diff options
-rw-r--r-- | cmd/podman/common/create_opts.go | 2 | ||||
-rw-r--r-- | cmd/podman/common/specgen.go | 64 | ||||
-rw-r--r-- | cmd/podman/containers/create.go | 2 | ||||
-rw-r--r-- | cmd/podman/containers/ps.go | 4 | ||||
-rw-r--r-- | cmd/podman/containers/start.go | 2 | ||||
-rw-r--r-- | cmd/podman/containers/stats.go | 4 | ||||
-rw-r--r-- | cmd/podman/images/history.go | 5 | ||||
-rw-r--r-- | cmd/podman/images/list.go | 6 | ||||
-rw-r--r-- | cmd/podman/networks/inspect.go | 2 | ||||
-rw-r--r-- | cmd/podman/networks/list.go | 2 | ||||
-rw-r--r-- | cmd/podman/registry/config.go | 2 | ||||
-rw-r--r-- | cmd/podman/system/df.go | 2 | ||||
-rw-r--r-- | cmd/podman/system/events.go | 2 | ||||
-rw-r--r-- | cmd/podman/volumes/inspect.go | 2 | ||||
-rw-r--r-- | cmd/podman/volumes/list.go | 2 | ||||
-rw-r--r-- | docs/source/markdown/podman-run.1.md | 2 | ||||
-rw-r--r-- | libpod/container_internal.go | 35 | ||||
-rw-r--r-- | libpod/runtime_img.go | 2 | ||||
-rw-r--r-- | pkg/specgen/generate/ports.go | 15 | ||||
-rw-r--r-- | test/e2e/ps_test.go | 8 | ||||
-rw-r--r-- | test/e2e/run_networking_test.go | 16 | ||||
-rw-r--r-- | test/e2e/run_ns_test.go | 31 |
22 files changed, 154 insertions, 58 deletions
diff --git a/cmd/podman/common/create_opts.go b/cmd/podman/common/create_opts.go index 08ffa5544..bb50df8c9 100644 --- a/cmd/podman/common/create_opts.go +++ b/cmd/podman/common/create_opts.go @@ -10,7 +10,7 @@ type ContainerCLIOpts struct { BlkIOWeightDevice []string CapAdd []string CapDrop []string - CGroupsNS string + CgroupNS string CGroupsMode string CGroupParent string CIDFile string diff --git a/cmd/podman/common/specgen.go b/cmd/podman/common/specgen.go index aa8669e7a..7716fc150 100644 --- a/cmd/podman/common/specgen.go +++ b/cmd/podman/common/specgen.go @@ -186,6 +186,46 @@ func getMemoryLimits(s *specgen.SpecGenerator, c *ContainerCLIOpts) (*specs.Linu return memory, nil } +func setNamespaces(s *specgen.SpecGenerator, c *ContainerCLIOpts) error { + var err error + + if c.PID != "" { + s.PidNS, err = specgen.ParseNamespace(c.PID) + if err != nil { + return err + } + } + if c.IPC != "" { + s.IpcNS, err = specgen.ParseNamespace(c.IPC) + if err != nil { + return err + } + } + if c.UTS != "" { + s.UtsNS, err = specgen.ParseNamespace(c.UTS) + if err != nil { + return err + } + } + if c.CgroupNS != "" { + s.CgroupNS, err = specgen.ParseNamespace(c.CgroupNS) + if err != nil { + return err + } + } + // userns must be treated differently + if c.UserNS != "" { + s.UserNS, err = specgen.ParseUserNamespace(c.UserNS) + if err != nil { + return err + } + } + if c.Net != nil { + s.NetNS = c.Net.Network + } + return nil +} + func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string) error { var ( err error @@ -250,28 +290,8 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string } s.Expose = expose - for k, v := range map[string]*specgen.Namespace{ - c.IPC: &s.IpcNS, - c.PID: &s.PidNS, - c.UTS: &s.UtsNS, - c.CGroupsNS: &s.CgroupNS, - } { - if k != "" { - *v, err = specgen.ParseNamespace(k) - if err != nil { - return err - } - } - } - // userns must be treated differently - if c.UserNS != "" { - s.UserNS, err = specgen.ParseUserNamespace(c.UserNS) - if err != nil { - return err - } - } - if c.Net != nil { - s.NetNS = c.Net.Network + if err := setNamespaces(s, c); err != nil { + return err } if sig := c.StopSignal; len(sig) > 0 { diff --git a/cmd/podman/containers/create.go b/cmd/podman/containers/create.go index 10761be33..41e63da76 100644 --- a/cmd/podman/containers/create.go +++ b/cmd/podman/containers/create.go @@ -195,7 +195,7 @@ func createInit(c *cobra.Command) error { cliVals.IPC = c.Flag("ipc").Value.String() cliVals.UTS = c.Flag("uts").Value.String() cliVals.PID = c.Flag("pid").Value.String() - cliVals.CGroupsNS = c.Flag("cgroupns").Value.String() + cliVals.CgroupNS = c.Flag("cgroupns").Value.String() if c.Flag("entrypoint").Changed { val := c.Flag("entrypoint").Value.String() cliVals.Entrypoint = &val diff --git a/cmd/podman/containers/ps.go b/cmd/podman/containers/ps.go index 7c84cbae1..34f06d349 100644 --- a/cmd/podman/containers/ps.go +++ b/cmd/podman/containers/ps.go @@ -307,6 +307,10 @@ func (l psReporter) Status() string { return l.State() } +func (l psReporter) RunningFor() string { + return l.CreatedHuman() +} + // Command returns the container command in string format func (l psReporter) Command() string { command := strings.Join(l.ListContainer.Command, " ") diff --git a/cmd/podman/containers/start.go b/cmd/podman/containers/start.go index 21f22b986..8f9984421 100644 --- a/cmd/podman/containers/start.go +++ b/cmd/podman/containers/start.go @@ -99,7 +99,7 @@ func start(cmd *cobra.Command, args []string) error { } for _, r := range responses { - if r.Err == nil { + if r.Err == nil && !startOptions.Attach { fmt.Println(r.RawInput) } else { errs = append(errs, r.Err) diff --git a/cmd/podman/containers/stats.go b/cmd/podman/containers/stats.go index 86674cfc9..76a6ab46e 100644 --- a/cmd/podman/containers/stats.go +++ b/cmd/podman/containers/stats.go @@ -230,8 +230,8 @@ func outputJSON(stats []*containerStats) error { Id: j.ID(), Name: j.Name, CpuPercent: j.CPUPerc(), - MemUsage: j.MemPerc(), - MemPerc: j.MemUsage(), + MemUsage: j.MemUsage(), + MemPerc: j.MemPerc(), NetIO: j.NetIO(), BlockIO: j.BlockIO(), Pids: j.PIDS(), diff --git a/cmd/podman/images/history.go b/cmd/podman/images/history.go index 3732e6e03..1f0fd9a79 100644 --- a/cmd/podman/images/history.go +++ b/cmd/podman/images/history.go @@ -125,7 +125,10 @@ func history(cmd *cobra.Command, args []string) error { } format := hdr + "{{range . }}" + row + "{{end}}" - tmpl := template.Must(template.New("report").Parse(format)) + tmpl, err := template.New("report").Parse(format) + if err != nil { + return err + } w := tabwriter.NewWriter(os.Stdout, 8, 2, 2, ' ', 0) err = tmpl.Execute(w, hr) if err != nil { diff --git a/cmd/podman/images/list.go b/cmd/podman/images/list.go index 94d03bd6f..ea88b519b 100644 --- a/cmd/podman/images/list.go +++ b/cmd/podman/images/list.go @@ -168,7 +168,11 @@ func writeTemplate(imgs []imageReporter) error { } } format := hdr + "{{range . }}" + row + "{{end}}" - tmpl := template.Must(template.New("list").Parse(format)) + tmpl, err := template.New("list").Parse(format) + if err != nil { + return err + } + tmpl = template.Must(tmpl, nil) w := tabwriter.NewWriter(os.Stdout, 8, 2, 2, ' ', 0) defer w.Flush() return tmpl.Execute(w, imgs) diff --git a/cmd/podman/networks/inspect.go b/cmd/podman/networks/inspect.go index 