diff options
| -rw-r--r-- | Makefile | 2 | ||||
| -rwxr-xr-x | contrib/build_rpm.sh | 1 | ||||
| -rw-r--r-- | contrib/spec/podman.spec.in | 7 | ||||
| -rwxr-xr-x | hack/systemd_tag.sh | 7 | ||||
| -rw-r--r-- | libpod/config/config.go | 14 | ||||
| -rw-r--r-- | test/e2e/e2e.coverprofile | 11 | ||||
| -rw-r--r-- | troubleshooting.md | 27 |
7 files changed, 50 insertions, 19 deletions
@@ -45,7 +45,7 @@ endif ifeq (,$(findstring systemd,$(BUILDTAGS))) $(warning \ Podman is being compiled without the systemd build tag.\ - Install libsystemd for journald support) + Install libsystemd on Ubuntu or systemd-devel on rpm based distro for journald support) endif BUILDTAGS_CROSS ?= containers_image_openpgp exclude_graphdriver_btrfs exclude_graphdriver_devicemapper exclude_graphdriver_overlay diff --git a/contrib/build_rpm.sh b/contrib/build_rpm.sh index e41763fa7..088d8b7a5 100755 --- a/contrib/build_rpm.sh +++ b/contrib/build_rpm.sh @@ -26,6 +26,7 @@ declare -a PKGS=(device-mapper-devel \ make \ rpm-build \ go-compilers-golang-compiler \ + systemd-devel \ ) if [[ $pkg_manager == *dnf ]]; then diff --git a/contrib/spec/podman.spec.in b/contrib/spec/podman.spec.in index 2b9621dbc..9676a3fb4 100644 --- a/contrib/spec/podman.spec.in +++ b/contrib/spec/podman.spec.in @@ -22,6 +22,9 @@ %define gobuild(o:) go build -tags="$BUILDTAGS" -ldflags "${LDFLAGS:-} -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \\n')" -a -v -x %{?**}; #% endif +# libpod hack directory +%define hackdir %{_builddir}/%{repo}-%{shortcommit0} + %global provider github %global provider_tld com %global project containers @@ -384,7 +387,7 @@ ln -s ../../../../ src/%{import_path} popd ln -s vendor src export GOPATH=$(pwd)/_build:$(pwd):$(pwd):%{gopath} -export BUILDTAGS="varlink selinux seccomp $(hack/btrfs_installed_tag.sh) $(hack/btrfs_tag.sh) $(hack/libdm_tag.sh) exclude_graphdriver_devicemapper" +export BUILDTAGS="varlink selinux seccomp $(%{hackdir}/hack/btrfs_installed_tag.sh) $(%{hackdir}/hack/btrfs_tag.sh) $(%{hackdir}/hack/libdm_tag.sh) exclude_graphdriver_devicemapper" GOPATH=$GOPATH go generate ./cmd/podman/varlink/... @@ -402,7 +405,7 @@ mkdir -p src/%{provider}.%{provider_tld}/{containers,opencontainers} ln -s $(dirs +1 -l) src/%{import_path_conmon} popd -export BUILDTAGS="selinux seccomp $(hack/btrfs_installed_tag.sh) $(hack/btrfs_tag.sh)" +export BUILDTAGS="selinux seccomp $(%{hackdir}/hack/btrfs_installed_tag.sh) $(%{hackdir}/hack/btrfs_tag.sh)" BUILDTAGS=$BUILDTAGS make popd diff --git a/hack/systemd_tag.sh b/hack/systemd_tag.sh index c59cad559..19a7bf6a6 100755 --- a/hack/systemd_tag.sh +++ b/hack/systemd_tag.sh @@ -1,4 +1,7 @@ #!/usr/bin/env bash -if pkg-config --exists libsystemd; then - echo systemd +cc -E - > /dev/null 2> /dev/null << EOF +#include <systemd/sd-daemon.h> +EOF +if test $? -eq 0 ; then + echo systemd fi diff --git a/libpod/config/config.go b/libpod/config/config.go index 0e867a50e..6240bccb0 100644 --- a/libpod/config/config.go +++ b/libpod/config/config.go @@ -448,20 +448,27 @@ func NewConfig(userConfigPath string) (*Config, error) { if err != nil { return nil, errors.Wrapf(err, "error reading user config %q", userConfigPath) } - if err := cgroupV2Check(userConfigPath, config); err != nil { - return nil, errors.Wrapf(err, "error rewriting configuration file %s", userConfigPath) - } } // Now, check if the user can access system configs and merge them if needed. if configs, err := systemConfigs(); err != nil { return nil, errors.Wrapf(err, "error finding config on system") } else { + migrated := false for _, path := range configs { systemConfig, err := readConfigFromFile(path) if err != nil { return nil, errors.Wrapf(err, "error reading system config %q", path) } + // Handle CGroups v2 configuration migration. + // Migrate only the first config, and do it before + // merging. + if !migrated { + if err := cgroupV2Check(path, systemConfig); err != nil { + return nil, errors.Wrapf(err, "error rewriting configuration file %s", userConfigPath) + } + migrated = true + } // Merge the it into the config. Any unset field in config will be // over-written by the systemConfig. if err := config.mergeConfig(systemConfig); err != nil { @@ -564,6 +571,7 @@ func (c *Config) checkCgroupsAndLogger() { // TODO Once runc has support for cgroups, this function should be removed. func cgroupV2Check(configPath string, tmpConfig *Config) error { if !tmpConfig.CgroupCheck && rootless.IsRootless() { + logrus.Debugf("Rewriting %s for CGroup v2 upgrade", configPath) cgroupsV2, err := cgroups.IsCgroup2UnifiedMode() if err != nil { return err diff --git a/test/e2e/e2e.coverprofile b/test/e2e/e2e.coverprofile deleted file mode 100644 index d413679ea..000000000 --- a/test/e2e/e2e.coverprofile +++ /dev/null @@ -1,11 +0,0 @@ -mode: atomic -github.com/containers/libpod/test/e2e/pod_pod_namespaces.go:14.46,21.20 2 3 -github.com/containers/libpod/test/e2e/pod_pod_namespaces.go:32.2,32.19 1 3 -github.com/containers/libpod/test/e2e/pod_pod_namespaces.go:39.2,39.53 1 3 -github.com/containers/libpod/test/e2e/pod_pod_namespaces.go:66.2,66.52 1 3 -github.com/containers/libpod/test/e2e/pod_pod_namespaces.go:21.20,23.17 2 6 -github.com/containers/libpod/test/e2e/pod_pod_namespaces.go:26.3,29.36 4 6 -github.com/containers/libpod/test/e2e/pod_pod_namespaces.go:23.17,25.4 1 0 -github.com/containers/libpod/test/e2e/pod_pod_namespaces.go:32.19,37.3 3 6 -github.com/containers/libpod/test/e2e/pod_pod_namespaces.go:39.53,64.3 20 3 -github.com/containers/libpod/test/e2e/pod_pod_namespaces.go:66.52,91.3 20 3
\ No newline at end of file diff --git a/troubleshooting.md b/troubleshooting.md index 9def0e08b..432c0e32b 100644 --- a/troubleshooting.md +++ b/troubleshooting.md @@ -442,3 +442,30 @@ Attempts to run podman result in #### Solution One workaround is to disable Secure Boot in your BIOS. + +### 19) error creating libpod runtime: there might not be enough IDs available in the namespace + +Unable to pull images + +#### Symptom + +```console +$ podman unshare cat /proc/self/uid_map + 0 1000 1 +``` + +#### Solution + +```console +$ podman system migrate +``` + +Original command now returns + +``` +$ podman unshare cat /proc/self/uid_map + 0 1000 1 + 1 100000 65536 +``` + +Reference [subuid](http://man7.org/linux/man-pages/man5/subuid.5.html) and [subgid](http://man7.org/linux/man-pages/man5/subgid.5.html) man pages for more detail.
\ No newline at end of file |