summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--cmd/podman/registry/remote.go8
-rw-r--r--cmd/podman/root.go10
-rw-r--r--libpod/container_internal.go29
-rw-r--r--test/e2e/run_test.go33
-rw-r--r--test/system/001-basic.bats15
-rw-r--r--test/system/270-socket-activation.bats51
6 files changed, 102 insertions, 44 deletions
diff --git a/cmd/podman/registry/remote.go b/cmd/podman/registry/remote.go
index b5da98bd4..c78930574 100644
--- a/cmd/podman/registry/remote.go
+++ b/cmd/podman/registry/remote.go
@@ -19,11 +19,17 @@ var remoteFromCLI = struct {
// Use in init() functions as an initialization check
func IsRemote() bool {
remoteFromCLI.sync.Do(func() {
+ remote := false
+ if _, ok := os.LookupEnv("CONTAINER_HOST"); ok {
+ remote = true
+ } else if _, ok := os.LookupEnv("CONTAINER_CONNECTION"); ok {
+ remote = true
+ }
fs := pflag.NewFlagSet("remote", pflag.ContinueOnError)
fs.ParseErrorsWhitelist.UnknownFlags = true
fs.Usage = func() {}
fs.SetInterspersed(false)
- fs.BoolVarP(&remoteFromCLI.Value, "remote", "r", false, "")
+ fs.BoolVarP(&remoteFromCLI.Value, "remote", "r", remote, "")
// The shell completion logic will call a command called "__complete" or "__completeNoDesc"
// This command will always be the second argument
diff --git a/cmd/podman/root.go b/cmd/podman/root.go
index 734636646..6da34050e 100644
--- a/cmd/podman/root.go
+++ b/cmd/podman/root.go
@@ -314,15 +314,7 @@ func rootFlags(cmd *cobra.Command, opts *entities.PodmanConfig) {
lFlags.StringVar(&opts.Identity, identityFlagName, ident, "path to SSH identity file, (CONTAINER_SSHKEY)")
_ = cmd.RegisterFlagCompletionFunc(identityFlagName, completion.AutocompleteDefault)
- remote := false
- if env, ok := os.LookupEnv("CONTAINER_HOST"); ok {
- logrus.Infof("CONTAINER_HOST==%q, defaulting to '--remote=true'", env)
- remote = true
- } else if env, ok := os.LookupEnv("CONTAINER_CONNECTION"); ok {
- logrus.Infof("CONTAINER_CONNECTION==%q, defaulting to '--remote=true'", env)
- remote = true
- }
- lFlags.BoolVarP(&opts.Remote, "remote", "r", remote, "Access remote Podman service")
+ lFlags.BoolVarP(&opts.Remote, "remote", "r", registry.IsRemote(), "Access remote Podman service")
pFlags := cmd.PersistentFlags()
if registry.IsRemote() {
if err := lFlags.MarkHidden("remote"); err != nil {
diff --git a/libpod/container_internal.go b/libpod/container_internal.go
index 3f9738411..4e8074840 100644
--- a/libpod/container_internal.go
+++ b/libpod/container_internal.go
@@ -1690,9 +1690,23 @@ func (c *Container) cleanupStorage() error {
var cleanupErr error
+ markUnmounted := func() {
+ c.state.Mountpoint = ""
+ c.state.Mounted = false
+
+ if c.valid {
+ if err := c.save(); err != nil {
+ if cleanupErr != nil {
+ logrus.Errorf("Unmounting container %s: %v", c.ID(), cleanupErr)
+ }
+ cleanupErr = err
+ }
+ }
+ }
+
// umount rootfs overlay if it was created
if c.config.RootfsOverlay {
- overlayBasePath := c.runtime.store.GraphRoot()
+ overlayBasePath := filepath.Dir(c.config.StaticDir)
overlayBasePath = filepath.Join(overlayBasePath, "rootfs")
if err := overlay.Unmount(overlayBasePath); err != nil {
// If the container can't remove content report the error
@@ -1717,6 +1731,7 @@ func (c *Container) cleanupStorage() error {
}
if c.config.Rootfs != "" {
+ markUnmounted()
return cleanupErr
}
@@ -1761,17 +1776,7 @@ func (c *Container) cleanupStorage() error {