0ce1b5e83..4afebf620 100644 --- a/cmd/podman/networks/inspect.go +++ b/cmd/podman/networks/inspect.go @@ -3,10 +3,10 @@ package network import ( "encoding/json" "fmt" - "html/template" "io" "os" "strings" + "text/template" "github.com/containers/libpod/v2/cmd/podman/registry" "github.com/containers/libpod/v2/pkg/domain/entities" diff --git a/cmd/podman/networks/list.go b/cmd/podman/networks/list.go index ad2ee98b1..105bd25c6 100644 --- a/cmd/podman/networks/list.go +++ b/cmd/podman/networks/list.go @@ -3,10 +3,10 @@ package network import ( "encoding/json" "fmt" - "html/template" "os" "strings" "text/tabwriter" + "text/template" "github.com/containers/libpod/v2/cmd/podman/registry" "github.com/containers/libpod/v2/cmd/podman/validate" diff --git a/cmd/podman/registry/config.go b/cmd/podman/registry/config.go index a7e368115..24e728bad 100644 --- a/cmd/podman/registry/config.go +++ b/cmd/podman/registry/config.go @@ -33,7 +33,7 @@ func PodmanConfig() *entities.PodmanConfig { func newPodmanConfig() { if err := setXdgDirs(); err != nil { - fmt.Fprintf(os.Stderr, err.Error()) + fmt.Fprintln(os.Stderr, err.Error()) os.Exit(1) } diff --git a/cmd/podman/system/df.go b/cmd/podman/system/df.go index c2308f0cc..a242c4f66 100644 --- a/cmd/podman/system/df.go +++ b/cmd/podman/system/df.go @@ -2,11 +2,11 @@ package system import ( "fmt" - "html/template" "io" "os" "strings" "text/tabwriter" + "text/template" "time" "github.com/containers/libpod/v2/cmd/podman/registry" diff --git a/cmd/podman/system/events.go b/cmd/podman/system/events.go index 246611c1a..0a46a4042 100644 --- a/cmd/podman/system/events.go +++ b/cmd/podman/system/events.go @@ -3,9 +3,9 @@ package system import ( "bufio" "context" - "html/template" "os" "strings" + "text/template" "github.com/containers/buildah/pkg/formats" "github.com/containers/libpod/v2/cmd/podman/registry" diff --git a/cmd/podman/volumes/inspect.go b/cmd/podman/volumes/inspect.go index 9a8f4049b..235137fc7 100644 --- a/cmd/podman/volumes/inspect.go +++ b/cmd/podman/volumes/inspect.go @@ -2,9 +2,9 @@ package volumes import ( "fmt" - "html/template" "os" "strings" + "text/template" "github.com/containers/buildah/pkg/formats" "github.com/containers/libpod/v2/cmd/podman/registry" diff --git a/cmd/podman/volumes/list.go b/cmd/podman/volumes/list.go index 9e3a8f77b..804b9f319 100644 --- a/cmd/podman/volumes/list.go +++ b/cmd/podman/volumes/list.go @@ -3,11 +3,11 @@ package volumes import ( "context" "fmt" - "html/template" "io" "os" "strings" "text/tabwriter" + "text/template" "github.com/containers/libpod/v2/cmd/podman/registry" "github.com/containers/libpod/v2/cmd/podman/validate" diff --git a/docs/source/markdown/podman-run.1.md b/docs/source/markdown/podman-run.1.md index 7b93eb025..d20b69507 100644 --- a/docs/source/markdown/podman-run.1.md +++ b/docs/source/markdown/podman-run.1.md @@ -1066,7 +1066,7 @@ the exit codes follow the **chroot**(1) standard, see below: **Exit code** _contained command_ exit code - $ podman run busybox /bin/sh -c 'exit 3' + $ podman run busybox /bin/sh -c 'exit 3'; echo $? 