diff options
-rw-r--r-- | OWNERS | 16 | ||||
-rw-r--r-- | go.mod | 2 | ||||
-rw-r--r-- | go.sum | 4 | ||||
-rw-r--r-- | libpod/runtime.go | 2 | ||||
-rw-r--r-- | libpod/shutdown/handler.go | 6 | ||||
-rw-r--r-- | pkg/api/handlers/compat/containers_create.go | 6 | ||||
-rw-r--r-- | pkg/specgen/generate/container_create.go | 1 | ||||
-rw-r--r-- | pkg/specgen/generate/oci.go | 2 | ||||
-rw-r--r-- | test/apiv2/25-containersMore.at | 9 | ||||
-rw-r--r-- | test/apiv2/rest_api/test_rest_v2_0_0.py | 2 | ||||
-rw-r--r-- | test/e2e/run_memory_test.go | 6 | ||||
-rw-r--r-- | test/e2e/run_test.go | 2 | ||||
-rw-r--r-- | test/system/030-run.bats | 13 | ||||
-rw-r--r-- | vendor/github.com/containers/common/pkg/config/config.go | 11 | ||||
-rw-r--r-- | vendor/github.com/containers/common/pkg/config/containers.conf | 11 | ||||
-rw-r--r-- | vendor/github.com/containers/common/pkg/config/default.go | 6 | ||||
-rw-r--r-- | vendor/github.com/containers/common/pkg/config/libpodConfig.go | 407 | ||||
-rw-r--r-- | vendor/github.com/containers/common/version/version.go | 2 | ||||
-rw-r--r-- | vendor/modules.txt | 2 |
19 files changed, 66 insertions, 444 deletions
@@ -3,22 +3,26 @@ approvers: - edsantiago - giuseppe - jwhonce + - Luap99 - mheon - rhatdan + - saschagrunert - TomSweeneyRedHat - - vrothberg - umohnani8 - - Luap99 + - vrothberg + - zhangguanzhang reviewers: + - ashley-cui - baude - edsantiago - giuseppe - jwhonce + - Luap99 - mheon + - QiWang19 - rhatdan + - saschagrunert - TomSweeneyRedHat - - vrothberg - - ashley-cui - - QiWang19 - umohnani8 - - Luap99 + - vrothberg + - zhangguanzhang @@ -11,7 +11,7 @@ require ( github.com/containernetworking/cni v0.8.0 github.com/containernetworking/plugins v0.8.7 github.com/containers/buildah v1.18.1-0.20201125084616-dd26b137459c - github.com/containers/common v0.30.0 + github.com/containers/common v0.31.0 github.com/containers/conmon v2.0.20+incompatible github.com/containers/image/v5 v5.8.1 github.com/containers/psgo v1.5.1 @@ -95,8 +95,8 @@ github.com/containers/buildah v1.18.1-0.20201125084616-dd26b137459c h1:vyc2iYz9b github.com/containers/buildah v1.18.1-0.20201125084616-dd26b137459c/go.mod h1:B+0OkXUogxdwsEy4ax3a5/vDtJjL6vCisiV6frQZJ4A= github.com/containers/common v0.29.0 h1:hTMC+urdkk5bKfhL/OgCixIX5xjJgQ2l2jPG745ECFQ= github.com/containers/common v0.29.0/go.mod h1:yT4GTUHsKRmpaDb+mecXRnIMre7W3ZgwXqaYMywXlaA= -github.com/containers/common v0.30.0 h1:yKhrhnOxIymtMk+oLJMKEbG/VkYyU0DRJWSdCT0LhOY= -github.com/containers/common v0.30.0/go.mod h1:yT4GTUHsKRmpaDb+mecXRnIMre7W3ZgwXqaYMywXlaA= +github.com/containers/common v0.31.0 h1:SRnjfoqbjfaojpY9YJq9JBPEslwB5hoXJbaE+5zMFwM= +github.com/containers/common v0.31.0/go.mod h1:yT4GTUHsKRmpaDb+mecXRnIMre7W3ZgwXqaYMywXlaA= github.com/containers/conmon v2.0.20+incompatible h1:YbCVSFSCqFjjVwHTPINGdMX1F6JXHGTUje2ZYobNrkg= github.com/containers/conmon v2.0.20+incompatible/go.mod h1:hgwZ2mtuDrppv78a/cOBNiCm6O0UMWGx1mu7P00nu5I= github.com/containers/image/v5 v5.8.1 h1:aHW8a/Kd0dTJ7PTL/fc6y12sJqHxWgqilu+XyHfjD8Q= diff --git a/libpod/runtime.go b/libpod/runtime.go index 72bd34a5e..1004e4fa7 100644 --- a/libpod/runtime.go +++ b/libpod/runtime.go @@ -190,7 +190,7 @@ func newRuntimeFromConfig(ctx context.Context, conf *config.Config, options ...R if err := shutdown.Register("libpod", func(sig os.Signal) error { os.Exit(1) return nil - }); err != nil { + }); err != nil && errors.Cause(err) != shutdown.ErrHandlerExists { logrus.Errorf("Error registering shutdown handler for libpod: %v", err) } diff --git a/libpod/shutdown/handler.go b/libpod/shutdown/handler.go index 87538dec9..f0f228b19 100644 --- a/libpod/shutdown/handler.go +++ b/libpod/shutdown/handler.go @@ -11,6 +11,10 @@ import ( ) var ( + ErrHandlerExists error = errors.New("handler with given name already exists") +) + +var ( stopped bool