diff options
| author | Brent Baude <bbaude@redhat.com> | 2022-03-04 10:51:08 -0600 |
|---|---|---|
| committer | Brent Baude <bbaude@redhat.com> | 2022-03-07 14:05:06 -0600 |
| commit | cdb6deb148f72cad9794dec176e4df1b81d31d08 (patch) | |
| tree | 63383f75abd5120f8687b66e482ff21c2c73f283 /pkg/machine/ignition.go | |
| parent | e1f00b451234fb673505c54051a97d5748c99d3e (diff) | |
| download | podman-cdb6deb148f72cad9794dec176e4df1b81d31d08.tar.gz podman-cdb6deb148f72cad9794dec176e4df1b81d31d08.tar.bz2 podman-cdb6deb148f72cad9794dec176e4df1b81d31d08.zip | |
MacOS improvements
* Enable support of virtfs in Podman and darwin. At the time of this writing, it requires a special patch not yet included in upstream qemu.
* Prefer to use a specially built qemu to support virtfs. The qemu is installed under libexec/podman.
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
Diffstat (limited to 'pkg/machine/ignition.go')
| -rw-r--r-- | pkg/machine/ignition.go | 28 |
1 files changed, 24 insertions, 4 deletions
diff --git a/pkg/machine/ignition.go b/pkg/machine/ignition.go index 47b1836f0..b2dabb689 100644 --- a/pkg/machine/ignition.go +++ b/pkg/machine/ignition.go @@ -51,6 +51,7 @@ type DynamicIgnition struct { Name string Key string TimeZone string + UID int VMName string WritePath string } @@ -63,12 +64,13 @@ func NewIgnitionFile(ign DynamicIgnition) error { ignVersion := Ignition{ Version: "3.2.0", } - ignPassword := Passwd{ Users: []PasswdUser{ { Name: ign.Name, SSHAuthorizedKeys: []SSHAuthorizedKey{SSHAuthorizedKey(ign.Key)}, + // Set the UID of the core user inside the machine + UID: intToPtr(ign.UID), }, { Name: "root", @@ -289,9 +291,7 @@ func getDirs(usrName string) []Directory { } func getFiles(usrName string) []File { - var ( - files []File - ) + files := make([]File, 0) lingerExample := `[Unit] Description=A systemd user unit demo @@ -310,6 +310,7 @@ machine_enabled=true delegateConf := `[Service] Delegate=memory pids cpu io ` + subUID := `%s:100000:1000000` // Add a fake systemd service to get the user socket rolling files = append(files, File{ @@ -344,6 +345,25 @@ Delegate=memory pids cpu io }, }) + // Setup /etc/subuid and /etc/subgid + for _, sub := range []string{"/etc/subuid", "/etc/subgid"} { + files = append(files, File{ + Node: Node{ + Group: getNodeGrp("root"), + Path: sub, + User: getNodeUsr("root"), + Overwrite: boolToPtr(true), + }, + FileEmbedded1: FileEmbedded1{ + Append: nil, + Contents: Resource{ + Source: encodeDataURLPtr(fmt.Sprintf(subUID, usrName)), + }, + Mode: intToPtr(0744), + }, + }) + } + // Set delegate.conf so cpu,io subsystem is delegated to non-root users as well for cgroupv2 // by default files = append(files, File{ |