3 ## EXAMPLES diff --git a/libpod/container_internal.go b/libpod/container_internal.go index c44ba5fe6..675311461 100644 --- a/libpod/container_internal.go +++ b/libpod/container_internal.go @@ -1521,9 +1521,6 @@ func (c *Container) chownVolume(volumeName string) error { return errors.Wrapf(err, "error retrieving named volume %s for container %s", volumeName, c.ID()) } - uid := int(c.config.Spec.Process.User.UID) - gid := int(c.config.Spec.Process.User.GID) - vol.lock.Lock() defer vol.lock.Unlock() @@ -1534,22 +1531,34 @@ func (c *Container) chownVolume(volumeName string) error { if vol.state.NeedsChown { vol.state.NeedsChown = false + + uid := int(c.config.Spec.Process.User.UID) + gid := int(c.config.Spec.Process.User.GID) + + if c.config.IDMappings.UIDMap != nil { + p := idtools.IDPair{ + UID: uid, + GID: gid, + } + mappings := idtools.NewIDMappingsFromMaps(c.config.IDMappings.UIDMap, c.config.IDMappings.GIDMap) + newPair, err := mappings.ToHost(p) + if err != nil { + return errors.Wrapf(err, "error mapping user %d:%d", uid, gid) + } + uid = newPair.UID + gid = newPair.GID + } + vol.state.UIDChowned = uid vol.state.GIDChowned = gid if err := vol.save(); err != nil { return err } - err := filepath.Walk(vol.MountPoint(), func(path string, info os.FileInfo, err error) error { - if err != nil { - return err - } - if err := os.Chown(path, uid, gid); err != nil { - return err - } - return nil - }) - if err != nil { + + mountPoint := vol.MountPoint() + + if err := os.Lchown(mountPoint, uid, gid); err != nil { return err } } diff --git a/libpod/runtime_img.go b/libpod/runtime_img.go index eab05f34d..7c75dbf98 100644 --- a/libpod/runtime_img.go +++ b/libpod/runtime_img.go @@ -48,7 +48,7 @@ func (r *Runtime) RemoveImage(ctx context.Context, img *image.Image, force bool) imageCtrs = append(imageCtrs, ctr) } } - if len(imageCtrs) > 0 && len(img.Names()) <= 1 { + if len(imageCtrs) > 0 && (len(img.Names()) <= 1 || (force && img.InputIsID())) { if force { for _, ctr := range imageCtrs { if err := r.removeContainer(ctx, ctr, true, false, false); err != nil { diff --git a/pkg/specgen/generate/ports.go b/pkg/specgen/generate/ports.go index c8d1c27c5..2125c6b9f 100644 --- a/pkg/specgen/generate/ports.go +++ b/pkg/specgen/generate/ports.go @@ -123,19 +123,20 @@ func parsePortMapping(portMappings []specgen.PortMapping) ([]ocicni.PortMapping, postAssignHostPort = true } } else { - testCPort := ctrPortMap[cPort] - if testCPort != 0 && testCPort != hPort { - // This is an attempt to redefine a port - return nil, nil, nil, errors.Errorf("conflicting port mappings for container port %d (protocol %s)", cPort, p) - } - ctrPortMap[cPort] = hPort - testHPort := hostPortMap[hPort] if testHPort != 0 && testHPort != cPort { return nil, nil, nil, errors.Errorf("conflicting port mappings for host port %d (protocol %s)", hPort, p) } hostPortMap[hPort] = cPort + // Mapping a container port to multiple + // host ports is allowed. + // We only store the latest of these in + // the container port map - we don't + // need to know all of them, just one. + testCPort := ctrPortMap[cPort] + ctrPortMap[cPort] = hPort + // If we have an exact duplicate, just continue if testCPort == hPort && testHPort == cPort { continue diff --git a/test/e2e/ps_test.go b/test/e2e/ps_test.go index 152c85704..48746f30c 100644 --- a/test/e2e/ps_test.go +++ b/test/e2e/ps_test.go @@ -476,5 +476,13 @@ var _ = Describe("Podman