aboutsummaryrefslogtreecommitdiff
path: root/cmd
diff options
context:
space:
mode:
authoropenshift-ci[bot] <75433959+openshift-ci[bot]@users.noreply.github.com>2022-06-29 19:32:26 +0000
committerGitHub <noreply@github.com>2022-06-29 19:32:26 +0000
commitd6cdb996bce10eb050e41b2050aaf52d9bfd3bd0 (patch)
tree1d1f7c41596c1af686f51a8bca4711f43197ad89 /cmd
parent35aa994d124675a039c89f65fb4b1c684b79b89e (diff)
parentd9ff0fd15da268fae9744a60522ecdf94744b74a (diff)
downloadpodman-d6cdb996bce10eb050e41b2050aaf52d9bfd3bd0.tar.gz
podman-d6cdb996bce10eb050e41b2050aaf52d9bfd3bd0.tar.bz2
podman-d6cdb996bce10eb050e41b2050aaf52d9bfd3bd0.zip
Merge pull request #14706 from ashley-cui/rootmach
Only allow Rootless runs of Podman Machine
Diffstat (limited to 'cmd')
-rw-r--r--cmd/podman/machine/init.go1
-rw-r--r--cmd/podman/machine/inspect.go1
-rw-r--r--cmd/podman/machine/list.go1
-rw-r--r--cmd/podman/machine/machine.go9
-rw-r--r--cmd/podman/machine/rm.go1
-rw-r--r--cmd/podman/machine/set.go1
-rw-r--r--cmd/podman/machine/ssh.go9
-rw-r--r--cmd/podman/machine/start.go1
-rw-r--r--cmd/podman/machine/stop.go1
9 files changed, 21 insertions, 4 deletions
diff --git a/cmd/podman/machine/init.go b/cmd/podman/machine/init.go
index 9d464ad37..f9ba7b30d 100644
--- a/cmd/podman/machine/init.go
+++ b/cmd/podman/machine/init.go
@@ -20,6 +20,7 @@ var (
Use: "init [options] [NAME]",
Short: "Initialize a virtual machine",
Long: "initialize a virtual machine ",
+ PersistentPreRunE: rootlessOnly,
RunE: initMachine,
Args: cobra.MaximumNArgs(1),
Example: `podman machine init myvm`,
diff --git a/cmd/podman/machine/inspect.go b/cmd/podman/machine/inspect.go
index 4600a2b6d..d69c382f2 100644
--- a/cmd/podman/machine/inspect.go
+++ b/cmd/podman/machine/inspect.go
@@ -20,6 +20,7 @@ var (
Use: "inspect [options] [MACHINE...]",
Short: "Inspect an existing machine",
Long: "Provide details on a managed virtual machine",
+ PersistentPreRunE: rootlessOnly,
RunE: inspect,
Example: `podman machine inspect myvm`,
ValidArgsFunction: autocompleteMachine,
diff --git a/cmd/podman/machine/list.go b/cmd/podman/machine/list.go
index 1ffb8690c..f904c0caa 100644
--- a/cmd/podman/machine/list.go
+++ b/cmd/podman/machine/list.go
@@ -27,6 +27,7 @@ var (
Aliases: []string{"ls"},
Short: "List machines",
Long: "List managed virtual machines.",
+ PersistentPreRunE: rootlessOnly,
RunE: list,
Args: validate.NoArgs,
ValidArgsFunction: completion.AutocompleteNone,
diff --git a/cmd/podman/machine/machine.go b/cmd/podman/machine/machine.go
index 5a8a06b9d..d3d44b45e 100644
--- a/cmd/podman/machine/machine.go
+++ b/cmd/podman/machine/machine.go
@@ -5,6 +5,7 @@ package machine
import (
"errors"
+ "fmt"
"net"
"os"
"path/filepath"
@@ -17,6 +18,7 @@ import (
"github.com/containers/podman/v4/cmd/podman/validate"
"github.com/containers/podman/v4/libpod/events"