sigChan chan os.Signal cancelChan chan bool @@ -98,7 +102,7 @@ func Register(name string, handler func(os.Signal) error) error { } if _, ok := handlers[name]; ok { - return errors.Errorf("handler with name %s already exists", name) + return ErrHandlerExists } handlers[name] = handler diff --git a/pkg/api/handlers/compat/containers_create.go b/pkg/api/handlers/compat/containers_create.go index 729639928..409a74de2 100644 --- a/pkg/api/handlers/compat/containers_create.go +++ b/pkg/api/handlers/compat/containers_create.go @@ -37,6 +37,9 @@ func CreateContainer(w http.ResponseWriter, r *http.Request) { return } + // Override the container name in the body struct + body.Name = query.Name + if len(body.HostConfig.Links) > 0 { utils.Error(w, utils.ErrLinkNotSupport.Error(), http.StatusBadRequest, errors.Wrapf(utils.ErrLinkNotSupport, "bad parameter")) return @@ -69,9 +72,6 @@ func CreateContainer(w http.ResponseWriter, r *http.Request) { return } - // Override the container name in the body struct - body.Name = query.Name - ic := abi.ContainerEngine{Libpod: runtime} report, err := ic.ContainerCreate(r.Context(), sg) if err != nil { diff --git a/pkg/specgen/generate/container_create.go b/pkg/specgen/generate/container_create.go index 95e4eeb8f..4f36744ca 100644 --- a/pkg/specgen/generate/container_create.go +++ b/pkg/specgen/generate/container_create.go @@ -98,7 +98,6 @@ func MakeContainer(ctx context.Context, rt *libpod.Runtime, s *specgen.SpecGener // present. imgName := newImage.InputName if s.Image == newImage.InputName && strings.HasPrefix(newImage.ID(), s.Image) { - imgName = "" names := newImage.Names() if len(names) > 0 { imgName = names[0] diff --git a/pkg/specgen/generate/oci.go b/pkg/specgen/generate/oci.go index 0368ab205..c24dcf4c0 100644 --- a/pkg/specgen/generate/oci.go +++ b/pkg/specgen/generate/oci.go @@ -165,7 +165,7 @@ func SpecGenToOCI(ctx context.Context, s *specgen.SpecGenerator, rt *libpod.Runt inUserNS = true } } - if inUserNS && s.NetNS.IsHost() { + if inUserNS && s.NetNS.NSMode != specgen.NoNetwork { canMountSys = false } diff --git a/test/apiv2/25-containersMore.at b/test/apiv2/25-containersMore.at index 4f6b80a5f..9d774ef27 100644 --- a/test/apiv2/25-containersMore.at +++ b/test/apiv2/25-containersMore.at @@ -79,4 +79,13 @@ like "$output" ".*spec:.*" "Check generated kube yaml(service=true) - spec" like "$output" ".*kind:\\sService.*" "Check generated kube yaml(service=true) - kind: Service" t DELETE libpod/containers/$cid 204 + +# Create 3 stopped containers to test containers prune +podman run $IMAGE true +podman run $IMAGE true +podman run $IMAGE true + +t POST libpod/containers/prune '' 200 +t GET libpod/containers/json 200 \ + length=0 # vim: filetype=sh diff --git a/test/apiv2/rest_api/test_rest_v2_0_0.py b/test/apiv2/rest_api/test_rest_v2_0_0.py index d8d214e33..2f9e62149 100644 --- a/test/apiv2/rest_api/test_rest_v2_0_0.py +++ b/test/apiv2/rest_api/test_rest_v2_0_0.py @@ -181,7 +181,7 @@ class TestApi(unittest.TestCase): self.assertEqual(net_default.status_code, 201, net_default.text) create = requests.post( - PODMAN_URL + "/v1.40/containers/create?name=postCreate", + PODMAN_URL + "/v1.40/containers/create?name=postCreateConnect", json={ "Cmd": ["top"], "Image": "alpine:latest", diff --git a/test/e2e/run_memory_test.go b/test/e2e/run_memory_test.go index b3913c1e6..ad3a2b54f 100644 --- a/test/e2e/run_memory_test.go +++ b/test/e2e/run_memory_test.go @@ -38,7 +38,7 @@ var _ = Describe("Podman run memory", func() { var session *PodmanSessionIntegration if CGROUPSV2 { - session = podmanTest.Podman([]string{"run", "--memory=40m", ALPINE, "sh", "-c", "cat /sys/fs/cgroup/$(sed -e 's|0::||' < /proc/self/cgroup)/memory.max"}) + session = podmanTest.Podman([]string{"run", "--memory=40m", "--net=none", ALPINE, "sh", "-c", "cat /sys/fs/cgroup/$(sed -e 's|0::||' < /proc/self/cgroup)/memory.max"}) } else { session = podmanTest.Podman([]string{"run", "--memory=40m", ALPINE, "cat", "/sys/fs/cgroup/memory/memory.limit_in_bytes"}) } @@ -55,7 +55,7 @@ var _ = Describe("Podman run memory", func() { var session *PodmanSessionIntegration if CGROUPSV2 { - session = podmanTest.Podman([]string{"run", "--memory-reservation=40m", ALPINE, "sh", "-c", "cat /sys/fs/cgroup/$(sed -e 's|0::||' < /proc/self/cgroup)/memory.low"}) + session = podmanTest.Podman([]string{"run", "--memory-reservation=40m", "--net=none", ALPINE, "sh", "-c", "cat /sys/fs/cgroup/$(sed -e 's|0::||' < /proc/self/cgroup)/memory.low"}) } else { session = podmanTest.Podman([]string{"run", "--memory-reservation=40m", ALPINE, "cat", "/sys/fs/cgroup/memory/memory.soft_limit_in_bytes"}) } @@ -81,7 +81,7 @@ var _ = Describe("Podman run memory", func() { var session *PodmanSessionIntegration if CGROUPSV2 { - session = podmanTest.Podman([]string{"run", "--memory-reservation=40m", ALPINE, "sh", "-c", "cat /sys/fs/cgroup/$(sed -e 's|0::||' < /proc/self/cgroup)/memory.low"}) + session = podmanTest.Podman([]string{"run", "--net=none", "--memory-reservation=40m", ALPINE, "sh", "-c", "cat /sys/fs/cgroup/$(sed -e 's|0::||' < /proc/self/cgroup)/memory.low"}) } else { session = podmanTest.Podman([]string{"run", "--memory-reservation=40m", ALPINE, "cat", "/sys/fs/cgroup/memory/memory.soft_limit_in_bytes"}) } diff --git a/test/e2e/run_test.go b/test/e2e/run_test.go index efc125d2b..58ef9a647 100644 --- a/test/e2e/run_test.go +++ b/test/e2e/run_test.go @@ -1300,7 +1300,7 @@ USER mail` It("podman run verify pids-limit", func() { SkipIfCgroupV1("pids-limit not supported on cgroup V1") limit := "4321" - session := podmanTest.Podman([]string{"run", "--pids-limit", limit, "--rm", ALPINE, "cat", "/sys/fs/cgroup/pids.max"}) + session := podmanTest.Podman([]string{"run", "--pids-limit", limit, "--net=none", "--rm", ALPINE, "cat", "/sys/fs/cgroup/pids.max"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) Expect(session.OutputToString()).To(ContainSubstring(limit)) diff --git a/test/system/030-run.bats b/test/system/030-run.bats index 6db6b76f1..3ee141f5f 100644 --- a/test/system/030-run.bats +++ b/test/system/030-run.bats @@ -536,6 +536,19 @@ json-file | f run_podman untag $IMAGE $newtag $newtag2 } +# Regression test for issue #8558 +@test "podman run on untagged image: make sure that image metadata is set" { + run_podman inspect $IMAGE --format "{{.ID}}" + imageID="$output" + + # prior to #8623 `podman run` would error out on untagged images with: + # Error: both RootfsImageName and RootfsImageID must be set if either is set: invalid argument + run_podman untag $IMAGE + run_podman run --rm $imageID ls + + run_podman tag $imageID $IMAGE +} + @test "Verify /run/.containerenv exist" { run_podman run --rm $IMAGE ls -1 /run/.containerenv is "$output" "/run/.containerenv" diff --git a/vendor/github.com/containers/common/pkg/config/config.go b/vendor/github.com/containers/common/pkg/config/config.go index 6a44d353a..320d5e0e5 100644 --- a/vendor/github.com/containers/common/pkg/config/config.go +++ b/vendor/github.com/containers/common/pkg/config/config.go @@ -363,6 +363,12 @@ type EngineConfig struct { // under. This convention is followed by the default volume driver, but // may not be by other drivers. VolumePath string `toml:"volume_path,omitempty"` + + // VolumePlugins is a set of plugins that can be used as the backend for + // Podman named volumes. Each volume is specified as a name (what Podman + // will refer to the plugin as) mapped to a path, which must point to a + // Unix socket that conforms to the Volume Plugin specification. + VolumePlugins map[string]string `toml:"volume_plugins,omitempty"` } // SetOptions contains a subset of options in a Config. It's used to