diff options
| -rw-r--r-- | libpod/boltdb_state_internal.go | 8 | ||||
| -rw-r--r-- | pkg/api/server/register_images.go | 4 | ||||
| -rw-r--r-- | pkg/bindings/images/rm.go | 2 | ||||
| -rw-r--r-- | pkg/varlinkapi/transfers.go | 2 | ||||
| -rw-r--r-- | test/system/030-run.bats | 4 | ||||
| -rw-r--r-- | test/system/160-volumes.bats | 13 | ||||
| -rw-r--r-- | test/system/250-systemd.bats | 7 |
7 files changed, 31 insertions, 9 deletions
diff --git a/libpod/boltdb_state_internal.go b/libpod/boltdb_state_internal.go index 33ff0720f..21d55bf77 100644 --- a/libpod/boltdb_state_internal.go +++ b/libpod/boltdb_state_internal.go @@ -695,7 +695,10 @@ func (s *BoltState) addContainer(ctr *Container, pod *Pod) error { return errors.Wrapf(define.ErrNoSuchVolume, "no volume with name %s found in database when adding container %s", vol.Name, ctr.ID()) } - ctrDepsBkt := volDB.Bucket(volDependenciesBkt) + ctrDepsBkt, err := volDB.CreateBucketIfNotExists(volDependenciesBkt) + if err != nil { + return errors.Wrapf(err, "error creating volume %s dependencies bucket to add container %s", vol.Name, ctr.ID()) + } if depExists := ctrDepsBkt.Get(ctrID); depExists == nil { if err := ctrDepsBkt.Put(ctrID, ctrID); err != nil { return errors.Wrapf(err, "error adding container %s to volume %s dependencies", ctr.ID(), vol.Name) @@ -890,6 +893,9 @@ func (s *BoltState) removeContainer(ctr *Container, pod *Pod, tx *bolt.Tx) error } ctrDepsBkt := volDB.Bucket(volDependenciesBkt) + if ctrDepsBkt == nil { + return errors.Wrapf(define.ErrInternal, "volume %s is missing container dependencies bucket, cannot remove container %s from dependencies", vol.Name, ctr.ID()) + } if depExists := ctrDepsBkt.Get(ctrID); depExists == nil { if err := ctrDepsBkt.Delete(ctrID); err != nil { return errors.Wrapf(err, "error deleting container %s dependency on volume %s", ctr.ID(), vol.Name) diff --git a/pkg/api/server/register_images.go b/pkg/api/server/register_images.go index 0e8d68b7e..36f939779 100644 --- a/pkg/api/server/register_images.go +++ b/pkg/api/server/register_images.go @@ -854,7 +854,7 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error { // 500: // $ref: '#/responses/InternalError' r.Handle(VersionedPath("/libpod/images/remove"), s.APIHandler(libpod.ImagesBatchRemove)).Methods(http.MethodDelete) - // swagger:operation DELETE /libpod/images/{name:.*}/remove libpod libpodRemoveImage + // swagger:operation DELETE /libpod/images/{name:.*} libpod libpodRemoveImage // --- // tags: // - images @@ -883,7 +883,7 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error { // $ref: '#/responses/ConflictError' // 500: // $ref: '#/responses/InternalError' - r.Handle(VersionedPath("/libpod/images/{name:.*}/remove"), s.APIHandler(libpod.ImagesRemove)).Methods(http.MethodDelete) + r.Handle(VersionedPath("/libpod/images/{name:.