aboutsummaryrefslogtreecommitdiff
path: root/pkg
diff options
context:
space:
mode:
authorOpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com>2021-05-26 16:51:21 +0200
committerGitHub <noreply@github.com>2021-05-26 16:51:21 +0200
commita5a2416b3533ed6b188ce8457adf5aa1f86cf49f (patch)
tree282472758d960d7f8ad4d2fee7ee7f2b5d6bdfee /pkg
parentb909bcaed613eb94333641fff4250c07f1ab4323 (diff)
parentf49023031d85ddf5700855ac374e63e2bbaa653e (diff)
downloadpodman-a5a2416b3533ed6b188ce8457adf5aa1f86cf49f.tar.gz
podman-a5a2416b3533ed6b188ce8457adf5aa1f86cf49f.tar.bz2
podman-a5a2416b3533ed6b188ce8457adf5aa1f86cf49f.zip
Merge pull request #10461 from mheon/rc3_backports
Backports for v3.2.0-RC3
Diffstat (limited to 'pkg')
-rw-r--r--pkg/api/server/server.go11
-rw-r--r--pkg/bindings/images/build.go44
-rw-r--r--pkg/bindings/images/build_unix.go16
-rw-r--r--pkg/bindings/images/build_windows.go9
-rw-r--r--pkg/cgroups/cgroups.go106
-rw-r--r--pkg/domain/infra/abi/containers.go2
-rw-r--r--pkg/domain/infra/tunnel/containers.go13
7 files changed, 169 insertions, 32 deletions
diff --git a/pkg/api/server/server.go b/pkg/api/server/server.go
index e23448fd1..972541bc6 100644
--- a/pkg/api/server/server.go
+++ b/pkg/api/server/server.go
@@ -136,7 +136,7 @@ func newServer(runtime *libpod.Runtime, duration time.Duration, listener *net.Li
}
}
- if logrus.IsLevelEnabled(logrus.DebugLevel) {
+ if logrus.IsLevelEnabled(logrus.TraceLevel) {
router.Walk(func(route *mux.Route, r *mux.Router, ancestors []*mux.Route) error { // nolint
path, err := route.GetPathTemplate()
if err != nil {
@@ -146,7 +146,7 @@ func newServer(runtime *libpod.Runtime, duration time.Duration, listener *net.Li
if err != nil {
methods = []string{"<N/A>"}
}
- logrus.Debugf("Methods: %6s Path: %s", strings.Join(methods, ", "), path)
+ logrus.Tracef("Methods: %6s Path: %s", strings.Join(methods, ", "), path)
return nil
})
}
@@ -162,13 +162,12 @@ func setupSystemd() {
if len(os.Getenv("NOTIFY_SOCKET")) == 0 {
return
}
- payload := fmt.Sprintf("MAINPID=%d", os.Getpid())
- payload += "\n"
+ payload := fmt.Sprintf("MAINPID=%d\n", os.Getpid())
payload += daemon.SdNotifyReady
if sent, err := daemon.SdNotify(true, payload); err != nil {
logrus.Errorf("Error notifying systemd of Conmon PID: %s", err.Error())
- } else if sent {
- logrus.Debugf("Notify sent successfully")
+ } else if !sent {
+ logrus.Warn("SDNotify not sent successfully")
}
if err := os.Unsetenv("INVOCATION_ID"); err != nil {
diff --git a/pkg/bindings/images/build.go b/pkg/bindings/images/build.go
index f5e7c0c98..346d55c47 100644
--- a/pkg/bindings/images/build.go
+++ b/pkg/bindings/images/build.go
@@ -28,6 +28,11 @@ import (
"github.com/sirupsen/logrus"
)
+type devino struct {
+ Dev uint64
+ Ino uint64
+}
+
var (
iidRegex = regexp.MustCompile(`^[0-9a-f]{12}`)
)
@@ -402,7 +407,7 @@ func nTar(excludes []string, sources ...string) (io.ReadCloser, error) {
defer pw.Close()
defer gw.Close()
defer tw.Close()
-
+ seen := make(map[devino]string)
for _, src := range sources {
s, err := filepath.Abs(src)
if err != nil {
@@ -431,25 +436,40 @@ func nTar(excludes []string, sources ...string) (io.ReadCloser, error) {
}
if info.Mode().IsRegular() { // add file item
- f, lerr := os.Open(path)
- if lerr != nil {
- return lerr