indicate if @@ -445,11 +451,6 @@ func NewConfig(userConfigPath string) (*Config, error) { return nil, err } - // read libpod.conf and convert the config to *Config - if err = newLibpodConfig(config); err != nil && !os.IsNotExist(err) { - logrus.Errorf("error reading libpod.conf: %v", err) - } - // Now, gather the system configs and merge them as needed. configs, err := systemConfigs() if err != nil { diff --git a/vendor/github.com/containers/common/pkg/config/containers.conf b/vendor/github.com/containers/common/pkg/config/containers.conf index 5b5d3f9b6..12fbecc22 100644 --- a/vendor/github.com/containers/common/pkg/config/containers.conf +++ b/vendor/github.com/containers/common/pkg/config/containers.conf @@ -391,7 +391,7 @@ default_sysctls = [ # Default OCI runtime # -# runtime = "runc" +# runtime = "crun" # List of the OCI runtimes that support --format=json. When json is supported # engine will use it for reporting nicer errors. @@ -458,8 +458,11 @@ default_sysctls = [ # "/usr/bin/kata-fc", # ] -# The [engine.runtimes] table MUST be the last entry in this file. +[engine.volume_plugins] +# testplugin = "/run/podman/plugins/test.sock" + +# The [engine.volume_plugins] table MUST be the last entry in this file. # (Unless another table is added) # TOML does not provide a way to end a table other than a further table being -# defined, so every key hereafter will be part of [runtimes] and not the main -# config. +# defined, so every key hereafter will be part of [volume_plugins] and not the +# main config. diff --git a/vendor/github.com/containers/common/pkg/config/default.go b/vendor/github.com/containers/common/pkg/config/default.go index 4f1460e3b..2b3a098a7 100644 --- a/vendor/github.com/containers/common/pkg/config/default.go +++ b/vendor/github.com/containers/common/pkg/config/default.go @@ -242,11 +242,7 @@ func defaultConfigFromMemory() (*EngineConfig, error) { c.ImageDefaultTransport = _defaultTransport c.StateType = BoltDBStateStore - c.OCIRuntime = "runc" - // If we're running on cgroupv2 v2, default to using crun. - if cgroup2, _ := cgroupv2.Enabled(); cgroup2 { - c.OCIRuntime = "crun" - } + c.OCIRuntime = "crun" c.ImageBuildFormat = "oci" c.CgroupManager = defaultCgroupManager() diff --git a/vendor/github.com/containers/common/pkg/config/libpodConfig.go b/vendor/github.com/containers/common/pkg/config/libpodConfig.go deleted file mode 100644 index 2df3d6077..000000000 --- a/vendor/github.com/containers/common/pkg/config/libpodConfig.go +++ /dev/null @@ -1,407 +0,0 @@ -package config - -/* libpodConfig.go contains deprecated functionality and should not be used any longer */ - -import ( - "os" - "os/exec" - "path/filepath" - - "github.com/BurntSushi/toml" - "github.com/containers/common/pkg/cgroupv2" - "github.com/containers/storage/pkg/unshare" - "github.com/pkg/errors" - "github.com/sirupsen/logrus" -) - -const ( - // _rootlessConfigPath is the path to the rootless libpod.conf in $HOME. - _rootlessConfigPath = ".config/containers/libpod.conf" - - // _rootConfigPath is the path to the libpod configuration file - // This file is loaded to replace the builtin default config before - // runtime options (e.g. WithStorageConfig) are applied. - // If it is not present, the builtin default config is used instead - // This path can be overridden when the runtime is created by using - // NewRuntimeFromConfig() instead of NewRuntime(). - _rootConfigPath = _installPrefix + "/share/containers/libpod.conf" - - // _rootOverrideConfigPath is the path to an override for the default libpod - // configuration file. If OverrideConfigPath exists, it will be used in - // place of the configuration file pointed to by ConfigPath. - _rootOverrideConfigPath = _etcDir + "/containers/libpod.conf" -) - -// ConfigFromLibpod contains configuration options used to set up a libpod