Merge pull request #2294 from mheon/v1.0_backports

V1.0 backports

6 files changed, 68 insertions, 41 deletions

diff --git a/cmd/podman/create.go b/cmd/podman/create.go
index d98b78bd4..8c45b568a 100644
--- a/cmd/podman/create.go
+++ b/cmd/podman/create.go
@@ -4,6 +4,8 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
+	"io"
+	"io/ioutil"
 	"os"
 	"path/filepath"
 	"strconv"
@@ -127,7 +129,12 @@ func createContainer(c *cli.Context, runtime *libpod.Runtime) (*libpod.Container
 	var data *inspect.ImageData = nil
 
 	if rootfs == "" && !rootless.SkipStorageSetup() {
-		newImage, err := runtime.ImageRuntime().New(ctx, c.Args()[0], rtc.SignaturePolicyPath, "", os.Stderr, nil, image.SigningOptions{}, false)
+		var writer io.Writer
+		if !c.Bool("quiet") {
+			writer = os.Stderr
+		}
+
+		newImage, err := runtime.ImageRuntime().New(ctx, c.Args()[0], rtc.SignaturePolicyPath, "", writer, nil, image.SigningOptions{}, false)
 		if err != nil {
 			return nil, nil, err
 		}
@@ -172,7 +179,11 @@ func parseSecurityOpt(config *cc.CreateConfig, securityOpts []string) error {
 		if err != nil {
 			return errors.Wrapf(err, "container %q not found", config.PidMode.Container())
 		}
-		labelOpts = append(labelOpts, label.DupSecOpt(ctr.ProcessLabel())...)
+		secopts, err := label.DupSecOpt(ctr.ProcessLabel())
+		if err != nil {
+			return errors.Wrapf(err, "failed to duplicate label %q ", ctr.ProcessLabel())
+		}
+		labelOpts = append(labelOpts, secopts...)
 	}
 
 	if config.IpcMode.IsHost() {
@@ -182,7 +193,11 @@ func parseSecurityOpt(config *cc.CreateConfig, securityOpts []string) error {
 		if err != nil {
 			return errors.Wrapf(err, "container %q not found", config.IpcMode.Container())
 		}
-		labelOpts = append(labelOpts, label.DupSecOpt(ctr.ProcessLabel())...)
+		secopts, err := label.DupSecOpt(ctr.ProcessLabel())
+		if err != nil {
+			return errors.Wrapf(err, "failed to duplicate label %q ", ctr.ProcessLabel())
+		}
+		labelOpts = append(labelOpts, secopts...)
 	}
 
 	for _, opt := range securityOpts {
@@ -421,6 +436,16 @@ func parseCreateOpts(ctx context.Context, c *cli.Context, runtime *libpod.Runtim
 	}
 	if c.IsSet("pod") {
 		if strings.HasPrefix(originalPodName, "new:") {
+			if rootless.IsRootless() {
+				// To create a new pod, we must immediately create the userns.
+				became, ret, err := rootless.BecomeRootInUserNS()
+				if err != nil {
+					return nil, err
+				}
+				if became {
+					os.Exit(ret)
+				}
+			}
 			// pod does not exist; lets make it
 			var podOptions []libpod.PodCreateOption
 			podOptions = append(podOptions, libpod.WithPodName(podName), libpod.WithInfraContainer(), libpod.WithPodCgroups())
@@ -785,11 +810,15 @@ func joinOrCreateRootlessUserNamespace(createConfig *cc.CreateConfig, runtime *l
 			if s != libpod.ContainerStateRunning && s != libpod.ContainerStatePaused {
 				continue
 			}
-			pid, err := prevCtr.PID()
+			data, err := ioutil.ReadFile(prevCtr.Config().ConmonPidFile)
 			if err != nil {
-				return false, -1, err
+				return false, -1, errors.Wrapf(err, "cannot read conmon PID file %q", prevCtr.Config().ConmonPidFile)
 			}
-			return rootless.JoinNS(uint(pid))
+			conmonPid, err := strconv.Atoi(string(data))
+			if err != nil {
+				return false, -1, errors.Wrapf(err, "cannot parse PID %q", data)
+			}
+			return rootless.JoinDirectUserAndMountNS(uint(conmonPid))
 		}
 	}
 
diff --git a/cmd/podman/formats/formats.go b/cmd/podman/formats/formats.go
index 3da0ea385..c454c39bd 100644
--- a/cmd/podman/formats/formats.go
+++ b/cmd/podman/formats/formats.go
@@ -20,6 +20,8 @@ const (
 	JSONString = "json"
 	// IDString const to save on duplicates for Go templates
 	IDString = "{{.ID}}"
+
+	parsingErrorStr = "Template parsing error"
 )
 