ps", func() { session.WaitWithDefaultTimeout() Expect(session.OutputToString()).To(ContainSubstring("echo very long cr...")) }) + It("podman ps --format {{RunningFor}}", func() { + _, ec, _ := podmanTest.RunLsContainer("") + Expect(ec).To(Equal(0)) + result := podmanTest.Podman([]string{"ps", "-a", "--format", "{{.RunningFor}}"}) + result.WaitWithDefaultTimeout() + Expect(result.ExitCode()).To(Equal(0)) + Expect(result.OutputToString()).To(ContainSubstring("ago")) + }) }) diff --git a/test/e2e/run_networking_test.go b/test/e2e/run_networking_test.go index 9357145ab..40cc9e1e6 100644 --- a/test/e2e/run_networking_test.go +++ b/test/e2e/run_networking_test.go @@ -222,6 +222,22 @@ var _ = Describe("Podman run networking", func() { Expect(inspectOut[0].NetworkSettings.Ports["8080/tcp"][0].HostIP).To(Equal("")) }) + It("podman run -p 8080:8080 -p 8081:8080", func() { + name := "testctr" + session := podmanTest.Podman([]string{"create", "-t", "-p", "4000:8080", "-p", "8000:8080", "--name", name, ALPINE, "/bin/sh"}) + session.WaitWithDefaultTimeout() + inspectOut := podmanTest.InspectContainer(name) + Expect(len(inspectOut)).To(Equal(1)) + Expect(len(inspectOut[0].NetworkSettings.Ports)).To(Equal(1)) + Expect(len(inspectOut[0].NetworkSettings.Ports["8080/tcp"])).To(Equal(2)) + + hp1 := inspectOut[0].NetworkSettings.Ports["8080/tcp"][0].HostPort + hp2 := inspectOut[0].NetworkSettings.Ports["8080/tcp"][1].HostPort + + // We can't guarantee order + Expect((hp1 == "4000" && hp2 == "8000") || (hp1 == "8000" && hp2 == "4000")).To(BeTrue()) + }) + It("podman run network expose host port 80 to container port 8000", func() { SkipIfRootless() session := podmanTest.Podman([]string{"run", "-dt", "-p", "80:8000", ALPINE, "/bin/sh"}) diff --git a/test/e2e/run_ns_test.go b/test/e2e/run_ns_test.go index 1c1b5cfbb..7113fa69e 100644 --- a/test/e2e/run_ns_test.go +++ b/test/e2e/run_ns_test.go @@ -4,6 +4,7 @@ package integration import ( "os" + "os/exec" "strings" . "github.com/containers/libpod/v2/test/utils" @@ -104,4 +105,34 @@ var _ = Describe("Podman run ns", func() { session.WaitWithDefaultTimeout() Expect(session).To(ExitWithError()) }) + + It("podman run --ipc=host --pid=host", func() { + cmd := exec.Command("ls", "-l", "/proc/self/ns/pid") + res, err := cmd.Output() + Expect(err).To(BeNil()) + fields := strings.Split(string(res), " ") + hostPidNS := strings.TrimSuffix(fields[len(fields)-1], "\n") + + cmd = exec.Command("ls", "-l", "/proc/self/ns/ipc") + res, err = cmd.Output() + Expect(err).To(BeNil()) + fields = strings.Split(string(res), " ") + hostIpcNS := strings.TrimSuffix(fields[len(fields)-1], "\n") + + session := podmanTest.Podman([]string{"run", "--ipc=host", "--pid=host", ALPINE, "ls", "-l", "/proc/self/ns/pid"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + fields = strings.Split(session.OutputToString(), " ") + ctrPidNS := strings.TrimSuffix(fields[len(fields)-1], "\n") + + session = podmanTest.Podman([]string{"run", "--ipc=host", "--pid=host", ALPINE, "ls", "-l", "/proc/self/ns/ipc"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + fields = strings.Split(session.OutputToString(), " ") + ctrIpcNS := strings.TrimSuffix(fields[len(fields)-1], "\n") + + Expect(hostPidNS).To(Equal(ctrPidNS)) + Expect(hostIpcNS).To(Equal(ctrIpcNS)) + }) + }) |