runtime -type ConfigFromLibpod struct { - // NOTE: when changing this struct, make sure to update (*Config).Merge(). - - // SetOptions contains a subset of config options. It's used to indicate if - // a given option has either been set by the user or by a parsed libpod - // configuration file. If not, the corresponding option might be - // overwritten by values from the database. This behavior guarantees - // backwards compat with older version of libpod and Podman. - SetOptions - - // VolumePath is the default location that named volumes will be created - // under. This convention is followed by the default volume driver, but - // may not be by other drivers. - VolumePath string `toml:"volume_path,omitempty"` - - // ImageDefaultTransport is the default transport method used to fetch - // images. - ImageDefaultTransport string `toml:"image_default_transport,omitempty"` - - // SignaturePolicyPath is the path to a signature policy to use for - // validating images. If left empty, the containers/image default signature - // policy will be used. - SignaturePolicyPath string `toml:"signature_policy_path,omitempty"` - - // OCIRuntime is the OCI runtime to use. - OCIRuntime string `toml:"runtime,omitempty"` - - // OCIRuntimes are the set of configured OCI runtimes (default is runc). - OCIRuntimes map[string][]string `toml:"runtimes,omitempty"` - - // RuntimeSupportsJSON is the list of the OCI runtimes that support - // --format=json. - RuntimeSupportsJSON []string `toml:"runtime_supports_json,omitempty"` - - // RuntimeSupportsNoCgroups is a list of OCI runtimes that support - // running containers without CGroups. - RuntimeSupportsNoCgroups []string `toml:"runtime_supports_nocgroupv2,omitempty"` - - // RuntimePath is the path to OCI runtime binary for launching containers. - // The first path pointing to a valid file will be used This is used only - // when there are no OCIRuntime/OCIRuntimes defined. It is used only to be - // backward compatible with older versions of Podman. - RuntimePath []string `toml:"runtime_path,omitempty"` - - // ConmonPath is the path to the Conmon binary used for managing containers. - // The first path pointing to a valid file will be used. - ConmonPath []string `toml:"conmon_path,omitempty"` - - // ConmonEnvVars are environment variables to pass to the Conmon binary - // when it is launched. - ConmonEnvVars []string `toml:"conmon_env_vars,omitempty"` - - // CGroupManager is the CGroup Manager to use Valid values are "cgroupfs" - // and "systemd". - CgroupManager string `toml:"cgroup_manager,omitempty"` - - // InitPath is the path to the container-init binary. - InitPath string `toml:"init_path,omitempty"` - - // StaticDir is the path to a persistent directory to store container - // files. - StaticDir string `toml:"static_dir,omitempty"` - - // TmpDir is the path to a temporary directory to store per-boot container - // files. Must be stored in a tmpfs. - TmpDir string `toml:"tmp_dir,omitempty"` - - // MaxLogSize is the maximum size of container logfiles. - MaxLogSize int64 `toml:"max_log_size,omitempty"` - - // NoPivotRoot sets whether to set no-pivot-root in the OCI runtime. - NoPivotRoot bool `toml:"no_pivot_root,omitempty"` - - // CNIConfigDir sets the directory where CNI configuration files are - // stored. - CNIConfigDir string `toml:"cni_config_dir,omitempty"` - - // CNIPluginDir sets a number of directories where the CNI network - // plugins can be located. - CNIPluginDir []string `toml:"cni_plugin_dir,omitempty"` - - // CNIDefaultNetwork is the network name of the default CNI network - // to attach pods to. - CNIDefaultNetwork string `toml:"cni_default_network,omitempty"` - - // HooksDir holds paths to the directories containing hooks - // configuration files. When the same filename is present in in - // multiple directories, the