+ di, isHardLink := checkHardLink(info)
+ if err != nil {
+ return err
}
- hdr, lerr := tar.FileInfoHeader(info, name)
- if lerr != nil {
- f.Close()
- return lerr
+ hdr, err := tar.FileInfoHeader(info, "")
+ if err != nil {
+ return err
+ }
+ orig, ok := seen[di]
+ if ok {
+ hdr.Typeflag = tar.TypeLink
+ hdr.Linkname = orig
+ hdr.Size = 0
+ hdr.Name = name
+ return tw.WriteHeader(hdr)
+ }
+ f, err := os.Open(path)
+ if err != nil {
+ return err
}
+
hdr.Name = name
- if lerr := tw.WriteHeader(hdr); lerr != nil {
+ if err := tw.WriteHeader(hdr); err != nil {
f.Close()
- return lerr
+ return err
}
- _, cerr := io.Copy(tw, f)
+ _, err = io.Copy(tw, f)
f.Close()
- return cerr
+ if err == nil && isHardLink {
+ seen[di] = name
+ }
+ return err
} else if info.Mode().IsDir() { // add folders
hdr, lerr := tar.FileInfoHeader(info, name)
if lerr != nil {
diff --git a/pkg/bindings/images/build_unix.go b/pkg/bindings/images/build_unix.go
new file mode 100644
index 000000000..0afb1deb6
--- /dev/null
+++ b/pkg/bindings/images/build_unix.go
@@ -0,0 +1,16 @@
+// +build !windows
+
+package images
+
+import (
+ "os"
+ "syscall"
+)
+
+func checkHardLink(fi os.FileInfo) (devino, bool) {
+ st := fi.Sys().(*syscall.Stat_t)
+ return devino{
+ Dev: uint64(st.Dev),
+ Ino: uint64(st.Ino),
+ }, st.Nlink > 1
+}
diff --git a/pkg/bindings/images/build_windows.go b/pkg/bindings/images/build_windows.go
new file mode 100644
index 000000000..bd71d1bf0
--- /dev/null
+++ b/pkg/bindings/images/build_windows.go
@@ -0,0 +1,9 @@
+package images
+
+import (
+ "os"
+)
+
+func checkHardLink(fi os.FileInfo) (devino, bool) {
+ return devino{}, false
+}
diff --git a/pkg/cgroups/cgroups.go b/pkg/cgroups/cgroups.go
index aefb5183b..911edeb5b 100644
--- a/pkg/cgroups/cgroups.go
+++ b/pkg/cgroups/cgroups.go
@@ -128,28 +128,118 @@ func init() {
// getAvailableControllers get the available controllers
func getAvailableControllers(exclude map[string]controllerHandler, cgroup2 bool) ([]controller, error) {
if cgroup2 {
- return nil, fmt.Errorf("getAvailableControllers not implemented yet for cgroup v2")
+ controllers := []controller{}
+ subtreeControl := cgroupRoot + "/cgroup.subtree_control"
+ // rootless cgroupv2: check available controllers for current user ,systemd or servicescope will inherit
+ if rootless.IsRootless() {
+ userSlice, err := getCgroupPathForCurrentProcess()
+ if err != nil {
+ return controllers, err
+ }
+ //userSlice already contains '/' so not adding here
+ basePath := cgroupRoot + userSlice
+ subtreeControl = fmt.Sprintf("%s/cgroup.subtree_control", basePath)
+ }
+ subtreeControlBytes, err := ioutil.ReadFile(subtreeControl)
+ if err != nil {
+ return nil, errors.Wrapf(err, "failed while reading controllers for cgroup v2 from %q", subtreeControl)
+ }
+ for _, controllerName := range strings.Fields(string(subtreeControlBytes)) {
+ c := controller{
+ name: controllerName,
+ symlink: false,
+ }
+ controllers = append(controllers, c)
+ }
+ return controllers, nil
}
- infos, err := ioutil.ReadDir(cgroupRoot)
- if err != nil {
- return nil, err
- }
+ subsystems, _ := cgroupV1GetAllSubsystems()
controllers := []controller{}
- for _, i := range infos {
- name := i.Name()
+ // cgroupv1 and rootless: No subsystem is available: delegation is unsafe.
