aboutsummaryrefslogtreecommitdiff
path: root/libpod
diff options
context:
space:
mode:
authorGiuseppe Scrivano <gscrivan@redhat.com>2018-07-11 09:38:04 +0200
committerGiuseppe Scrivano <gscrivan@redhat.com>2018-07-11 09:38:04 +0200
commit340becf542b240f82ffda0fe998da334a3ffbd0b (patch)
tree0e6ceff916c036ae2b6686b8113f12271bc44986 /libpod
parent7e3c0d493e1afbae284071643d1a46c571776a04 (diff)
downloadpodman-340becf542b240f82ffda0fe998da334a3ffbd0b.tar.gz
podman-340becf542b240f82ffda0fe998da334a3ffbd0b.tar.bz2
podman-340becf542b240f82ffda0fe998da334a3ffbd0b.zip
rootless: propagate errors from GetRootlessRuntimeDir()
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Diffstat (limited to 'libpod')
-rw-r--r--libpod/oci.go21
-rw-r--r--libpod/runtime.go39
2 files changed, 48 insertions, 12 deletions
diff --git a/libpod/oci.go b/libpod/oci.go
index 612935aed..c0478b3b6 100644
--- a/libpod/oci.go
+++ b/libpod/oci.go
@@ -180,6 +180,11 @@ func waitPidsStop(pids []int, timeout time.Duration) error {
func (r *OCIRuntime) createOCIContainer(ctr *Container, cgroupParent string) (err error) {
var stderrBuf bytes.Buffer
+ runtimeDir, err := GetRootlessRuntimeDir()
+ if err != nil {
+ return err
+ }
+
parentPipe, childPipe, err := newPipe()
if err != nil {
return errors.Wrapf(err, "error creating socket pair")
@@ -253,7 +258,7 @@ func (r *OCIRuntime) createOCIContainer(ctr *Container, cgroupParent string) (er
// 0, 1 and 2 are stdin, stdout and stderr
cmd.Env = append(r.conmonEnv, fmt.Sprintf("_OCI_SYNCPIPE=%d", 3))
cmd.Env = append(cmd.Env, fmt.Sprintf("_OCI_STARTPIPE=%d", 4))
- cmd.Env = append(cmd.Env, fmt.Sprintf("XDG_RUNTIME_DIR=%s", GetRootlessRuntimeDir()))
+ cmd.Env = append(cmd.Env, fmt.Sprintf("XDG_RUNTIME_DIR=%s", runtimeDir))
if notify, ok := os.LookupEnv("NOTIFY_SOCKET"); ok {
cmd.Env = append(cmd.Env, fmt.Sprintf("NOTIFY_SOCKET=%s", notify))
}
@@ -362,11 +367,16 @@ func (r *OCIRuntime) createOCIContainer(ctr *Container, cgroupParent string) (er
func (r *OCIRuntime) updateContainerStatus(ctr *Container) error {
state := new(spec.State)
+ runtimeDir, err := GetRootlessRuntimeDir()
+ if err != nil {
+ return err
+ }
+
// Store old state so we know if we were already stopped
oldState := ctr.state.State
cmd := exec.Command(r.path, "state", ctr.ID())
- cmd.Env = append(cmd.Env, fmt.Sprintf("XDG_RUNTIME_DIR=%s", GetRootlessRuntimeDir()))
+ cmd.Env = append(cmd.Env, fmt.Sprintf("XDG_RUNTIME_DIR=%s", runtimeDir))
out, err := cmd.CombinedOutput()
if err != nil {
@@ -556,6 +566,11 @@ func (r *OCIRuntime) execContainer(c *Container, cmd, capAdd, env []string, tty
return nil, errors.Wrapf(ErrEmptyID, "must provide a session ID for exec")
}
+ runtimeDir, err := GetRootlessRuntimeDir()
+ if err != nil {
+ return nil, err
+ }
+
args := []string{}
// TODO - should we maintain separate logpaths for exec sessions?