file in the directory listed last in - // this slice takes precedence. - HooksDir []string `toml:"hooks_dir,omitempty"` - - // Namespace is the libpod namespace to use. Namespaces are used to create - // scopes to separate containers and pods in the state. When namespace is - // set, libpod will only view containers and pods in the same namespace. All - // containers and pods created will default to the namespace set here. A - // namespace of "", the empty string, is equivalent to no namespace, and all - // containers and pods will be visible. The default namespace is "". - Namespace string `toml:"namespace,omitempty"` - - // InfraImage is the image a pod infra container will use to manage - // namespaces. - InfraImage string `toml:"infra_image,omitempty"` - - // InfraCommand is the command run to start up a pod infra container. - InfraCommand string `toml:"infra_command,omitempty"` - - // EnablePortReservation determines whether libpod will reserve ports on the - // host when they are forwarded to containers. When enabled, when ports are - // forwarded to containers, they are held open by conmon as long as the - // container is running, ensuring that they cannot be reused by other - // programs on the host. However, this can cause significant memory usage if - // a container has many ports forwarded to it. Disabling this can save - // memory. - EnablePortReservation bool `toml:"enable_port_reservation,omitempty"` - - // EnableLabeling indicates whether libpod will support container labeling. - EnableLabeling bool `toml:"label,omitempty"` - - // NetworkCmdPath is the path to the slirp4netns binary. - NetworkCmdPath string `toml:"network_cmd_path,omitempty"` - - // NumLocks is the number of locks to make available for containers and - // pods. - NumLocks uint32 `toml:"num_locks,omitempty"` - - // LockType is the type of locking to use. - LockType string `toml:"lock_type,omitempty"` - - // EventsLogger determines where events should be logged. - EventsLogger string `toml:"events_logger,omitempty"` - - // EventsLogFilePath is where the events log is stored. - EventsLogFilePath string `toml:"events_logfile_path,omitempty"` - - // DetachKeys is the sequence of keys used to detach a container. - DetachKeys string `toml:"detach_keys,omitempty"` - - // SDNotify tells Libpod to allow containers to notify the host systemd of - // readiness using the SD_NOTIFY mechanism. - SDNotify bool `toml:",omitempty"` - - // CgroupCheck indicates the configuration has been rewritten after an - // upgrade to Fedora 31 to change the default OCI runtime for cgroupv2v2. - CgroupCheck bool `toml:"cgroup_check,omitempty"` -} - -// newLibpodConfig creates a new ConfigFromLibpod and converts it to Config. -// Depending if we're running as root or rootless, we then merge the system configuration followed -// by merging the default config (hard-coded default in memory). -// Note that the OCI runtime is hard-set to `crun` if we're running on a system -// with cgroupv2v2. Other OCI runtimes are not yet supporting cgroupv2v2. This -// might change in the future. -func newLibpodConfig(c *Config) error { - // Start with the default config and iteratively merge - // fields in the system configs. - config := c.libpodConfig() - - // Now, check if the user can access system configs and merge them if needed. - configs, err := systemLibpodConfigs() - if err != nil { - return errors.Wrapf(err, "error finding config on system") - } - - if len(configs) == 0 { - return nil - } - - for _, path := range configs { - config, err = readLibpodConfigFromFile(path, config) - if err != nil { - return errors.Wrapf(err, "error reading system config %q", path) - } - } - - // Since runc does not currently support cgroupV2 - // Change to default crun on first running of libpod.conf - // TODO Once runc has support