diff options
| -rw-r--r-- | .ubuntu_prepare.sh | 6 | ||||
| -rw-r--r-- | CONTRIBUTING.md | 2 | ||||
| -rw-r--r-- | LICENSE | 4 | ||||
| -rw-r--r-- | Makefile | 1 | ||||
| -rw-r--r-- | README.md | 2 | ||||
| -rw-r--r-- | build_osx.md | 2 | ||||
| -rw-r--r-- | cmd/podman/common/create_opts.go | 45 | ||||
| -rw-r--r-- | cmd/podman/images/import.go | 4 | ||||
| -rwxr-xr-x | hack/libsubid_tag.sh | 19 | ||||
| -rw-r--r-- | libpod/network/cni/cni_exec.go | 2 | ||||
| -rw-r--r-- | libpod/networking_linux.go | 8 | ||||
| -rw-r--r-- | pkg/cgroups/systemd.go | 2 | ||||
| -rw-r--r-- | pkg/hooks/docs/oci-hooks.5.md | 2 | ||||
| -rw-r--r-- | pkg/kubeutils/LICENSE | 4 | ||||
| -rw-r--r-- | pkg/kubeutils/resize.go | 2 | ||||
| -rw-r--r-- | pkg/netns/netns_linux.go | 2 | ||||
| -rw-r--r-- | pkg/specgenutil/volumes.go | 4 | ||||
| -rw-r--r-- | pkg/util/camelcase/README.md | 4 | ||||
| -rw-r--r-- | pkg/util/camelcase/camelcase.go | 2 | ||||
| -rw-r--r-- | test/apiv2/20-containers.at | 8 | ||||
| -rwxr-xr-x | test/apiv2/test-apiv2 | 3 | ||||
| -rw-r--r-- | troubleshooting.md | 2 |
22 files changed, 96 insertions, 34 deletions
diff --git a/.ubuntu_prepare.sh b/.ubuntu_prepare.sh index 7b7dd1bb1..1a5d1140f 100644 --- a/.ubuntu_prepare.sh +++ b/.ubuntu_prepare.sh @@ -33,7 +33,7 @@ done if [ $conmon -eq 1 ]; then # Build and install conmon from source echo "Building conmon ..." - git clone http://github.com/containers/conmon $conmon_source + git clone https://github.com/containers/conmon $conmon_source cd $conmon_source && make install PREFIX=/usr fi @@ -41,7 +41,7 @@ fi if [ $cni -eq 1 ]; then # Build and install containernetworking plugins from source echo "Building containernetworking-plugins..." - git clone http://github.com/containernetworking/plugins $cni_source + git clone https://github.com/containernetworking/plugins $cni_source cd $cni_source ./build.sh mkdir -p /usr/libexec/cni @@ -52,7 +52,7 @@ fi if [ $runc -eq 1 ]; then # Build and install runc echo "Building runc..." - git clone http://github.com/opencontainers/runc $runc_source + git clone https://github.com/opencontainers/runc $runc_source cd $runc_source make install PREFIX=/usr fi diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 30bbe3045..e9f40dffe 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -243,7 +243,7 @@ outputting the above style in the git log or git show commands: The sign-off is a line at the end of the explanation for the patch. Your signature certifies that you wrote the patch or otherwise have the right to pass it on as an open-source patch. The rules are simple: if you can certify -the below (from [developercertificate.org](http://developercertificate.org/)): +the below (from [developercertificate.org](https://developercertificate.org/)): ``` Developer Certificate of Origin @@ -1,6 +1,6 @@ Apache License Version 2.0, January 2004 - http://www.apache.org/licenses/ + https://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION @@ -192,7 +192,7 @@ you may not use this file except in compliance with the License. You may obtain a copy of the License at - http://www.apache.org/licenses/LICENSE-2.0 + https://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, @@ -50,6 +50,7 @@ BUILDTAGS ?= \ $(shell hack/btrfs_tag.sh) \ $(shell hack/selinux_tag.sh) \ $(shell hack/systemd_tag.sh) \ + $(shell hack/libsubid_tag.sh) \ exclude_graphdriver_devicemapper \ seccomp PYTHON ?