diff options
| -rw-r--r-- | docs/podman-stats.1.md | 3 | ||||
| -rw-r--r-- | libpod/define/errors.go | 4 | ||||
| -rw-r--r-- | libpod/networking_linux.go | 6 | ||||
| -rw-r--r-- | libpod/runtime_volume_linux.go | 9 | ||||
| -rw-r--r-- | libpod/volume_internal_linux.go | 25 |
5 files changed, 46 insertions, 1 deletions
diff --git a/docs/podman-stats.1.md b/docs/podman-stats.1.md index e0cff0dc2..741873c3f 100644 --- a/docs/podman-stats.1.md +++ b/docs/podman-stats.1.md @@ -15,6 +15,9 @@ Note: Podman stats will not work in rootless environments that use CGroups V1. Podman stats relies on CGroup information for statistics, and CGroup v1 is not supported for rootless use cases. +Note: Rootless environments that use CGroups V2 are not able to report statistics +about their networking usage. + ## OPTIONS **--all**, **-a** diff --git a/libpod/define/errors.go b/libpod/define/errors.go index 5392fbc62..523062866 100644 --- a/libpod/define/errors.go +++ b/libpod/define/errors.go @@ -65,6 +65,10 @@ var ( // CGroup. ErrNoCgroups = errors.New("this container does not have a cgroup") + // ErrRootless indicates that the given command cannot but run without + // root. + ErrRootless = errors.New("operation requires root privileges") + // ErrRuntimeStopped indicates that the runtime has already been shut // down and no further operations can be performed on it ErrRuntimeStopped = errors.New("runtime has already been stopped") diff --git a/libpod/networking_linux.go b/libpod/networking_linux.go index 8181cbc8a..4360c8c15 100644 --- a/libpod/networking_linux.go +++ b/libpod/networking_linux.go @@ -462,6 +462,12 @@ func getContainerNetNS(ctr *Container) (string, error) { func getContainerNetIO(ctr *Container) (*netlink.LinkStatistics, error) { var netStats *netlink.LinkStatistics + // rootless v2 cannot seem to resolve its network connection to + // collect statistics. For now, we allow stats to at least run + // by returning nil + if rootless.IsRootless() { + return netStats, nil + } netNSPath, netPathErr := getContainerNetNS(ctr) if netPathErr != nil { return nil, netPathErr diff --git a/libpod/runtime_volume_linux.go b/libpod/runtime_volume_linux.go index 9df93faf3..ba4fff4be 100644 --- a/libpod/runtime_volume_linux.go +++ b/libpod/runtime_volume_linux.go @@ -157,7 +157,14 @@ func (r *Runtime) removeVolume(ctx context.Context, v *Volume, force bool) error // If the volume is still mounted - force unmount it if err := v.unmount(true); err != nil { - return errors.Wrapf(err, "error unmounting volume %s", v.Name()) + if force { + // If force is set, evict the volume, even if errors + // occur. Otherwise we'll never be able to get rid of + // them. + logrus.Errorf("Error unmounting volume %s: %v", v.Name(), err) + } else { + return errors.Wrapf(err, "error unmounting volume %s", v.Name()) + } } // Set volume as invalid so it can no longer be used diff --git a/libpod/volume_internal_linux.go b/libpod/volume_internal_linux.go index 9ae4dcf69..4c0332018 100644 --- a/libpod/volume_internal_linux.go +++ b/libpod/volume_internal_linux.go @@ -6,6 +6,8 @@ import ( "io/ioutil" "os/exec" + "github.com/containers/libpod/libpod/define" + "github.com/containers/libpod/pkg/rootless" "github.com/pkg/errors" "github.com/sirupsen/logrus" "golang.org/x/sys/unix" @@ -24,6 +26,11 @@ func (v *Volume) mount() error { return nil } + // We cannot mount volumes as rootless. + if rootless.IsRootless() { + return errors.Wrapf(define.ErrRootless, "cannot mount volumes without root privileges") + } + // Update the volume from the DB to get an accurate mount counter. if err := v.update(); err != nil { return err @@ -108,6 +115,20 @@ func (v *Volume) unmount(force bool) error { return nil } + // We cannot unmount volumes as rootless. + if rootless.IsRootless() { + // If force is set, just clear the counter and bail without + // error, so we can remove volumes from the state if they are in + // an awkward configuration. + if force { + logrus.Errorf("Volume %s is mounted despite being rootless - state is not sane", v.Name()) + v.state.MountCount = 0 + return v.save() + } + + return errors.Wrapf(define.ErrRootless, "cannot mount or unmount volumes without root privileges") + } + if !force { v.state.MountCount = v.state.MountCount - 1 } else { @@ -119,6 +140,10 @@ func (v *Volume) unmount(force bool) error { if v.state.MountCount == 0 { // Unmount the volume if err := unix.Unmount(v.config.MountPoint, unix.MNT_DETACH); err != nil { + if err == unix.EINVAL { + // Ignore EINVAL - the mount no longer exists. + return nil + } return errors.Wrapf(err, "error unmounting volume %s", v.Name()) } logrus.Debugf("Unmounted volume %s", v.Name()) |