diff options
author | Daniel J Walsh <dwalsh@redhat.com> | 2021-02-05 06:04:30 -0500 |
---|---|---|
committer | Matthew Heon <mheon@redhat.com> | 2021-02-18 11:18:18 -0500 |
commit | 873014e4eee81ab090b2c97ba0ce99be7c798b75 (patch) | |
tree | 43c582080cda97eb67a63d420e4b7f863b9b72c6 /test | |
parent | d05e31316cd5313e1dfba11bdcb1957d5855bc02 (diff) | |
download | podman-873014e4eee81ab090b2c97ba0ce99be7c798b75.tar.gz podman-873014e4eee81ab090b2c97ba0ce99be7c798b75.tar.bz2 podman-873014e4eee81ab090b2c97ba0ce99be7c798b75.zip |
Do not reset storage when running inside of a container
Currently if the host shares container storage with a container
running podman, the podman inside of the container resets the
storage on the host. This can cause issues on the host, as
well as causes the podman command running the container, to
fail to unmount /dev/shm.
podman run -ti --rm --privileged -v /var/lib/containers:/var/lib/containers quay.io/podman/stable podman run alpine echo hello
* unlinkat /var/lib/containers/storage/overlay-containers/a7f3c9deb0656f8de1d107e7ddff2d3c3c279c11c1635f233a0bffb16051fb2c/userdata/shm: device or resource busy
* unlinkat /var/lib/containers/storage/overlay-containers/a7f3c9deb0656f8de1d107e7ddff2d3c3c279c11c1635f233a0bffb16051fb2c/userdata/shm: device or resource busy
Since podman is volume mounting in the graphroot, it will add a flag to
/run/.containerenv to tell podman inside of container whether to reset storage or not.
Since the inner podman is running inside of the container, no reason to assume this is a fresh reboot, so if "container" environment variable is set then skip
reset of storage.
Also added tests to make sure /run/.containerenv is runnig correctly.
Fixes: https://github.com/containers/podman/issues/9191
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
<MH: Fixed cherry-pick conflicts>
Signed-off-by: Matthew Heon <mheon@redhat.com>
Diffstat (limited to 'test')
-rw-r--r-- | test/e2e/run_test.go | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/test/e2e/run_test.go b/test/e2e/run_test.go index 7d367cccf..bff3995df 100644 --- a/test/e2e/run_test.go +++ b/test/e2e/run_test.go @@ -47,6 +47,29 @@ var _ = Describe("Podman run", func() { Expect(session.ExitCode()).To(Equal(0)) }) + It("podman run check /run/.containerenv", func() { + session := podmanTest.Podman([]string{"run", ALPINE, "cat", "/run/.containerenv"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + Expect(session.OutputToString()).To(Equal("")) + + session = podmanTest.Podman([]string{"run", "--privileged", "--name=test1", ALPINE, "cat", "/run/.containerenv"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + Expect(session.OutputToString()).To(ContainSubstring("name=\"test1\"")) + Expect(session.OutputToString()).To(ContainSubstring("image=\"" + ALPINE + "\"")) + + session = podmanTest.Podman([]string{"run", "-v", "/:/host", ALPINE, "cat", "/run/.containerenv"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + Expect(session.OutputToString()).To(ContainSubstring("graphRootMounted=1")) + + session = podmanTest.Podman([]string{"run", "-v", "/:/host", "--privileged", ALPINE, "cat", "/run/.containerenv"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + Expect(session.OutputToString()).To(ContainSubstring("graphRootMounted=1")) + }) + It("podman run a container based on a complex local image name", func() { imageName := strings.TrimPrefix(nginx, "quay.io/") session := podmanTest.Podman([]string{"run", imageName, "ls"}) |