= $(shell command -v python3 python|head -n1) @@ -93,7 +93,7 @@ Information on how to install Podman in your environment. **[OCI Hooks Support](pkg/hooks/README.md)** Information on how Podman configures [OCI Hooks][spec-hooks] to run when launching a container. -**[Podman API](http://docs.podman.io/en/latest/_static/api.html)** +**[Podman API](https://docs.podman.io/en/latest/_static/api.html)** Documentation on the Podman REST API. **[Podman Commands](https://podman.readthedocs.io/en/latest/Commands.html)** diff --git a/build_osx.md b/build_osx.md index 59e1797a6..d5a292542 100644 --- a/build_osx.md +++ b/build_osx.md @@ -18,7 +18,7 @@ $ brew install go go-md2man You can obtain the latest source code for Podman from its github repository. ``` -$ git clone http://github.com/containers/podman go/src/github.com/containers/podman +$ git clone https://github.com/containers/podman go/src/github.com/containers/podman ``` ## Build client diff --git a/cmd/podman/common/create_opts.go b/cmd/podman/common/create_opts.go index 2f592cba7..09ac61f2e 100644 --- a/cmd/podman/common/create_opts.go +++ b/cmd/podman/common/create_opts.go @@ -16,6 +16,7 @@ import ( "github.com/containers/podman/v3/pkg/domain/entities" "github.com/containers/podman/v3/pkg/rootless" "github.com/containers/podman/v3/pkg/specgen" + "github.com/docker/docker/api/types/mount" "github.com/pkg/errors" ) @@ -94,18 +95,30 @@ func ContainerCreateToContainerCLIOpts(cc handlers.CreateContainerConfig, rtc *c expose = append(expose, fmt.Sprintf("%s/%s", p.Port(), p.Proto())) } - // mounts type=tmpfs/bind,source=,dest=,opt=val - // TODO options + // mounts type=tmpfs/bind,source=...,target=...=,opt=val mounts := make([]string, 0, len(cc.HostConfig.Mounts)) + var builder strings.Builder for _, m := range cc.HostConfig.Mounts { - mount := fmt.Sprintf("type=%s", m.Type) - if len(m.Source) > 0 { - mount += fmt.Sprintf(",source=%s", m.Source) + addField(&builder, "type", string(m.Type)) + addField(&builder, "source", m.Source) + addField(&builder, "target", m.Target) + addField(&builder, "ro", strconv.FormatBool(m.ReadOnly)) + addField(&builder, "consistency", string(m.Consistency)) + + // Map any specialized mount options that intersect between *Options and cli options + switch m.Type { + case mount.TypeBind: + addField(&builder, "bind-propagation", string(m.BindOptions.Propagation)) + addField(&builder, "bind-nonrecursive", strconv.FormatBool(m.BindOptions.NonRecursive)) + case mount.TypeTmpfs: + addField(&builder, "tmpfs-size", strconv.FormatInt(m.TmpfsOptions.SizeBytes, 10)) + addField(&builder, "tmpfs-mode", strconv.FormatUint(uint64(m.TmpfsOptions.Mode), 10)) + case mount.TypeVolume: + // All current VolumeOpts are handled above + // See vendor/github.com/containers/common/pkg/parse/parse.go:ValidateVolumeOpts() } - if len(m.Target) > 0 { - mount += fmt.Sprintf(",dst=%s", m.Target) - } - mounts = append(mounts, mount) + mounts = append(mounts, builder.String()) + builder.Reset() } // dns @@ -506,3 +519,17 @@ func logDriver() string { } return "" } + +// addField is a helper function to populate mount options +func addField(b *strings.Builder, name string, value string) { + if value == "" { + return + } + + if b.Len() > 0 { + b.WriteRune(',') + } + b.WriteString(name) + b.WriteRune('=') + b.WriteString(value) +} diff --git a/cmd/podman/images/import.go b/cmd/podman/images/import.go index bc80417cc..d4bc0f610 100644 --- a/cmd/podman/images/import.go +++ b/cmd/podman/images/import.go @@ -30,7 +30,7 @@ var ( RunE: importCon, Args: cobra.RangeArgs(1, 2), ValidArgsFunction: common.AutocompleteDefaultOneArg, - Example: `podman import http://example.com/ctr.tar url-image + Example: `podman import https://example.com/ctr.tar url-image cat ctr.tar | podman -q import --message "importing the ctr.tar tarball" - image-imported cat ctr.tar | podman import -`, } @@ -42,7 +42,7 @@ var ( RunE: importCommand.RunE, Args: importCommand.Args, ValidArgsFunction: importCommand.ValidArgsFunction, - Example: `podman image import http://example.com/ctr.tar url-image + Example: `podman image import https://example.com/ctr.tar url-image cat ctr.tar | podman -q image import --message "importing the ctr.tar tarball" - image-imported cat ctr.tar | podman image import -`, } diff --git a/hack/libsubid_tag.sh b/hack/libsubid_tag.sh new file mode 100755 index 000000000..ab6af9e30 --- /dev/null +++ b/hack/libsubid_tag.sh @@ -0,0 +1,19 @@ +#!