Merge pull request #2706 from giuseppe/rootless-single-usernamespace

rootless: single user namespace

2 files changed, 0 insertions, 80 deletions

diff --git a/pkg/adapter/runtime.go b/pkg/adapter/runtime.go
index dd51c7233..182a04044 100644
--- a/pkg/adapter/runtime.go
+++ b/pkg/adapter/runtime.go
@@ -8,7 +8,6 @@ import (
 	"io"
 	"io/ioutil"
 	"os"
-	"strconv"
 	"text/template"
 
 	"github.com/containers/buildah"
@@ -124,38 +123,6 @@ func (r *LocalRuntime) Export(name string, path string) error {
 	if err != nil {
 		return errors.Wrapf(err, "error looking up container %q", name)
 	}
-	if os.Geteuid() != 0 {
-		state, err := ctr.State()
-		if err != nil {
-			return errors.Wrapf(err, "cannot read container state %q", ctr.ID())
-		}
-		if state == libpod.ContainerStateRunning || state == libpod.ContainerStatePaused {
-			data, err := ioutil.ReadFile(ctr.Config().ConmonPidFile)
-			if err != nil {
-				return errors.Wrapf(err, "cannot read conmon PID file %q", ctr.Config().ConmonPidFile)
-			}
-			conmonPid, err := strconv.Atoi(string(data))
-			if err != nil {
-				return errors.Wrapf(err, "cannot parse PID %q", data)
-			}
-			became, ret, err := rootless.JoinDirectUserAndMountNS(uint(conmonPid))
-			if err != nil {
-				return err
-			}
-			if became {
-				os.Exit(ret)
-			}
-		} else {
-			became, ret, err := rootless.BecomeRootInUserNS()
-			if err != nil {
-				return err
-			}
-			if became {
-				os.Exit(ret)
-			}
-		}
-	}
-
 	return ctr.Export(path)
 }
 
@@ -343,46 +310,6 @@ func (r *LocalRuntime) HealthCheck(c *cliconfig.HealthCheckValues) (libpod.Healt
 	return r.Runtime.HealthCheck(c.InputArgs[0])
 }
 
-// JoinOrCreateRootlessPod joins the specified pod if it is running or it creates a new user namespace
-// if the pod is stopped
-func (r *LocalRuntime) JoinOrCreateRootlessPod(pod *Pod) (bool, int, error) {
-	if os.Geteuid() == 0 {
-		return false, 0, nil
-	}
-	opts := rootless.Opts{
-		Argument: pod.ID(),
-	}
-
-	inspect, err := pod.Inspect()
-	if err != nil {
-		return false, 0, err
-	}
-	for _, ctr := range inspect.Containers {
-		prevCtr, err := r.LookupContainer(ctr.ID)
-		if err != nil {
-			return false, -1, err
-		}
-		s, err := prevCtr.State()
-		if err != nil {
-			return false, -1, err
-		}
-		if s != libpod.ContainerStateRunning && s != libpod.ContainerStatePaused {
-			continue
-		}
-		data, err := ioutil.ReadFile(prevCtr.Config().ConmonPidFile)
-		if err != nil {
-			return false, -1, errors.Wrapf(err, "cannot read conmon PID file %q", prevCtr.Config().ConmonPidFile)
-		}
-		conmonPid, err := strconv.Atoi(string(data))
-		if err != nil {
-			return false, -1, errors.Wrapf(err, "cannot parse PID %q", data)
-		}
-		return rootless.JoinDirectUserAndMountNSWithOpts(uint(conmonPid), &opts)
-	}
-
-	return rootless.BecomeRootInUserNSWithOpts(&opts)
-}
-
 // Events is a wrapper to libpod to obtain libpod/podman events
 func (r *LocalRuntime) Events(c *cliconfig.EventValues) error {
 	var (
diff --git a/pkg/adapter/runtime_remote.go b/pkg/adapter/runtime_remote.go
index c3a4f322d..978c9ffd8 100644
--- a/pkg/adapter/runtime_remote.go
+++ b/pkg/adapter/runtime_remote.go
@@ -755,13 +755,6 @@ func (r *LocalRuntime) HealthCheck(c *cliconfig.HealthCheckValues) (libpod.Healt
 	return -1, libpod.ErrNotImplemented
 }
 
-// JoinOrCreateRootlessPod joins the specified pod if it is running or it creates a new user namespace
-// if the pod is stopped
-func (r *LocalRuntime) JoinOrCreateRootlessPod(pod *Pod) (bool, int, error) {
-	// Nothing to do in the remote case
-	return true, 0, nil
-}
-
 // Events monitors libpod/podman events over a varlink connection
 func (r *LocalRuntime) Events(c *cliconfig.EventValues) error {
 	var more uint64