for cgroupv2, this function should be removed. - if !config.CgroupCheck && unshare.IsRootless() { - cgroup2, err := cgroupv2.Enabled() - if err != nil { - return err - } - if cgroup2 { - path, err := exec.LookPath("crun") - if err != nil { - // Can't find crun path so do nothing - logrus.Warnf("Can not find crun package on the host, containers might fail to run on cgroup V2 systems without crun: %q", err) - } else { - config.CgroupCheck = true - config.OCIRuntime = path - } - } - } - - // hard code EventsLogger to "file" to match older podman versions. - if config.EventsLogger != "file" { - logrus.Warnf("Ignoring libpod.conf EventsLogger setting %q. Use %q if you want to change this setting and remove libpod.conf files.", config.EventsLogger, Path()) - config.EventsLogger = "file" - } - - c.libpodToContainersConfig(config) - - return nil -} - -// readConfigFromFile reads the specified config file at `path` and attempts to -// unmarshal its content into a Config. The config param specifies the previous -// default config. If the path, only specifies a few fields in the Toml file -// the defaults from the config parameter will be used for all other fields. -func readLibpodConfigFromFile(path string, config *ConfigFromLibpod) (*ConfigFromLibpod, error) { - logrus.Debugf("Reading configuration file %q", path) - _, err := toml.DecodeFile(path, config) - if err != nil { - return nil, errors.Wrapf(err, "decode configuration %s", path) - } - - return config, err -} - -func systemLibpodConfigs() ([]string, error) { - if unshare.IsRootless() { - path, err := rootlessLibpodConfigPath() - if err != nil { - return nil, err - } - if _, err := os.Stat(path); err == nil { - containersConfPath, err := rootlessConfigPath() - if err != nil { - containersConfPath = filepath.Join("$HOME", UserOverrideContainersConfig) - } - logrus.Warnf("Found deprecated file %s, please remove. Use %s to override defaults.\n", path, containersConfPath) - return []string{path}, nil - } - return nil, err - } - - configs := []string{} - if _, err := os.Stat(_rootConfigPath); err == nil { - logrus.Warnf("Found deprecated file %s, please remove. Use %s to override defaults.\n", _rootConfigPath, OverrideContainersConfig) - configs = append(configs, _rootConfigPath) - } - if _, err := os.Stat(_rootOverrideConfigPath); err == nil { - logrus.Warnf("Found deprecated file %s, please remove. Use %s to override defaults.\n", _rootOverrideConfigPath, OverrideContainersConfig) - configs = append(configs, _rootOverrideConfigPath) - } - return configs, nil -} - -func rootlessLibpodConfigPath() (string, error) { - home, err := unshare.HomeDir() - if err != nil { - return "", err - } - - return filepath.Join(home, _rootlessConfigPath), nil -} - -func (c *Config) libpodConfig() *ConfigFromLibpod { - return &ConfigFromLibpod{ - InitPath: c.Containers.InitPath, - MaxLogSize: c.Containers.LogSizeMax, - EnableLabeling: c.Containers.EnableLabeling, - - SetOptions: c.Engine.SetOptions, - VolumePath: c.Engine.VolumePath, - ImageDefaultTransport: c.Engine.ImageDefaultTransport, - OCIRuntime: c.Engine.OCIRuntime, - OCIRuntimes: c.Engine.OCIRuntimes, - RuntimeSupportsJSON: c.Engine.RuntimeSupportsJSON, - RuntimeSupportsNoCgroups: c.Engine.RuntimeSupportsNoCgroups, - RuntimePath: c.Engine.RuntimePath, - ConmonPath: c.Engine.ConmonPath, - ConmonEnvVars: c.Engine.ConmonEnvVars, - CgroupManager: c.Engine.CgroupManager, - StaticDir: c.Engine.StaticDir, - TmpDir: c.Engine.TmpDir, - NoPivotRoot: c.Engine.NoPivotRoot, - HooksDir: c.Engine.HooksDir, - Namespace: c.Engine.Namespace, - InfraImage: c.Engine.InfraImage, - InfraCommand: c.Engine.InfraCommand, - EnablePortReservation: c.Engine.EnablePortReservation, - NetworkCmdPath: c.Engine.NetworkCmdPath, - NumLocks: c.Engine.NumLocks, - LockType: c.Engine.LockType, - EventsLogger: c.Engine.EventsLogger, - EventsLogFilePath: c.Engine.EventsLogFilePath, - DetachKeys: c.Engine.DetachKeys, - SDNotify: c.Engine.SDNotify, - CgroupCheck: c.Engine.CgroupCheck, - SignaturePolicyPath: c.Engine.SignaturePolicyPath, - - CNIConfigDir: c.Network.NetworkConfigDir, - CNIPluginDir: c.Network.CNIPluginDirs, - CNIDefaultNetwork: c.Network.DefaultNetwork, - } -} - -func (c *Config) libpodToContainersConfig(libpodConf *ConfigFromLibpod) { - - if libpodConf.InitPath != "" { - c.Containers.InitPath = libpodConf.InitPath - } - c.Containers.LogSizeMax = libpodConf.MaxLogSize - c.Containers.EnableLabeling = libpodConf.EnableLabeling - - if libpodConf.SignaturePolicyPath != "" { - c.Engine.SignaturePolicyPath = libpodConf.SignaturePolicyPath - } - c.Engine.SetOptions = libpodConf.SetOptions - if libpodConf.VolumePath != "" { - c.Engine.VolumePath = libpodConf.VolumePath - } - if libpodConf.ImageDefaultTransport != "" { - c.Engine.ImageDefaultTransport = libpodConf.ImageDefaultTransport - } - if libpodConf.OCIRuntime != "" { - c.Engine.OCIRuntime = libpodConf.OCIRuntime - } - c.Engine.OCIRuntimes = libpodConf.OCIRuntimes - c.Engine.RuntimeSupportsJSON = libpodConf.RuntimeSupportsJSON - c.Engine.RuntimeSupportsNoCgroups = libpodConf.RuntimeSupportsNoCgroups - c.Engine.RuntimePath = libpodConf.RuntimePath - c.Engine.ConmonPath = libpodConf.ConmonPath - c.Engine.ConmonEnvVars = libpodConf.ConmonEnvVars - if libpodConf.CgroupManager != "" { - c.Engine.CgroupManager = libpodConf.CgroupManager - } - if libpodConf.StaticDir != "" { - c.Engine.StaticDir = libpodConf.StaticDir - } - if libpodConf.TmpDir != "" { - c.Engine.TmpDir = libpodConf.TmpDir - } - c.Engine.NoPivotRoot = libpodConf.NoPivotRoot - c.Engine.HooksDir = libpodConf.HooksDir - if libpodConf.Namespace != "" { - c.Engine.Namespace = libpodConf.Namespace - } - if libpodConf.InfraImage != "" { - c.Engine.InfraImage = libpodConf.InfraImage - } - if libpodConf.InfraCommand != "" { - c.Engine.InfraCommand = libpodConf.InfraCommand - } - - c.Engine.EnablePortReservation = libpodConf.EnablePortReservation - if libpodConf.NetworkCmdPath != "" { - c.Engine.NetworkCmdPath = libpodConf.NetworkCmdPath - } - c.Engine.NumLocks = libpodConf.NumLocks - c.Engine.LockType = libpodConf.LockType - if libpodConf.EventsLogger != "" { - c.Engine.EventsLogger = libpodConf.EventsLogger - } - if libpodConf.EventsLogFilePath != "" { - c.Engine.EventsLogFilePath = libpodConf.EventsLogFilePath - } - if libpodConf.DetachKeys != "" { - c.Engine.DetachKeys = libpodConf.DetachKeys - } - c.Engine.SDNotify = libpodConf.SDNotify - c.Engine.CgroupCheck = libpodConf.CgroupCheck - - if libpodConf.CNIConfigDir != "" { - c.Network.NetworkConfigDir = libpodConf.CNIConfigDir - } - c.Network.CNIPluginDirs = libpodConf.CNIPluginDir - if libpodConf.CNIDefaultNetwork != "" { - c.Network.DefaultNetwork = libpodConf.CNIDefaultNetwork - } -} diff --git a/vendor/github.com/containers/common/version/version.go b/vendor/github.com/containers/common/version/version.go index 141168961..8df453484 100644 --- a/vendor/github.com/containers/common/version/version.go +++ b/vendor/github.com/containers/common/version/version.go @@ -1,4 +1,4 @@ package version // Version is the version of the build. -const Version = "0.30.0" +const Version = "0.31.0" diff --git a/vendor/modules.txt b/vendor/modules.txt index 43c8ebb95..3ad53c73c 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -86,7 +86,7 @@ github.com/containers/buildah/pkg/parse github.com/containers/buildah/pkg/rusage github.com/containers/buildah/pkg/supplemented github.com/containers/buildah/util -# github.com/containers/common v0.30.0 +# github.com/containers/common v0.31.0 github.com/containers/common/pkg/apparmor github.com/containers/common/pkg/apparmor/internal/supported github.com/containers/common/pkg/auth |