+ if rootless.IsRootless() {
+ return controllers, nil
+ }
+
+ for _, name := range subsystems {
if _, found := exclude[name]; found {
continue
}
+ isSymLink := false
+ fileInfo, err := os.Stat(cgroupRoot + "/" + name)
+ if err != nil {
+ isSymLink = !fileInfo.IsDir()
+ }
c := controller{
name: name,
- symlink: !i.IsDir(),
+ symlink: isSymLink,
}
controllers = append(controllers, c)
}
+
return controllers, nil
}
+// GetAvailableControllers get string:bool map of all the available controllers
+func GetAvailableControllers(exclude map[string]controllerHandler, cgroup2 bool) ([]string, error) {
+ availableControllers, err := getAvailableControllers(exclude, cgroup2)
+ if err != nil {
+ return nil, err
+ }
+ controllerList := []string{}
+ for _, controller := range availableControllers {
+ controllerList = append(controllerList, controller.name)
+ }
+
+ return controllerList, nil
+}
+
+func cgroupV1GetAllSubsystems() ([]string, error) {
+ f, err := os.Open("/proc/cgroups")
+ if err != nil {
+ return nil, err
+ }
+ defer f.Close()
+
+ subsystems := []string{}
+
+ s := bufio.NewScanner(f)
+ for s.Scan() {
+ text := s.Text()
+ if text[0] != '#' {
+ parts := strings.Fields(text)
+ if len(parts) >= 4 && parts[3] != "0" {
+ subsystems = append(subsystems, parts[0])
+ }
+ }
+ }
+ if err := s.Err(); err != nil {
+ return nil, err
+ }
+ return subsystems, nil
+}
+
+func getCgroupPathForCurrentProcess() (string, error) {
+ path := fmt.Sprintf("/proc/%d/cgroup", os.Getpid())
+ f, err := os.Open(path)
+ if err != nil {
+ return "", err
+ }
+ defer f.Close()
+
+ cgroupPath := ""
+ s := bufio.NewScanner(f)
+ for s.Scan() {
+ text := s.Text()
+ procEntries := strings.SplitN(text, "::", 2)
+ cgroupPath = procEntries[1]
+ }
+ if err := s.Err(); err != nil {
+ return cgroupPath, err
+ }
+ return cgroupPath, nil
+}
+
// getCgroupv1Path is a helper function to get the cgroup v1 path
func (c *CgroupControl) getCgroupv1Path(name string) string {
return filepath.Join(cgroupRoot, name, c.path)
diff --git a/pkg/domain/infra/abi/containers.go b/pkg/domain/infra/abi/containers.go
index d0a2b1bae..237a43441 100644
--- a/pkg/domain/infra/abi/containers.go
+++ b/pkg/domain/infra/abi/containers.go
@@ -275,7 +275,7 @@ func (ic *ContainerEngine) ContainerRm(ctx context.Context, namesOrIds []string,
case nil:
// remove container names that we successfully deleted
reports = append(reports, &report)
- case define.ErrNoSuchCtr:
+ case define.ErrNoSuchCtr, define.ErrCtrExists:
// There is still a potential this is a libpod container
tmpNames = append(tmpNames, ctr)
default:
diff --git a/pkg/domain/infra/tunnel/containers.go b/pkg/domain/infra/tunnel/containers.go
index 3830835cc..74ced300a 100644
--- a/pkg/domain/infra/tunnel/containers.go
+++ b/pkg/domain/infra/tunnel/containers.go
@@ -21,6 +21,7 @@ import (
"github.com/containers/podman/v3/pkg/errorhandling"
"github.com/containers/podman/v3/pkg/specgen"
"github.com/containers/podman/v3/pkg/util"
+ "github.com/containers/storage/types"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
)
@@ -580,7 +581,7 @@ func (ic *ContainerEngine) ContainerStart(ctx context.Context, namesOrIds []stri
if err := containers.Remove(ic.ClientCtx, ctr.ID, removeOptions); err != nil {
if errorhandling.Contains(err, define.ErrNoSuchCtr) ||
errorhandling.Contains(err, define.ErrCtrRemoved) {
- logrus.Warnf("Container %s does not exist: %v", ctr.ID, err)
+ logrus.Debugf("Container %s does not exist: %v", ctr.ID, err)
} else {
logrus.Errorf("Error removing container %s: %v", ctr.ID, err)
}
@@ -613,8 +614,9 @@ func (ic *ContainerEngine) ContainerStart(ctx context.Context, namesOrIds []stri
rmOptions := new(containers.RemoveOptions).WithForce(false).WithVolumes(true)
if err := containers.Remove(ic.ClientCtx, ctr.ID, rmOptions); err != nil {
if errorhandling.Contains(err, define.ErrNoSuchCtr) ||
- errorhandling.Contains(err, define.ErrCtrRemoved) {
- logrus.Warnf("Container %s does not exist: %v", ctr.ID, err)
+ errorhandling.Contains(err, define.ErrCtrRemoved) ||
+ errorhandling.Contains(err, types.ErrLayerUnknown) {
+ logrus.Debugf("Container %s does not exist: %v", ctr.ID, err)
} else {
logrus.Errorf("Error removing container %s: %v", ctr.ID, err)
}
@@ -691,8 +693,9 @@ func (ic *ContainerEngine) ContainerRun(ctx context.Context, opts entities.Conta
if !shouldRestart {
if err := containers.Remove(ic.ClientCtx, con.ID, new(containers.RemoveOptions).WithForce(false).WithVolumes(true)); err != nil {
if errorhandling.Contains(err, define.ErrNoSuchCtr) ||
- errorhandling.Contains(err, define.ErrCtrRemoved) {
- logrus.Warnf("Container %s does not exist: %v", con.ID, err)
+ errorhandling.Contains(err, define.ErrCtrRemoved) ||
+ errorhandling.Contains(err, types.ErrLayerUnknown) {
+ logrus.Debugf("Container %s does not exist: %v", con.ID, err)
} else {
logrus.Errorf("Error removing container %s: %v", con.ID, err)
}