"github.com/containers/podman/v4/pkg/machine"
+ "github.com/containers/podman/v4/pkg/rootless"
"github.com/containers/podman/v4/pkg/util"
"github.com/sirupsen/logrus"
"github.com/spf13/cobra"
@@ -162,3 +164,10 @@ func closeMachineEvents(cmd *cobra.Command, _ []string) error {
}
return nil
}
+
+func rootlessOnly(cmd *cobra.Command, args []string) error {
+ if !rootless.IsRootless() {
+ return fmt.Errorf("cannot run command %q as root", cmd.CommandPath())
+ }
+ return nil
+}
diff --git a/cmd/podman/machine/rm.go b/cmd/podman/machine/rm.go
index a6e66265c..362c9a7d3 100644
--- a/cmd/podman/machine/rm.go
+++ b/cmd/podman/machine/rm.go
@@ -20,6 +20,7 @@ var (
Use: "rm [options] [MACHINE]",
Short: "Remove an existing machine",
Long: "Remove a managed virtual machine ",
+ PersistentPreRunE: rootlessOnly,
RunE: rm,
Args: cobra.MaximumNArgs(1),
Example: `podman machine rm myvm`,
diff --git a/cmd/podman/machine/set.go b/cmd/podman/machine/set.go
index 5777882da..1b9e1b2bd 100644
--- a/cmd/podman/machine/set.go
+++ b/cmd/podman/machine/set.go
@@ -18,6 +18,7 @@ var (
Use: "set [options] [NAME]",
Short: "Sets a virtual machine setting",
Long: "Sets an updatable virtual machine setting",
+ PersistentPreRunE: rootlessOnly,
RunE: setMachine,
Args: cobra.MaximumNArgs(1),
Example: `podman machine set --rootful=false`,
diff --git a/cmd/podman/machine/ssh.go b/cmd/podman/machine/ssh.go
index 8261f3607..38b8914fb 100644
--- a/cmd/podman/machine/ssh.go
+++ b/cmd/podman/machine/ssh.go
@@ -17,10 +17,11 @@ import (
var (
sshCmd = &cobra.Command{
- Use: "ssh [options] [NAME] [COMMAND [ARG ...]]",
- Short: "SSH into an existing machine",
- Long: "SSH into a managed virtual machine ",
- RunE: ssh,
+ Use: "ssh [options] [NAME] [COMMAND [ARG ...]]",
+ Short: "SSH into an existing machine",
+ Long: "SSH into a managed virtual machine ",
+ PersistentPreRunE: rootlessOnly,
+ RunE: ssh,
Example: `podman machine ssh myvm
podman machine ssh myvm echo hello`,
ValidArgsFunction: autocompleteMachineSSH,
diff --git a/cmd/podman/machine/start.go b/cmd/podman/machine/start.go
index 3bd7f4a25..e645bba87 100644
--- a/cmd/podman/machine/start.go
+++ b/cmd/podman/machine/start.go
@@ -18,6 +18,7 @@ var (
Use: "start [MACHINE]",
Short: "Start an existing machine",
Long: "Start a managed virtual machine ",
+ PersistentPreRunE: rootlessOnly,
RunE: start,
Args: cobra.MaximumNArgs(1),
Example: `podman machine start myvm`,
diff --git a/cmd/podman/machine/stop.go b/cmd/podman/machine/stop.go
index 993662792..ce87a44c4 100644
--- a/cmd/podman/machine/stop.go
+++ b/cmd/podman/machine/stop.go
@@ -17,6 +17,7 @@ var (
Use: "stop [MACHINE]",
Short: "Stop an existing machine",
Long: "Stop a managed virtual machine ",
+ PersistentPreRunE: rootlessOnly,
RunE: stop,
Args: cobra.MaximumNArgs(1),
Example: `podman machine stop myvm`,