summaryrefslogtreecommitdiff
path: root/pkg/specgen/generate
diff options
context:
space:
mode:
authorDaniel J Walsh <dwalsh@redhat.com>2020-04-30 08:40:16 -0400
committerDaniel J Walsh <dwalsh@redhat.com>2020-05-01 15:00:33 -0400
commit97fcbfcbec4c754f2c5a71daadbf933a6ebb0634 (patch)
tree7a1011275dea1080277c0fc4f9761757a56aaf76 /pkg/specgen/generate
parent4a2765c4989df88681c18333c1ae45017e09613a (diff)
downloadpodman-97fcbfcbec4c754f2c5a71daadbf933a6ebb0634.tar.gz
podman-97fcbfcbec4c754f2c5a71daadbf933a6ebb0634.tar.bz2
podman-97fcbfcbec4c754f2c5a71daadbf933a6ebb0634.zip
cgroupsns was not following containers.conf
Implement ParseCgroupsNamespace to handle defaults. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Diffstat (limited to 'pkg/specgen/generate')
-rw-r--r--pkg/specgen/generate/namespaces.go54
1 files changed, 14 insertions, 40 deletions
diff --git a/pkg/specgen/generate/namespaces.go b/pkg/specgen/generate/namespaces.go
index a8b74b504..5c065cdda 100644
--- a/pkg/specgen/generate/namespaces.go
+++ b/pkg/specgen/generate/namespaces.go
@@ -7,7 +7,6 @@ import (
"github.com/containers/common/pkg/config"
"github.com/containers/libpod/libpod"
"github.com/containers/libpod/libpod/define"
- "github.com/containers/libpod/pkg/cgroups"
"github.com/containers/libpod/pkg/rootless"
"github.com/containers/libpod/pkg/specgen"
"github.com/containers/libpod/pkg/util"
@@ -49,51 +48,26 @@ func GetDefaultNamespaceMode(nsType string, cfg *config.Config, pod *libpod.Pod)
}
}
- // If we have containers.conf and are not using cgroupns, use that.
- if cfg != nil && nsType != "cgroup" {
- switch nsType {
- case "pid":
- return specgen.ParseNamespace(cfg.Containers.PidNS)
- case "ipc":
- return specgen.ParseNamespace(cfg.Containers.IPCNS)
- case "uts":
- return specgen.ParseNamespace(cfg.Containers.UTSNS)
- case "user":
- return specgen.ParseUserNamespace(cfg.Containers.UserNS)
- case "net":
- ns, _, err := specgen.ParseNetworkNamespace(cfg.Containers.NetNS)
- return ns, err
- }
+ if cfg == nil {
+ cfg = &config.Config{}
}
-
switch nsType {
- case "pid", "ipc", "uts":
- // PID, IPC, UTS both default to private, do nothing
+ case "pid":
+ return specgen.ParseNamespace(cfg.Containers.PidNS)
+ case "ipc":
+ return specgen.ParseNamespace(cfg.Containers.IPCNS)
+ case "uts":
+ return specgen.ParseNamespace(cfg.Containers.UTSNS)
case "user":
- // User namespace always defaults to host
- toReturn.NSMode = specgen.Host
- case "net":
- // Net defaults to Slirp on rootless, Bridge otherwise.
- if rootless.IsRootless() {
- toReturn.NSMode = specgen.Slirp
- } else {
- toReturn.NSMode = specgen.Bridge
- }
+ return specgen.ParseUserNamespace(cfg.Containers.UserNS)
case "cgroup":
- // Cgroup is host for v1, private for v2.
- // We can't trust c/common for this, as it only assumes private.
- cgroupsv2, err := cgroups.IsCgroup2UnifiedMode()
- if err != nil {
- return toReturn, err
- }
- if !cgroupsv2 {
- toReturn.NSMode = specgen.Host
- }
- default:
- return toReturn, errors.Wrapf(define.ErrInvalidArg, "invalid namespace type %s passed", nsType)
+ return specgen.ParseCgroupNamespace(cfg.Containers.CgroupNS)
+ case "net":
+ ns, _, err := specgen.ParseNetworkNamespace(cfg.Containers.NetNS)
+ return ns, err
}
- return toReturn, nil
+ return toReturn, errors.Wrapf(define.ErrInvalidArg, "invalid namespace type %q passed", nsType)
}
// GenerateNamespaceOptions generates container creation options for all