}
}
- c.state.Mountpoint = ""
- c.state.Mounted = false
-
- if c.valid {
- if err := c.save(); err != nil {
- if cleanupErr != nil {
- logrus.Errorf("Unmounting container %s: %v", c.ID(), cleanupErr)
- }
- cleanupErr = err
- }
- }
+ markUnmounted()
return cleanupErr
}
diff --git a/test/e2e/run_test.go b/test/e2e/run_test.go
index b6743f4b7..f40d4a749 100644
--- a/test/e2e/run_test.go
+++ b/test/e2e/run_test.go
@@ -5,6 +5,7 @@ import (
"io/ioutil"
"net"
"os"
+ "os/exec"
"path/filepath"
"strconv"
"strings"
@@ -12,6 +13,7 @@ import (
"time"
"github.com/containers/podman/v3/pkg/cgroups"
+ "github.com/containers/podman/v3/pkg/rootless"
. "github.com/containers/podman/v3/test/utils"
"github.com/containers/storage/pkg/stringid"
"github.com/mrunalp/fileutils"
@@ -226,6 +228,37 @@ var _ = Describe("Podman run", func() {
stdoutLines := session.OutputToStringArray()
Expect(stdoutLines).Should(HaveLen(1))
Expect(stdoutLines[0]).Should(Equal(uniqueString))
+
+ SkipIfRemote("External overlay only work locally")
+ if os.Getenv("container") != "" {
+ Skip("Overlay mounts not supported when running in a container")
+ }
+ if rootless.IsRootless() {
+ if _, err := exec.LookPath("fuse-overlayfs"); err != nil {
+ Skip("Fuse-Overlayfs required for rootless overlay mount test")
+ }
+ }
+ // Test --rootfs with an external overlay
+ // use --rm to remove container and confirm if we did not leak anything
+ osession := podmanTest.Podman([]string{"run", "-i", "--rm", "--security-opt", "label=disable",
+ "--rootfs", rootfs + ":O", "cat", testFilePath})
+ osession.WaitWithDefaultTimeout()
+ Expect(osession).Should(Exit(0))
+
+ // Test podman start stop with overlay
+ osession = podmanTest.Podman([]string{"run", "--name", "overlay-foo", "--security-opt", "label=disable",
+ "--rootfs", rootfs + ":O", "echo", "hello"})
+ osession.WaitWithDefaultTimeout()
+ Expect(osession).Should(Exit(0))
+
+ osession = podmanTest.Podman([]string{"stop", "overlay-foo"})
+ osession.WaitWithDefaultTimeout()
+ Expect(osession).Should(Exit(0))
+
+ startsession := podmanTest.Podman([]string{"start", "--attach", "overlay-foo"})
+ startsession.WaitWithDefaultTimeout()
+ Expect(startsession).Should(Exit(0))
+ Expect(startsession.OutputToString()).To(Equal("hello"))
})
It("podman run a container with --init", func() {
diff --git a/test/system/001-basic.bats b/test/system/001-basic.bats
index 2de96a01a..50735f576 100644
--- a/test/system/001-basic.bats
+++ b/test/system/001-basic.bats
@@ -98,8 +98,19 @@ function setup() {
skip "only applicable on a local run"
fi
- CONTAINER_HOST=foobar run_podman --log-level=info --help
- is "$output" ".*defaulting to '--remote=true'" "CONTAINER_HOST sets --remote true"
+ CONTAINER_HOST=foobar run_podman --help
+ # Should not have --remote flag
+ echo $output | grep -v -qw -- "--remote"
+ if [ $? -ne 0 ]; then
+ die "Should not have --remote flag"
+ fi
+
+ CONTAINER_CONNECTION=foobar run_podman --help
+ # Should not have --remote flag
+ echo $output | grep -v -qw -- "--remote"
+ if [ $? -ne 0 ]; then
+ die "Should not have --remote flag"
+ fi
}
# Check that just calling "podman-remote" prints the usage message even
diff --git a/test/system/270-socket-activation.bats b/test/system/270-socket-activation.bats
index dd439d3ae..6d582be18 100644
--- a/test/system/270-socket-activation.bats
+++ b/test/system/270-socket-activation.bats
