diff options
| -rw-r--r-- | contrib/spec/podman.spec.in | 7 | ||||
| -rw-r--r-- | libpod/config/config.go | 14 | ||||
| -rw-r--r-- | troubleshooting.md | 27 |
3 files changed, 43 insertions, 5 deletions
diff --git a/contrib/spec/podman.spec.in b/contrib/spec/podman.spec.in index 2b9621dbc..9676a3fb4 100644 --- a/contrib/spec/podman.spec.in +++ b/contrib/spec/podman.spec.in @@ -22,6 +22,9 @@ %define gobuild(o:) go build -tags="$BUILDTAGS" -ldflags "${LDFLAGS:-} -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \\n')" -a -v -x %{?**}; #% endif +# libpod hack directory +%define hackdir %{_builddir}/%{repo}-%{shortcommit0} + %global provider github %global provider_tld com %global project containers @@ -384,7 +387,7 @@ ln -s ../../../../ src/%{import_path} popd ln -s vendor src export GOPATH=$(pwd)/_build:$(pwd):$(pwd):%{gopath} -export BUILDTAGS="varlink selinux seccomp $(hack/btrfs_installed_tag.sh) $(hack/btrfs_tag.sh) $(hack/libdm_tag.sh) exclude_graphdriver_devicemapper" +export BUILDTAGS="varlink selinux seccomp $(%{hackdir}/hack/btrfs_installed_tag.sh) $(%{hackdir}/hack/btrfs_tag.sh) $(%{hackdir}/hack/libdm_tag.sh) exclude_graphdriver_devicemapper" GOPATH=$GOPATH go generate ./cmd/podman/varlink/... @@ -402,7 +405,7 @@ mkdir -p src/%{provider}.%{provider_tld}/{containers,opencontainers} ln -s $(dirs +1 -l) src/%{import_path_conmon} popd -export BUILDTAGS="selinux seccomp $(hack/btrfs_installed_tag.sh) $(hack/btrfs_tag.sh)" +export BUILDTAGS="selinux seccomp $(%{hackdir}/hack/btrfs_installed_tag.sh) $(%{hackdir}/hack/btrfs_tag.sh)" BUILDTAGS=$BUILDTAGS make popd diff --git a/libpod/config/config.go b/libpod/config/config.go index 0e867a50e..6240bccb0 100644 --- a/libpod/config/config.go +++ b/libpod/config/config.go @@ -448,20 +448,27 @@ func NewConfig(userConfigPath string) (*Config, error) { if err != nil { return nil, errors.Wrapf(err, "error reading user config %q", userConfigPath) } - if err := cgroupV2Check(userConfigPath, config); err != nil { - return nil, errors.Wrapf(err, "error rewriting configuration file %s", userConfigPath) - } } // Now, check if the user can access system configs and merge them if needed. if configs, err := systemConfigs(); err != nil { return nil, errors.Wrapf(err, "error finding config on system") } else { + migrated := false for _, path := range configs { systemConfig, err := readConfigFromFile(path) if err != nil { return nil, errors.Wrapf(err, "error reading system config %q", path) } + // Handle CGroups v2 configuration migration. + // Migrate only the first config, and do it before + // merging. + if !migrated { + if err := cgroupV2Check(path, systemConfig); err != nil { + return nil, errors.Wrapf(err, "error rewriting configuration file %s", userConfigPath) + } + migrated = true + } // Merge the it into the config. Any unset field in config will be // over-written by the systemConfig. if err := config.mergeConfig(systemConfig); err != nil { @@ -564,6 +571,7 @@ func (c *Config) checkCgroupsAndLogger() { // TODO Once runc has support for cgroups, this function should be removed. func cgroupV2Check(configPath string, tmpConfig *Config) error { if !tmpConfig.CgroupCheck && rootless.IsRootless() { + logrus.Debugf("Rewriting %s for CGroup v2 upgrade", configPath) cgroupsV2, err := cgroups.IsCgroup2UnifiedMode() if err != nil { return err diff --git a/troubleshooting.md b/troubleshooting.md index 9def0e08b..432c0e32b 100644 --- a/troubleshooting.md +++ b/troubleshooting.md @@ -442,3 +442,30 @@ Attempts to run podman result in #### Solution One workaround is to disable Secure Boot in your BIOS. + +### 19) error creating libpod runtime: there might not be enough IDs available in the namespace + +Unable to pull images + +#### Symptom + +```console +$ podman unshare cat /proc/self/uid_map + 0 1000 1 +``` + +#### Solution + +```console +$ podman system migrate +``` + +Original command now returns + +``` +$ podman unshare cat /proc/self/uid_map + 0 1000 1 + 1 100000 65536 +``` + +Reference [subuid](http://man7.org/linux/man-pages/man5/subuid.5.html) and [subgid](http://man7.org/linux/man-pages/man5/subgid.5.html) man pages for more detail.
\ No newline at end of file |