*}"), s.APIHandler(libpod.ImagesRemove)).Methods(http.MethodDelete) // swagger:operation POST /libpod/images/pull libpod libpodImagesPull // --- // tags: diff --git a/pkg/bindings/images/rm.go b/pkg/bindings/images/rm.go index e3b5590df..05aa3f9ca 100644 --- a/pkg/bindings/images/rm.go +++ b/pkg/bindings/images/rm.go @@ -52,7 +52,7 @@ func Remove(ctx context.Context, nameOrID string, force bool) (*entities.ImageRe params := url.Values{} params.Set("force", strconv.FormatBool(force)) - response, err := conn.DoRequest(nil, http.MethodDelete, "/images/%s/remove", params, nameOrID) + response, err := conn.DoRequest(nil, http.MethodDelete, "/images/%s", params, nameOrID) if err != nil { return nil, err } diff --git a/pkg/varlinkapi/transfers.go b/pkg/varlinkapi/transfers.go index 9df8ffcdc..aed6e054d 100644 --- a/pkg/varlinkapi/transfers.go +++ b/pkg/varlinkapi/transfers.go @@ -39,7 +39,7 @@ func (i *VarlinkAPI) SendFile(call iopodman.VarlinkCall, ftype string, length in logrus.Debugf("successfully received %s", outputFile.Name()) // Send an ACK to the client - call.Call.Writer.WriteString(outputFile.Name()) + call.Call.Writer.WriteString(outputFile.Name() + ":") call.Call.Writer.Flush() return nil diff --git a/test/system/030-run.bats b/test/system/030-run.bats index ae2e39d6b..1bcf3896f 100644 --- a/test/system/030-run.bats +++ b/test/system/030-run.bats @@ -8,8 +8,8 @@ load helpers # 2019-09 Fedora 31 and rawhide (32) are switching from runc to crun # because of cgroups v2; crun emits different error messages. # Default to runc: - err_no_such_cmd="Error: .*: starting container process caused .*exec:.*stat /no/such/command: no such file or directory" - err_no_exec_dir="Error: .*: starting container process caused .*exec:.* permission denied" + err_no_such_cmd="Error: .*: starting container process caused.*exec:.*stat /no/such/command: no such file or directory" + err_no_exec_dir="Error: .*: starting container process caused.*exec:.* permission denied" # ...but check the configured runtime engine, and switch to crun as needed run_podman info --format '{{ .Host.OCIRuntime.Path }}' diff --git a/test/system/160-volumes.bats b/test/system/160-volumes.bats index cd9f3c8ad..5d65a950f 100644 --- a/test/system/160-volumes.bats +++ b/test/system/160-volumes.bats @@ -116,8 +116,17 @@ EOF chmod 755 $mountpoint/myscript # By default, volumes are mounted noexec. This should fail. - run_podman 126 run --rm --volume $myvolume:/vol:z $IMAGE /vol/myscript - is "$output" ".* OCI runtime permission denied.*" "run on volume, noexec" + # ARGH. Unfortunately, runc (used for cgroups v1) produces a different error + local expect_rc=126 + local expect_msg='.* OCI runtime permission denied.*' + run_podman info --format '{{ .Host.OCIRuntime.Path }}' + if expr "$output" : ".*/runc"; then + expect_rc=1 + expect_msg='.* exec user process caused.*permission denied' + fi + + run_podman ${expect_rc} run --rm --volume $myvolume:/vol:z $IMAGE /vol/myscript + is "$output" "$expect_msg" "run on volume, noexec" # With exec, it should pass run_podman run --rm -v $myvolume:/vol:z,exec $IMAGE /vol/myscript diff --git a/test/system/250-systemd.bats b/test/system/250-systemd.bats index cdac43c1c..4bee13414 100644 --- a/test/system/250-systemd.bats +++ b/test/system/250-systemd.bats @@ -33,6 +33,13 @@ function teardown() { # This test can fail in dev. environment because of SELinux. # quick fix: chcon -t container_runtime_exec_t ./bin/podman @test "podman generate - systemd - basic" { + # podman initializes this if unset, but systemctl doesn't + if is_rootless; then + if [ -z "$XDG_RUNTIME_DIR" ]; then + export XDG_RUNTIME_DIR=/run/user/$(id -u) + fi + fi + cname=$(random_string) run_podman create --name $cname --detach $IMAGE top |