@@ -8,14 +8,16 @@ load helpers.systemd
SERVICE_NAME="podman_test_$(random_string)"
-SERVICE_SOCK_ADDR="/run/podman/podman.sock"
+SERVICE_SOCK_ADDR="/run/podman/$SERVICE_NAME.sock"
if is_rootless; then
- SERVICE_SOCK_ADDR="$XDG_RUNTIME_DIR/podman/podman.sock"
+ SERVICE_SOCK_ADDR="$XDG_RUNTIME_DIR/podman/$SERVICE_NAME.sock"
fi
SERVICE_FILE="$UNIT_DIR/$SERVICE_NAME.service"
SOCKET_FILE="$UNIT_DIR/$SERVICE_NAME.socket"
+# URL to use for ping
+_PING=http://placeholder-hostname/libpod/_ping
function setup() {
skip_if_remote "systemd tests are meaningless over remote"
@@ -25,8 +27,8 @@ function setup() {
cat > $SERVICE_FILE <<EOF
[Unit]
Description=Podman API Service
-Requires=podman.socket
-After=podman.socket
+Requires=$SERVICE_NAME.socket
+After=$SERVICE_NAME.socket
Documentation=man:podman-system-service(1)
StartLimitIntervalSec=0
@@ -42,7 +44,7 @@ Description=Podman API Socket
Documentation=man:podman-system-service(1)
[Socket]
-ListenStream=%t/podman/podman.sock
+ListenStream=%t/podman/$SERVICE_NAME.sock
SocketMode=0660
[Install]
@@ -51,10 +53,10 @@ EOF
# ensure pause die before each test runs
if is_rootless; then
- local pause_pid="$XDG_RUNTIME_DIR/libpod/tmp/pause.pid"
- if [ -f $pause_pid ]; then
- kill -9 $(cat $pause_pid) 2> /dev/null
- rm -f $pause_pid
+ local pause_pid_file="$XDG_RUNTIME_DIR/libpod/tmp/pause.pid"
+ if [ -f $pause_pid_file ]; then
+ kill -9 $(< $pause_pid_file) 2> /dev/null
+ rm -f $pause_pid_file
fi
fi
systemctl start "$SERVICE_NAME.socket"
@@ -68,7 +70,9 @@ function teardown() {
}
@test "podman system service - socket activation - no container" {
- run curl -s --max-time 3 --unix-socket $SERVICE_SOCK_ADDR http://podman/libpod/_ping
+ run curl -s --max-time 3 --unix-socket $SERVICE_SOCK_ADDR $_PING
+ echo "curl output: $output"
+ is "$status" "0" "curl exit status"
is "$output" "OK" "podman service responds normally"
}
@@ -76,29 +80,36 @@ function teardown() {
run_podman run -d $IMAGE sleep 90
cid="$output"
- run curl -s --max-time 3 --unix-socket $SERVICE_SOCK_ADDR http://podman/libpod/_ping
+ run curl -s --max-time 3 --unix-socket $SERVICE_SOCK_ADDR $_PING
+ echo "curl output: $output"
+ is "$status" "0" "curl exit status"
is "$output" "OK" "podman service responds normally"
- run_podman stop -t 0 $cid
- run_podman rm -f $cid
+ run_podman rm -f -t 0 $cid
}
@test "podman system service - socket activation - kill rootless pause" {
if ! is_rootless; then
- skip "root podman no need pause process"
+ skip "there is no pause process when running rootful"
fi
run_podman run -d $IMAGE sleep 90
cid="$output"
- local pause_pid="$XDG_RUNTIME_DIR/libpod/tmp/pause.pid"
- if [ -f $pause_pid ]; then
- kill -9 $(cat $pause_pid) 2> /dev/null
+ local pause_pid_file="$XDG_RUNTIME_DIR/libpod/tmp/pause.pid"
+ if [ ! -f $pause_pid_file ]; then
+ # This seems unlikely, but not impossible
+ die "Pause pid file does not exist: $pause_pid_file"
fi
- run curl -s --max-time 3 --unix-socket $SERVICE_SOCK_ADDR http://podman/libpod/_ping
+
+ echo "kill -9 $(< pause_pid_file)"
+ kill -9 $(< $pause_pid_file)
+
+ run curl -s --max-time 3 --unix-socket $SERVICE_SOCK_ADDR $_PING
+ echo "curl output: $output"
+ is "$status" "0" "curl exit status"
is "$output" "OK" "podman service responds normally"
- run_podman stop -t 0 $cid
- run_podman rm -f $cid
+ run_podman rm -f -t 0 $cid
}
# vim: filetype=sh