diff options
| -rw-r--r-- | cmd/podman/images/list.go | 6 | ||||
| -rw-r--r-- | docs/source/markdown/podman-images.1.md | 4 | ||||
| -rw-r--r-- | libpod/container_log_linux.go | 3 | ||||
| -rw-r--r-- | pkg/api/handlers/compat/images.go | 5 | ||||
| -rw-r--r-- | pkg/api/server/register_images.go | 5 | ||||
| -rw-r--r-- | pkg/bindings/images/types.go | 2 | ||||
| -rw-r--r-- | pkg/bindings/images/types_list_options.go | 15 | ||||
| -rw-r--r-- | pkg/domain/entities/images.go | 1 | ||||
| -rw-r--r-- | pkg/domain/infra/abi/images_list.go | 16 | ||||
| -rw-r--r-- | pkg/domain/infra/tunnel/images.go | 2 | ||||
| -rw-r--r-- | test/system/010-images.bats | 11 | ||||
| -rw-r--r-- | test/system/015-help.bats | 15 | ||||
| -rw-r--r-- | test/system/030-run.bats | 24 | ||||
| -rw-r--r-- | test/system/035-logs.bats | 28 |
14 files changed, 72 insertions, 65 deletions
diff --git a/cmd/podman/images/list.go b/cmd/podman/images/list.go index 10a2a4f87..9bddf1cff 100644 --- a/cmd/podman/images/list.go +++ b/cmd/podman/images/list.go @@ -87,7 +87,6 @@ func imageListFlagSet(cmd *cobra.Command) { flags := cmd.Flags() flags.BoolVarP(&listOptions.All, "all", "a", false, "Show all images (default hides intermediate images)") - flags.BoolVarP(&listOptions.Size, "size", "", true, "Compute the size of each image") filterFlagName := "filter" flags.StringSliceVarP(&listOptions.Filter, filterFlagName, "f", []string{}, "Filter output based on conditions provided (default [])") @@ -321,10 +320,7 @@ func lsFormatFromFlags(flags listFlagType) string { row = append(row, "{{.Digest}}") } - row = append(row, "{{.ID}}", "{{.Created}}") - if listOptions.Size { - row = append(row, "{{.Size}}") - } + row = append(row, "{{.ID}}", "{{.Created}}", "{{.Size}}") if flags.history { row = append(row, "{{if .History}}{{.History}}{{else}}<none>{{end}}") diff --git a/docs/source/markdown/podman-images.1.md b/docs/source/markdown/podman-images.1.md index bdd187348..e28df840d 100644 --- a/docs/source/markdown/podman-images.1.md +++ b/docs/source/markdown/podman-images.1.md @@ -100,10 +100,6 @@ Omit the table headings from the listing of images. Lists only the image IDs. -#### **--size** - -Compute and display the size of each image. The default is true. Computing the size of images can be costly. If listing images is critical to performance, consider turning off size-computation via `--size=false`. - #### **--sort**=*sort*=*created* Sort by created, id, repository, size or tag (default: created) diff --git a/libpod/container_log_linux.go b/libpod/container_log_linux.go index d96647e51..deb726526 100644 --- a/libpod/container_log_linux.go +++ b/libpod/container_log_linux.go @@ -209,9 +209,6 @@ func (c *Container) readFromJournal(ctx context.Context, options *logs.LogOption containerCouldBeLogging = true case events.Exited: containerCouldBeLogging = false - if doTail { - doTailFunc() - } } continue } diff --git a/pkg/api/handlers/compat/images.go b/pkg/api/handlers/compat/images.go index ea2df4a73..edefce010 100644 --- a/pkg/api/handlers/compat/images.go +++ b/pkg/api/handlers/compat/images.go @@ -415,9 +415,8 @@ func GetImages(w http.ResponseWriter, r *http.Request) { All bool Digests bool Filter string // Docker 1.24 compatibility - Size bool }{ - Size: true, + // This is where you can override the golang default value for one of fields } if err := decoder.Decode(&query, r.URL.Query()); err != nil { @@ -444,7 +443,7 @@ func GetImages(w http.ResponseWriter, r *http.Request) { imageEngine := abi.ImageEngine{Libpod: runtime} - listOptions := entities.ImageListOptions{All: query.All, Filter: filterList, Size: query.Size} + listOptions := entities.ImageListOptions{All: query.All, Filter: filterList} summaries, err := imageEngine.List(r.Context(), listOptions) if err != nil { utils.Error(w, http.StatusInternalServerError, err) diff --git a/pkg/api/server/register_images.go b/pkg/api/server/register_images.go index 2ed7aa054..89f808e7d 100644 --- a/pkg/api/server/register_images.go +++ b/pkg/api/server/register_images.go @@ -840,11 +840,6 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error { // - `id`=(`<image-id>`) // - `since`=(`<image-name>[:<tag>]`, `<image id>` or `<image@digest>`) // type: string - // - name: size - // in: query - // description: Compute the size of each image - // type: boolean - // default: true // produces: // - application/json // responses: diff --git a/pkg/bindings/images/types.go b/pkg/bindings/images/types.go index 87ec28dc2..75cb38a0a 100644 --- a/pkg/bindings/images/types.go +++ b/pkg/bindings/images/types.go @@ -31,8 +31,6 @@ type ListOptions struct { All *bool // filters that can be used to get a more specific list of images Filters map[string][]string - // Compute the size of each image - Size *bool } //go:generate go run ../generator/generator.go GetOptions diff --git a/pkg/bindings/images/types_list_options.go b/pkg/bindings/images/types_list_options.go index 7f479630f..f47cd9c75 100644 --- a/pkg/bindings/images/types_list_options.go +++ b/pkg/bindings/images/types_list_options.go @@ -46,18 +46,3 @@ func (o *ListOptions) GetFilters() map[string][]string { } return o.Filters } - -// WithSize set field Size to given value -func (o *ListOptions) WithSize(value bool) *ListOptions { - o.Size = &value - return o -} - -// GetSize returns value of field Size -func (o *ListOptions) GetSize() bool { - if o.Size == nil { - var z bool - return z - } - return *o.Size -} diff --git a/pkg/domain/entities/images.go b/pkg/domain/entities/images.go index 56126f46c..7081c5d25 100644 --- a/pkg/domain/entities/images.go +++ b/pkg/domain/entities/images.go @@ -251,7 +251,6 @@ type ImageSearchReport struct { type ImageListOptions struct { All bool `json:"all" schema:"all"` Filter []string `json:"Filter,omitempty"` - Size bool `json:"size" schema:"size"` } type ImagePruneOptions struct { diff --git a/pkg/domain/infra/abi/images_list.go b/pkg/domain/infra/abi/images_list.go index 8825f1ac6..9a0aaaf3a 100644 --- a/pkg/domain/infra/abi/images_list.go +++ b/pkg/domain/infra/abi/images_list.go @@ -60,16 +60,14 @@ func (ir *ImageEngine) List(ctx context.Context, opts entities.ImageListOptions) } e.Containers = len(ctnrs) - if opts.Size { - sz, err := img.Size() - if err != nil { - return nil, errors.Wrapf(err, "error retrieving size of image %q: you may need to remove the image to resolve the error", img.ID()) - } - e.Size = sz - // This is good enough for now, but has to be - // replaced later with correct calculation logic - e.VirtualSize = sz + sz, err := img.Size() + if err != nil { + return nil, errors.Wrapf(err, "error retrieving size of image %q: you may need to remove the image to resolve the error", img.ID()) } + e.Size = sz + // This is good enough for now, but has to be + // replaced later with correct calculation logic + e.VirtualSize = sz parent, err := img.Parent(ctx) if err != nil { diff --git a/pkg/domain/infra/tunnel/images.go b/pkg/domain/infra/tunnel/images.go index 4694189e3..18e10e8dd 100644 --- a/pkg/domain/infra/tunnel/images.go +++ b/pkg/domain/infra/tunnel/images.go @@ -38,7 +38,7 @@ func (ir *ImageEngine) List(ctx context.Context, opts entities.ImageListOptions) f := strings.Split(filter, "=") filters[f[0]] = f[1:] } - options := new(images.ListOptions).WithAll(opts.All).WithFilters(filters).WithSize(opts.Size) + options := new(images.ListOptions).WithAll(opts.All).WithFilters(filters) psImages, err := images.List(ir.ClientCtx, options) if err != nil { return nil, err diff --git a/test/system/010-images.bats b/test/system/010-images.bats index 352c3aa95..257508418 100644 --- a/test/system/010-images.bats +++ b/test/system/010-images.bats @@ -312,15 +312,4 @@ Deleted: $pauseID" is "$output" "" } -@test "podman images --size" { - run_podman images - is "${lines[0]}" "REPOSITORY.*TAG.*IMAGE ID.*CREATED.*SIZE" - run_podman images --noheading --format "{{.Size}}" - is "$output" ".* MB" - run_podman images --size=false - is "${lines[0]}" "REPOSITORY.*TAG.*IMAGE ID.