diff options
| -rw-r--r-- | cmd/podman/main.go | 5 | ||||
| -rw-r--r-- | cmd/podman/root.go | 4 | ||||
| -rw-r--r-- | contrib/cirrus/required_host_ports.txt | 1 | ||||
| -rw-r--r-- | libpod/oci_conmon_linux.go | 14 |
4 files changed, 15 insertions, 9 deletions
diff --git a/cmd/podman/main.go b/cmd/podman/main.go index c3aaf84a8..f076d13f3 100644 --- a/cmd/podman/main.go +++ b/cmd/podman/main.go @@ -31,11 +31,6 @@ func main() { return } - // Hard code TMPDIR functions to use /var/tmp, if user did not override - if _, ok := os.LookupEnv("TMPDIR"); !ok { - os.Setenv("TMPDIR", "/var/tmp") - } - rootCmd = parseCommands() Execute() diff --git a/cmd/podman/root.go b/cmd/podman/root.go index 0830a62a5..1f613a4c5 100644 --- a/cmd/podman/root.go +++ b/cmd/podman/root.go @@ -178,6 +178,10 @@ func persistentPreRunE(cmd *cobra.Command, args []string) error { return err } } + // Hard code TMPDIR functions to use /var/tmp, if user did not override + if _, ok := os.LookupEnv("TMPDIR"); !ok { + os.Setenv("TMPDIR", "/var/tmp") + } if !registry.IsRemote() { if cmd.Flag("cpu-profile").Changed { diff --git a/contrib/cirrus/required_host_ports.txt b/contrib/cirrus/required_host_ports.txt index 85a6c26be..140e2c32f 100644 --- a/contrib/cirrus/required_host_ports.txt +++ b/contrib/cirrus/required_host_ports.txt @@ -5,7 +5,6 @@ registry.fedoraproject.org 443 mirrors.fedoraproject.org 443 dl.fedoraproject.org 443 ewr.edge.kernel.org 443 -mirror.chpc.utah.edu 443 mirror.clarkson.edu 443 mirror.umd.edu 443 mirror.vcu.edu 443 diff --git a/libpod/oci_conmon_linux.go b/libpod/oci_conmon_linux.go index 307b9bc54..7e0a1d457 100644 --- a/libpod/oci_conmon_linux.go +++ b/libpod/oci_conmon_linux.go @@ -1433,6 +1433,14 @@ func (r *ConmonOCIRuntime) moveConmonToCgroupAndSignal(ctr *Container, cmd *exec } if mustCreateCgroup { + // Usually rootless users are not allowed to configure cgroupfs. + // There are cases though, where it is allowed, e.g. if the cgroup + // is manually configured and chowned). Avoid detecting all + // such cases and simply use a lower log level. + logLevel := logrus.WarnLevel + if rootless.IsRootless() { + logLevel = logrus.InfoLevel + } // TODO: This should be a switch - we are not guaranteed that // there are only 2 valid cgroup managers cgroupParent := ctr.CgroupParent() @@ -1447,17 +1455,17 @@ func (r *ConmonOCIRuntime) moveConmonToCgroupAndSignal(ctr *Container, cmd *exec logrus.Infof("Running conmon under slice %s and unitName %s", realCgroupParent, unitName) if err := utils.RunUnderSystemdScope(cmd.Process.Pid, realCgroupParent, unitName); err != nil { - logrus.Warnf("Failed to add conmon to systemd sandbox cgroup: %v", err) + logrus.StandardLogger().Logf(logLevel, "Failed to add conmon to systemd sandbox cgroup: %v", err) } } else { cgroupPath := filepath.Join(ctr.config.CgroupParent, "conmon") control, err := cgroups.New(cgroupPath, &spec.LinuxResources{}) if err != nil { - logrus.Warnf("Failed to add conmon to cgroupfs sandbox cgroup: %v", err) + logrus.StandardLogger().Logf(logLevel, "Failed to add conmon to cgroupfs sandbox cgroup: %v", err) } else if err := control.AddPid(cmd.Process.Pid); err != nil { // we need to remove this defer and delete the cgroup once conmon exits // maybe need a conmon monitor? - logrus.Warnf("Failed to add conmon to cgroupfs sandbox cgroup: %v", err) + logrus.StandardLogger().Logf(logLevel, "Failed to add conmon to cgroupfs sandbox cgroup: %v", err) } } } |