dev/init --" is prepended to the
container's command.
The default base path of the container-init binary is `/usr/libexec/podman`
while the default binary is catatonit [1]. This default can be changed
permanently via the `init_path` field in the `libpod.conf` configuration
file (which is recommended for packaging) or temporarily via the
`--init-path` flag of podman-create and podman-run.
[1] https://github.com/openSUSE/catatonit
Fixes: #1670
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Diffstat (limited to 'cmd')
| -rw-r--r-- | cmd/podman/common.go | 9 | ||||
| -rw-r--r-- | cmd/podman/create.go | 10 | ||||
| -rw-r--r-- | cmd/podman/varlink/io.podman.varlink | 2 |
3 files changed, 21 insertions, 0 deletions
diff --git a/cmd/podman/common.go b/cmd/podman/common.go index 8404a29b8..0fc9a6acc 100644 --- a/cmd/podman/common.go +++ b/cmd/podman/common.go @@ -321,6 +321,15 @@ var createFlags = []cli.Flag{ Value: "bind", }, cli.BoolFlag{ + Name: "init", + Usage: "Run an init binary inside the container that forwards signals and reaps processes", + }, + cli.StringFlag{ + Name: "init-path", + // Do not use the Value field for setting the default value to determine user input (i.e., non-empty string) + Usage: fmt.Sprintf("Path to the container-init binary (default: %q)", libpod.DefaultInitPath), + }, + cli.BoolFlag{ Name: "interactive, i", Usage: "Keep STDIN open even if not attached", }, diff --git a/cmd/podman/create.go b/cmd/podman/create.go index dae429047..395a64b3b 100644 --- a/cmd/podman/create.go +++ b/cmd/podman/create.go @@ -809,6 +809,16 @@ func parseCreateOpts(ctx context.Context, c *cli.Context, runtime *libpod.Runtim Syslog: c.GlobalBool("syslog"), } + if c.Bool("init") { + initPath := c.String("init-path") + if initPath == "" { + initPath = runtime.GetConfig().InitPath + } + if err := config.AddContainerInitBinary(initPath); err != nil { + return nil, err + } + } + if config.Privileged { config.LabelOpts = label.DisableSecOpt() } else { diff --git a/cmd/podman/varlink/io.podman.varlink b/cmd/podman/varlink/io.podman.varlink index c1b7c703a..4e8b69faf 100644 --- a/cmd/podman/varlink/io.podman.varlink +++ b/cmd/podman/varlink/io.podman.varlink @@ -211,6 +211,8 @@ type Create ( hostname: string, image: string, image_id: string, + init: bool, + init_path: string, builtin_imgvolumes: []string, id_mappings: IDMappingOptions, image_volume_type: string, |