/usr/bin/env bash +if test $(${GO:-go} env GOOS) != "linux" ; then + exit 0 +fi +tmpdir="$PWD/tmp.$RANDOM" +mkdir -p "$tmpdir" +trap 'rm -fr "$tmpdir"' EXIT +cc -o "$tmpdir"/libsubid_tag -l subid -x c - > /dev/null 2> /dev/null << EOF +#include <shadow/subid.h> +int main() { + struct subid_range *ranges = NULL; + get_subuid_ranges("root", &ranges); + free(ranges); + return 0; +} +EOF +if test $? -eq 0 ; then + echo libsubid +fi diff --git a/libpod/network/cni/cni_exec.go b/libpod/network/cni/cni_exec.go index 0aec3d4f1..c4d7f49f7 100644 --- a/libpod/network/cni/cni_exec.go +++ b/libpod/network/cni/cni_exec.go @@ -8,7 +8,7 @@ // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // -// http://www.apache.org/licenses/LICENSE-2.0 +// https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, diff --git a/libpod/networking_linux.go b/libpod/networking_linux.go index 5ade0849d..9aa6cab15 100644 --- a/libpod/networking_linux.go +++ b/libpod/networking_linux.go @@ -185,7 +185,13 @@ func (r *RootlessCNI) Do(toRun func() error) error { // if there is no symlink exit break } - resolvePath = filepath.Join(filepath.Dir(resolvePath), link) + if filepath.IsAbs(link) { + // link is as an absolute path + resolvePath = link + } else { + // link is as a relative, join it with the previous path + resolvePath = filepath.Join(filepath.Dir(resolvePath), link) + } if strings.HasPrefix(resolvePath, "/run/") { break } diff --git a/pkg/cgroups/systemd.go b/pkg/cgroups/systemd.go index 9bbdca415..f26988c5a 100644 --- a/pkg/cgroups/systemd.go +++ b/pkg/cgroups/systemd.go @@ -58,7 +58,7 @@ func systemdCreate(path string, c *systemdDbus.Conn) error { you may not use this file except in compliance with the License. You may obtain a copy of the License at - http://www.apache.org/licenses/LICENSE-2.0 + https://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, diff --git a/pkg/hooks/docs/oci-hooks.5.md b/pkg/hooks/docs/oci-hooks.5.md index 7d13ffa82..d6b866231 100644 --- a/pkg/hooks/docs/oci-hooks.5.md +++ b/pkg/hooks/docs/oci-hooks.5.md @@ -179,4 +179,4 @@ $ cat /etc/containers/oci/hooks.d/osystemd-hook.json * [OCI Runtime Specification, 1.0.1, POSIX-platform hooks](https://github.com/opencontainers/runtime-spec/blob/v1.0.1/config.md#posix-platform-hooks) * [OCI Runtime Specification, 1.0.1, process](https://github.com/opencontainers/runtime-spec/blob/v1.0.1/config.md#process) -* [POSIX extended regular expressions (EREs)](http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap09.html#tag_09_04) +* [POSIX extended regular expressions (EREs)](https://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap09.html#tag_09_04) diff --git a/pkg/kubeutils/LICENSE b/pkg/kubeutils/LICENSE index 8dada3eda..9b259bdfc 100644 --- a/pkg/kubeutils/LICENSE +++ b/pkg/kubeutils/LICENSE @@ -1,6 +1,6 @@ Apache License Version 2.0, January 2004 - http://www.apache.org/licenses/ + https://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION @@ -192,7 +192,7 @@ you may not use this file except in compliance with the License. You may obtain a copy of the License at - http://www.apache.org/licenses/LICENSE-2.0 + https://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, diff --git a/pkg/kubeutils/resize.go b/pkg/kubeutils/resize.go index 957e10f45..5d004bc54 100644 --- a/pkg/kubeutils/resize.go +++ b/pkg/kubeutils/resize.go @@ -5,7 +5,7 @@ Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at - http://www.apache.org/licenses/LICENSE-2.0 + https://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, diff --git a/pkg/netns/netns_linux.go b/pkg/netns/netns_linux.go index ecefb65ff..c13ae2f4d 100644 --- a/pkg/netns/netns_linux.go +++ b/pkg/netns/netns_linux.go @@ -4,7 +4,7 @@ // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // -// http://www.apache.org/licenses/LICENSE-2.0 +// https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, diff --git a/pkg/specgenutil/volumes.go b/pkg/specgenutil/volumes.go index e9f70fc9d..0ed08198f 100644 --- a/pkg/specgenutil/volumes.go +++ b/pkg/specgenutil/volumes.go @@ -620,9 +620,9 @@ func getTmpfsMounts(tmpfsFlag []string) (map[string]spec.Mount, error) { mount := spec.Mount{ Destination: filepath.Clean(destPath), - Type: string(define.TypeTmpfs), + Type: define.TypeTmpfs, Options: options, - Source: string(define.TypeTmpfs), + Source: define.TypeTmpfs, } m[destPath] = mount } diff --git a/pkg/util/camelcase/README.md b/pkg/util/camelcase/README.md index 105a6ae33..ab0da573a 100644 --- a/pkg/util/camelcase/README.md +++ b/pkg/util/camelcase/README.md @@ -1,4 +1,4 @@ -# CamelCase [](http://godoc.org/github.com/fatih/camelcase) [](https://travis-ci.org/fatih/camelcase) +# CamelCase [](https://godoc.org/github.com/fatih/camelcase) [](https://travis-ci.org/fatih/camelcase) CamelCase is a Golang (Go) package to split the words of a camelcase type string into a slice of words. It can be used to convert a camelcase word (lower @@ -33,7 +33,7 @@ fmt.Println(splitted[0], splitted[1]) // prints: "Golang", "Package" ``` Both lower camel case and upper camel case are supported. For more info please -check: [http://en.wikipedia.org/wiki/CamelCase](http://en.wikipedia.org/wiki/CamelCase) +check: [https://en.wikipedia.org/wiki/CamelCase](https://en.wikipedia.org/wiki/CamelCase) Below are some example cases: diff --git a/pkg/util/camelcase/camelcase.go b/pkg/util/camelcase/camelcase.go index 0a82d1005..d27ac00d6 100644 --- a/pkg/util/camelcase/camelcase.go +++ b/pkg/util/camelcase/camelcase.go @@ -9,7 +9,7 @@ import ( // Split splits the camelcase word and returns a list of words. It also // supports digits. Both lower camel case and upper camel case are supported. -// For more info please check: http://en.wikipedia.org/wiki/CamelCase +// For more info please check: https://en.wikipedia.org/wiki/CamelCase // // Examples // diff --git a/test/apiv2/20-containers.at b/test/apiv2/20-containers.at index e2eb94233..8fdecb4bd 100644 --- a/test/apiv2/20-containers.at +++ b/test/apiv2/20-containers.at @@ -366,4 +366,12 @@ t GET containers/$cid/json 200 \ .Config.Healthcheck.Timeout=30000000000 \ .Config.Healthcheck.Retries=3 +# compat api: Test for mount options support +payload='{"Mounts":[{"Type":"tmpfs","Target":"/mnt/scratch","TmpfsOptions":{"SizeBytes":1024,"Mode":755}}]}' +t POST containers/create Image=$IMAGE HostConfig="$payload" 201 .Id~[0-9a-f]\\{64\\} +cid=$(jq -r '.Id' <<<"$output") +t GET containers/$cid/json 200 \ + .HostConfig.Tmpfs['"/mnt/scratch"']~.*size=1024.* \ + .HostConfig.Tmpfs['"/mnt/scratch"']~.*mode=755.* + t DELETE containers/$cid?v=true 204 diff --git a/test/apiv2/test-apiv2 b/test/apiv2/test-apiv2 index 26619ae03..e1bf28bae 100755 --- a/test/apiv2/test-apiv2 +++ b/test/apiv2/test-apiv2 @@ -327,7 +327,8 @@ function start_service() { die "Cannot start service on non-localhost ($HOST)" fi - $PODMAN_BIN --root $WORKDIR/server_root system service \ + $PODMAN_BIN --root $WORKDIR/server_root --syslog=true \ + system service \ --time 15 \ tcp:127.0.0.1:$PORT \ &> $WORKDIR/server.log & diff --git a/troubleshooting.md b/troubleshooting.md index dcf1d8715..686166da0 100644 --- a/troubleshooting.md +++ b/troubleshooting.md @@ -493,7 +493,7 @@ $ podman unshare cat /proc/self/uid_map 1 100000 65536 ``` -Reference [subuid](http://man7.org/linux/man-pages/man5/subuid.5.html) and [subgid](http://man7.org/linux/man-pages/man5/subgid.5.html) man pages for more detail. +Reference [subuid](https://man7.org/linux/man-pages/man5/subuid.5.html) and [subgid](https://man7.org/linux/man-pages/man5/subgid.5.html) man pages for more detail. ### 20) Passed-in devices or files can't be accessed in rootless container |