diff options
| -rw-r--r-- | cmd/podman/main.go | 5 | ||||
| -rw-r--r-- | cmd/podman/root.go | 4 | ||||
| -rw-r--r-- | contrib/cirrus/required_host_ports.txt | 1 | ||||
| -rw-r--r-- | libpod/oci_conmon_linux.go | 14 | ||||
| -rw-r--r-- | pkg/api/handlers/compat/images.go | 7 |
5 files changed, 22 insertions, 9 deletions
diff --git a/cmd/podman/main.go b/cmd/podman/main.go index c3aaf84a8..f076d13f3 100644 --- a/cmd/podman/main.go +++ b/cmd/podman/main.go @@ -31,11 +31,6 @@ func main() { return } - // Hard code TMPDIR functions to use /var/tmp, if user did not override - if _, ok := os.LookupEnv("TMPDIR"); !ok { - os.Setenv("TMPDIR", "/var/tmp") - } - rootCmd = parseCommands() Execute() diff --git a/cmd/podman/root.go b/cmd/podman/root.go index 0830a62a5..1f613a4c5 100644 --- a/cmd/podman/root.go +++ b/cmd/podman/root.go @@ -178,6 +178,10 @@ func persistentPreRunE(cmd *cobra.Command, args []string) error { return err } } + // Hard code TMPDIR functions to use /var/tmp, if user did not override + if _, ok := os.LookupEnv("TMPDIR"); !ok { + os.Setenv("TMPDIR", "/var/tmp") + } if !registry.IsRemote() { if cmd.Flag("cpu-profile").Changed { diff --git a/contrib/cirrus/required_host_ports.txt b/contrib/cirrus/required_host_ports.txt index 85a6c26be..140e2c32f 100644 --- a/contrib/cirrus/required_host_ports.txt +++ b/contrib/cirrus/required_host_ports.txt @@ -5,7 +5,6 @@ registry.fedoraproject.org 443 mirrors.fedoraproject.org 443 dl.fedoraproject.org 443 ewr.edge.kernel.org 443 -mirror.chpc.utah.edu 443 mirror.clarkson.edu 443 mirror.umd.edu 443 mirror.vcu.edu 443 diff --git a/libpod/oci_conmon_linux.go b/libpod/oci_conmon_linux.go index 307b9bc54..7e0a1d457 100644 --- a/libpod/oci_conmon_linux.go +++ b/libpod/oci_conmon_linux.go @@ -1433,6 +1433,14 @@ func (r *ConmonOCIRuntime) moveConmonToCgroupAndSignal(ctr *Container, cmd *exec } if mustCreateCgroup { + // Usually rootless users are not allowed to configure cgroupfs. + // There are cases though, where it is allowed, e.g. if the cgroup + // is manually configured and chowned). Avoid detecting all + // such cases and simply use a lower log level. + logLevel := logrus.WarnLevel + if rootless.IsRootless() { + logLevel = logrus.InfoLevel + } // TODO: This should be a switch - we are not guaranteed that // there are only 2 valid cgroup managers cgroupParent := ctr.CgroupParent() @@ -1447,17 +1455,17 @@ func (r *ConmonOCIRuntime) moveConmonToCgroupAndSignal(ctr *Container, cmd *exec logrus.Infof("Running conmon under slice %s and unitName %s", realCgroupParent, unitName) if err := utils.RunUnderSystemdScope(cmd.Process.Pid, realCgroupParent, unitName); err != nil { - logrus.Warnf("Failed to add conmon to systemd sandbox cgroup: %v", err) + logrus.StandardLogger().Logf(logLevel, "Failed to add conmon to systemd sandbox cgroup: %v", err) } } else { cgroupPath := filepath.Join(ctr.config.CgroupParent, "conmon") control, err := cgroups.New(cgroupPath, &spec.LinuxResources{}) if err != nil { - logrus.Warnf("Failed to add conmon to cgroupfs sandbox cgroup: %v", err) + logrus.StandardLogger().Logf(logLevel, "Failed to add conmon to cgroupfs sandbox cgroup: %v", err) } else if err := control.AddPid(cmd.Process.Pid); err != nil { // we need to remove this defer and delete the cgroup once conmon exits // maybe need a conmon monitor? - logrus.Warnf("Failed to add conmon to cgroupfs sandbox cgroup: %v", err) + logrus.StandardLogger().Logf(logLevel, "Failed to add conmon to cgroupfs sandbox cgroup: %v", err) } } } diff --git a/pkg/api/handlers/compat/images.go b/pkg/api/handlers/compat/images.go index a51dd8ed3..dc72500e4 100644 --- a/pkg/api/handlers/compat/images.go +++ b/pkg/api/handlers/compat/images.go @@ -22,6 +22,7 @@ import ( "github.com/gorilla/schema" "github.com/opencontainers/go-digest" "github.com/pkg/errors" + "github.com/sirupsen/logrus" ) // mergeNameAndTagOrDigest creates an image reference as string from the @@ -386,6 +387,12 @@ func LoadImages(w http.ResponseWriter, r *http.Request) { utils.Error(w, "Something went wrong.", http.StatusInternalServerError, errors.Wrap(err, "failed to create tempfile")) return } + defer func() { + err := os.Remove(f.Name()) + if err != nil { + logrus.Errorf("Failed to remove temporary file: %v.", err) + } + }() if err := SaveFromBody(f, r); err != nil { utils.Error(w, "Something went wrong.", http.StatusInternalServerError, errors.Wrap(err, "failed to write temporary file")) return |