@@ -597,7 +612,7 @@ func (r *OCIRuntime) execContainer(c *Container, cmd, capAdd, env []string, tty
execCmd.Stdout = os.Stdout
execCmd.Stderr = os.Stderr
execCmd.Stdin = os.Stdin
- execCmd.Env = append(execCmd.Env, fmt.Sprintf("XDG_RUNTIME_DIR=%s", GetRootlessRuntimeDir()))
+ execCmd.Env = append(execCmd.Env, fmt.Sprintf("XDG_RUNTIME_DIR=%s", runtimeDir))
return execCmd, nil
}
diff --git a/libpod/runtime.go b/libpod/runtime.go
index ce64f0d5b..d0cc1eaa5 100644
--- a/libpod/runtime.go
+++ b/libpod/runtime.go
@@ -167,7 +167,7 @@ var (
CgroupManager: CgroupfsCgroupsManager,
HooksDir: hooks.DefaultDir,
StaticDir: filepath.Join(storage.DefaultStoreOptions.GraphRoot, "libpod"),
- TmpDir: getDefaultTmpDir(),
+ TmpDir: "",
MaxLogSize: -1,
NoPivotRoot: false,
CNIConfigDir: "/etc/cni/net.d/",
@@ -176,7 +176,7 @@ var (
)
// GetRootlessRuntimeDir returns the runtime directory when running as non root
-func GetRootlessRuntimeDir() string {
+func GetRootlessRuntimeDir() (string, error) {
runtimeDir := os.Getenv("XDG_RUNTIME_DIR")
uid := fmt.Sprintf("%d", rootless.GetRootlessUID())
if runtimeDir == "" {
@@ -196,18 +196,29 @@ func GetRootlessRuntimeDir() string {
}
}
if runtimeDir == "" {
- runtimeDir = filepath.Join(os.Getenv("HOME"), "rundir")
+ home := os.Getenv("HOME")
+ if home == "" {
+ return "", fmt.Errorf("neither XDG_RUNTIME_DIR nor HOME was set non-empty")
+ }
+ resolvedHome, err := filepath.EvalSymlinks(home)
+ if err != nil {
+ return "", errors.Wrapf(err, "cannot resolve %s", home)
+ }
+ runtimeDir = filepath.Join(resolvedHome, "rundir")
}
- return runtimeDir
+ return runtimeDir, nil
}
-func getDefaultTmpDir() string {
+func getDefaultTmpDir() (string, error) {
if !rootless.IsRootless() {
- return "/var/run/libpod"
+ return "/var/run/libpod", nil
}
- rootlessRuntimeDir := GetRootlessRuntimeDir()
- return filepath.Join(rootlessRuntimeDir, "libpod", "tmp")
+ rootlessRuntimeDir, err := GetRootlessRuntimeDir()
+ if err != nil {
+ return "", err
+ }
+ return filepath.Join(rootlessRuntimeDir, "libpod", "tmp"), nil
}
// NewRuntime creates a new container runtime
@@ -217,7 +228,12 @@ func NewRuntime(options ...RuntimeOption) (runtime *Runtime, err error) {
runtime.config = new(RuntimeConfig)
// Copy the default configuration
+ tmpDir, err := getDefaultTmpDir()
+ if err != nil {
+ return nil, err
+ }
deepcopier.Copy(defaultRuntimeConfig).To(runtime.config)
+ runtime.config.TmpDir = tmpDir
configPath := ConfigPath
foundConfig := true
@@ -227,9 +243,14 @@ func NewRuntime(options ...RuntimeOption) (runtime *Runtime, err error) {
foundConfig = false
}
+ runtimeDir, err := GetRootlessRuntimeDir()
+ if err != nil {
+ return nil, err
+ }
+
// containers/image uses XDG_RUNTIME_DIR to locate the auth file.
// So make sure the env variable is set.
- err = os.Setenv("XDG_RUNTIME_DIR", GetRootlessRuntimeDir())
+ err = os.Setenv("XDG_RUNTIME_DIR", runtimeDir)
if err != nil {
return nil, errors.Wrapf(err, "cannot set XDG_RUNTIME_DIR")
}