 // Writer interface for outputs
@@ -96,7 +98,7 @@ func (t StdoutTemplateArray) Out() error {
 		t.Template = strings.Replace(strings.TrimSpace(t.Template[5:]), " ", "\t", -1)
 		headerTmpl, err := template.New("header").Funcs(headerFunctions).Parse(t.Template)
 		if err != nil {
-			return errors.Wrapf(err, "Template parsing error")
+			return errors.Wrapf(err, parsingErrorStr)
 		}
 		err = headerTmpl.Execute(w, t.Fields)
 		if err != nil {
@@ -107,13 +109,12 @@ func (t StdoutTemplateArray) Out() error {
 	t.Template = strings.Replace(t.Template, " ", "\t", -1)
 	tmpl, err := template.New("image").Funcs(basicFunctions).Parse(t.Template)
 	if err != nil {
-		return errors.Wrapf(err, "Template parsing error")
+		return errors.Wrapf(err, parsingErrorStr)
 	}
-	for i, img := range t.Output {
+	for i, raw := range t.Output {
 		basicTmpl := tmpl.Funcs(basicFunctions)
-		err = basicTmpl.Execute(w, img)
-		if err != nil {
-			return err
+		if err := basicTmpl.Execute(w, raw); err != nil {
+			return errors.Wrapf(err, parsingErrorStr)
 		}
 		if i != len(t.Output)-1 {
 			fmt.Fprintln(w, "")
diff --git a/cmd/podman/images_prune.go b/cmd/podman/images_prune.go
index cb72a498f..7310137e7 100644
--- a/cmd/podman/images_prune.go
+++ b/cmd/podman/images_prune.go
@@ -1,8 +1,9 @@
 package main
 
 import (
+	"fmt"
+
 	"github.com/containers/libpod/cmd/podman/libpodruntime"
-	"github.com/containers/libpod/cmd/podman/shared"
 	"github.com/pkg/errors"
 	"github.com/urfave/cli"
 )
@@ -13,13 +14,19 @@ var (
 
 	Removes all unnamed images from local storage
 `
-
+	pruneImageFlags = []cli.Flag{
+		cli.BoolFlag{
+			Name:  "all, a",
+			Usage: "remove all unused images, not just dangling ones",
+		},
+	}
 	pruneImagesCommand = cli.Command{
 		Name:         "prune",
 		Usage:        "Remove unused images",
 		Description:  pruneImagesDescription,
 		Action:       pruneImagesCmd,
 		OnUsageError: usageErrorHandler,
+		Flags:        pruneImageFlags,
 	}
 )
 
@@ -30,5 +37,13 @@ func pruneImagesCmd(c *cli.Context) error {
 	}
 	defer runtime.Shutdown(false)
 
-	return shared.Prune(runtime.ImageRuntime())
+	// Call prune; if any cids are returned, print them and then
+	// return err in case an error also came up
+	pruneCids, err := runtime.ImageRuntime().PruneImages(c.Bool("all"))
+	if len(pruneCids) > 0 {
+		for _, cid := range pruneCids {
+			fmt.Println(cid)
+		}
+	}
+	return err
 }
diff --git a/cmd/podman/inspect.go b/cmd/podman/inspect.go
index 6ffcde55f..2f1e97c6c 100644
--- a/cmd/podman/inspect.go
+++ b/cmd/podman/inspect.go
@@ -87,6 +87,9 @@ func inspectCmd(c *cli.Context) error {
 	}
 
 	inspectedObjects, iterateErr := iterateInput(getContext(), c, args, runtime, inspectType)
+	if iterateErr != nil {
+		return iterateErr
+	}
 
 	var out formats.Writer
 	if outputFormat != "" && outputFormat != formats.JSONString {
@@ -97,8 +100,7 @@ func inspectCmd(c *cli.Context) error {
 		out = formats.JSONStructArray{Output: inspectedObjects}
 	}
 
-	formats.Writer(out).Out()
-	return iterateErr
+	return formats.Writer(out).Out()
 }
 
 // func iterateInput iterates the images|containers the user has requested and returns the inspect data and error
diff --git a/cmd/podman/shared/prune.go b/cmd/podman/shared/prune.go
deleted file mode 100644
index 90cfe4475..000000000
--- a/cmd/podman/shared/prune.go
+++ /dev/null
@@ -1,24 +0,0 @@
-package shared
-
-import (
-	"fmt"
-	"github.com/pkg/errors"
-
-	"github.com/containers/libpod/libpod/image"
-)
-
-// Prune removes all unnamed and unused images from the local store
-func Prune(ir *image.Runtime) error {
-	pruneImages, err := ir.GetPruneImages()
-	if err != nil {
-		return err
-	}
-
-	for _, i := range pruneImages {
-		if err := i.Remove(true); err != nil {
-			return errors.Wrapf(err, "failed to remove %s", i.ID())
-		}
-		fmt.Println(i.ID())
-	}
-	return nil
-}
diff --git a/cmd/podman/varlink/io.podman.varlink b/cmd/podman/varlink/io.podman.varlink
index 4e8b69faf..6f3bf34a2 100644
--- a/cmd/podman/varlink/io.podman.varlink
+++ b/cmd/podman/varlink/io.podman.varlink
@@ -1015,6 +1015,10 @@ method MountContainer(name: string) -> (path: string)
 # ~~~
 method  UnmountContainer(name: string, force: bool) -> ()
 
+# ImagesPrune removes all unused images from the local store.  Upon successful pruning,
+# the IDs of the removed images are returned.
+method ImagesPrune(all: bool) -> (pruned: []string)
+
 # This function is not implemented yet.
 method ListContainerPorts(name: string) -> (notimplemented: NotImplemented)