*CREATED" - run_podman images --noheading --format "{{.Size}}" --size=false - is "$output" "0 B" -} - # vim: filetype=sh diff --git a/test/system/015-help.bats b/test/system/015-help.bats index a87081687..4eeea85bf 100644 --- a/test/system/015-help.bats +++ b/test/system/015-help.bats @@ -68,9 +68,10 @@ function check_help() { if [ "$cmd" != "help" ]; then dprint "$command_string invalid-arg" run_podman '?' "$@" $cmd invalid-arg - is "$status" 125 "'$command_string invalid-arg' - exit status" + is "$status" 125 \ + "'$usage' indicates that the command takes no arguments. I invoked it with 'invalid-arg' and expected an error status" is "$output" "Error: .* takes no arguments" \ - "'$command_string' with extra (invalid) arguments" + "'$usage' indicates that the command takes no arguments. I invoked it with 'invalid-arg' and expected the following error message" fi found[takes_no_args]=1 fi @@ -115,9 +116,10 @@ function check_help() { # try to read username/password from stdin. dprint "$command_string (without required args)" run_podman '?' "$@" $cmd </dev/null - is "$status" 125 "'$command_string' with no arguments - exit status" + is "$status" 125 \ + "'$usage' indicates at least one required arg. I invoked it with no args and expected an error exit code" is "$output" "Error:.* \(require\|specif\|must\|provide\|need\|choose\|accepts\)" \ - "'$command_string' without required arg" + "'$usage' indicates at least one required arg. I invoked it with no args and expected one of these error messages" found[required_args]=1 fi @@ -138,9 +140,10 @@ function check_help() { local n_args=$(wc -w <<<"$rhs") run_podman '?' "$@" $cmd $(seq --format='x%g' 0 $n_args) - is "$status" 125 "'$command_string' with >$n_args arguments - exit status" + is "$status" 125 \ + "'$usage' indicates a maximum of $n_args args. I invoked it with more, and expected this exit status" is "$output" "Error:.* \(takes no arguments\|requires exactly $n_args arg\|accepts at most\|too many arguments\|accepts $n_args arg(s), received\|accepts between .* and .* arg(s), received \)" \ - "'$command_string' with >$n_args arguments" + "'$usage' indicates a maximum of $n_args args. I invoked it with more, and expected one of these error messages" found[fixed_args]=1 fi diff --git a/test/system/030-run.bats b/test/system/030-run.bats index 72e4a2bc8..aba18badb 100644 --- a/test/system/030-run.bats +++ b/test/system/030-run.bats @@ -821,4 +821,28 @@ EOF run_podman run --rm $IMAGE cat /proc/self/oom_score_adj is "$output" "$current_oom_score_adj" "different oom_score_adj in the container" } + +# CVE-2022-1227 : podman top joins container mount NS and uses nsenter from image +@test "podman top does not use nsenter from image" { + tmpdir=$PODMAN_TMPDIR/build-test + mkdir -p $tmpdir + tmpbuilddir=$tmpdir/build + mkdir -p $tmpbuilddir + dockerfile=$tmpbuilddir/Dockerfile + cat >$dockerfile <<EOF +FROM $IMAGE +RUN rm /usr/bin/nsenter; \ +echo -e "#!/bin/sh\nfalse" >> /usr/bin/nsenter; \ +chmod +x /usr/bin/nsenter +EOF + + test_image="cve_2022_1227_test" + run_podman build -t $test_image $tmpbuilddir + run_podman run -d --userns=keep-id $test_image top + ctr="$output" + run_podman top $ctr huser,user + run_podman rm -f -t0 $ctr + run_podman rmi $test_image +} + # vim: filetype=sh diff --git a/test/system/035-logs.bats b/test/system/035-logs.bats index db50c8f8c..e38cdb383 100644 --- a/test/system/035-logs.bats +++ b/test/system/035-logs.bats @@ -30,6 +30,34 @@ load helpers run_podman rm $cid } +function _log_test_tail() { + local driver=$1 + + run_podman run -d --log-driver=$driver $IMAGE sh -c "echo test1; echo test2" + cid="$output" + + run_podman logs --tail 1 $cid + is "$output" "test2" "logs should only show last line" + + run_podman restart $cid + + run_podman logs --tail 1 $cid + is "$output" "test2" "logs should only show last line after restart" + + run_podman rm $cid +} + +@test "podman logs - tail test, k8s-file" { + _log_test_tail k8s-file +} + +@test "podman logs - tail test, journald" { + # We can't use journald on RHEL as rootless: rhbz#1895105 + skip_if_journald_unavailable + + _log_test_tail journald +} + function _additional_events_backend() { local driver=$1 # Since PR#10431, 'logs -f' with journald driver is only supported with journald events backend. |