summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--docs/podman-stats.1.md3
-rw-r--r--libpod/define/errors.go4
-rw-r--r--libpod/networking_linux.go6
-rw-r--r--libpod/runtime_volume_linux.go9
-rw-r--r--libpod/volume_internal_linux.go25
5 files changed, 46 insertions, 1 deletions
diff --git a/docs/podman-stats.1.md b/docs/podman-stats.1.md
index e0cff0dc2..741873c3f 100644
--- a/docs/podman-stats.1.md
+++ b/docs/podman-stats.1.md
@@ -15,6 +15,9 @@ Note: Podman stats will not work in rootless environments that use CGroups V1.
Podman stats relies on CGroup information for statistics, and CGroup v1 is not
supported for rootless use cases.
+Note: Rootless environments that use CGroups V2 are not able to report statistics
+about their networking usage.
+
## OPTIONS
**--all**, **-a**
diff --git a/libpod/define/errors.go b/libpod/define/errors.go
index 5392fbc62..523062866 100644
--- a/libpod/define/errors.go
+++ b/libpod/define/errors.go
@@ -65,6 +65,10 @@ var (
// CGroup.
ErrNoCgroups = errors.New("this container does not have a cgroup")
+ // ErrRootless indicates that the given command cannot but run without
+ // root.
+ ErrRootless = errors.New("operation requires root privileges")
+
// ErrRuntimeStopped indicates that the runtime has already been shut
// down and no further operations can be performed on it
ErrRuntimeStopped = errors.New("runtime has already been stopped")
diff --git a/libpod/networking_linux.go b/libpod/networking_linux.go
index 8181cbc8a..4360c8c15 100644
--- a/libpod/networking_linux.go
+++ b/libpod/networking_linux.go
@@ -462,6 +462,12 @@ func getContainerNetNS(ctr *Container) (string, error) {
func getContainerNetIO(ctr *Container) (*netlink.LinkStatistics, error) {
var netStats *netlink.LinkStatistics
+ // rootless v2 cannot seem to resolve its network connection to
+ // collect statistics. For now, we allow stats to at least run
+ // by returning nil
+ if rootless.IsRootless() {
+ return netStats, nil
+ }
netNSPath, netPathErr := getContainerNetNS(ctr)
if netPathErr != nil {
return nil, netPathErr
diff --git a/libpod/runtime_volume_linux.go b/libpod/runtime_volume_linux.go
index 9df93faf3..ba4fff4be 100644
--- a/libpod/runtime_volume_linux.go
+++ b/libpod/runtime_volume_linux.go
@@ -157,7 +157,14 @@ func (r *Runtime) removeVolume(ctx context.Context, v *Volume, force bool) error
// If the volume is still mounted - force unmount it
if err := v.unmount(true); err != nil {
- return errors.Wrapf(err, "error unmounting volume %s", v.Name())
+ if force {
+ // If force is set, evict the volume, even if errors
+ // occur. Otherwise we'll never be able to get rid of
+ // them.
+ logrus.Errorf("Error unmounting volume %s: %v", v.Name(), err)
+ } else {
+ return errors.Wrapf(err, "error unmounting volume %s", v.Name())
+ }
}
// Set volume as invalid so it can no longer be used
diff --git a/libpod/volume_internal_linux.go b/libpod/volume_internal_linux.go
index 9ae4dcf69..4c0332018 100644
--- a/libpod/volume_internal_linux.go
+++ b/libpod/volume_internal_linux.go
@@ -6,6 +6,8 @@ import (
"io/ioutil"
"os/exec"
+ "github.com/containers/libpod/libpod/define"
+ "github.com/containers/libpod/pkg/rootless"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
"golang.org/x/sys/unix"
@@ -24,6 +26,11 @@ func (v *Volume) mount() error {
return nil
}
+ // We cannot mount volumes as rootless.
+ if rootless.IsRootless() {
+ return errors.Wrapf(define.ErrRootless, "cannot mount volumes without root privileges")
+ }
+
// Update the volume from the DB to get an accurate mount counter.
if err := v.update(); err != nil {
return err
@@ -108,6 +115,20 @@ func (v *Volume) unmount(force bool) error {
return nil
}
+ // We cannot unmount volumes as rootless.
+ if rootless.IsRootless() {
+ // If force is set, just clear the counter and bail without
+ // error, so we can remove volumes from the state if they are in
+ // an awkward configuration.
+ if force {
+ logrus.Errorf("Volume %s is mounted despite being rootless - state is not sane", v.Name())
+ v.state.MountCount = 0
+ return v.save()
+ }
+
+ return errors.Wrapf(define.ErrRootless, "cannot mount or unmount volumes without root privileges")
+ }
+
if !force {
v.state.MountCount = v.state.MountCount - 1
} else {
@@ -119,6 +140,10 @@ func (v *Volume) unmount(force bool) error {
if v.state.MountCount == 0 {
// Unmount the volume
if err := unix.Unmount(v.config.MountPoint, unix.MNT_DETACH); err != nil {
+ if err == unix.EINVAL {
+ // Ignore EINVAL - the mount no longer exists.
+ return nil
+ }
return errors.Wrapf(err, "error unmounting volume %s", v.Name())
}
logrus.Debugf("Unmounted volume %s", v.Name())