diff options
| -rw-r--r-- | docs/source/markdown/options/volume.md | 2 | ||||
| -rw-r--r-- | go.mod | 2 | ||||
| -rw-r--r-- | go.sum | 4 | ||||
| -rw-r--r-- | libpod/container_internal.go | 4 | ||||
| -rw-r--r-- | libpod/lock/file/file_lock.go | 3 | ||||
| -rw-r--r-- | libpod/oci_conmon_common.go | 9 | ||||
| -rw-r--r-- | pkg/api/handlers/compat/info.go | 3 | ||||
| -rw-r--r-- | pkg/domain/infra/abi/containers.go | 3 | ||||
| -rw-r--r-- | pkg/domain/infra/abi/images.go | 2 | ||||
| -rw-r--r-- | pkg/specgen/generate/kube/kube.go | 7 | ||||
| -rw-r--r-- | pkg/util/utils_linux.go | 5 | ||||
| -rw-r--r-- | test/e2e/benchmarks_test.go | 2 | ||||
| -rw-r--r-- | test/e2e/container_create_volume_test.go | 2 | ||||
| -rw-r--r-- | test/e2e/image_sign_test.go | 3 | ||||
| -rw-r--r-- | test/e2e/manifest_test.go | 2 | ||||
| -rw-r--r-- | test/e2e/push_test.go | 2 | ||||
| -rw-r--r-- | vendor/github.com/containers/storage/layers.go | 17 | ||||
| -rw-r--r-- | vendor/github.com/containers/storage/pkg/system/meminfo_freebsd.go | 1 | ||||
| -rw-r--r-- | vendor/github.com/containers/storage/pkg/unshare/unshare_linux.go | 4 | ||||
| -rw-r--r-- | vendor/modules.txt | 2 |
20 files changed, 39 insertions, 40 deletions
diff --git a/docs/source/markdown/options/volume.md b/docs/source/markdown/options/volume.md index 6d0d9a4b3..9c4a7f981 100644 --- a/docs/source/markdown/options/volume.md +++ b/docs/source/markdown/options/volume.md @@ -1,7 +1,7 @@ #### **--volume**, **-v**=*[[SOURCE-VOLUME|HOST-DIR:]CONTAINER-DIR[:OPTIONS]]* Create a bind mount. If `-v /HOST-DIR:/CONTAINER-DIR` is specified, Podman -bind mounts `/HOST-DIR` in the host to `/CONTAINER-DIR` in the Podman +bind mounts `/HOST-DIR` from the host into `/CONTAINER-DIR` in the Podman container. Similarly, `-v SOURCE-VOLUME:/CONTAINER-DIR` will mount the named volume from the host into the container. If no such named volume exists, Podman will create one. (Note when using the remote client, including Mac and Windows (excluding WSL2) machines, the volumes will be mounted from the remote server, not necessarily the client machine.) @@ -17,7 +17,7 @@ require ( github.com/containers/image/v5 v5.22.1-0.20220907162003-651744379993 github.com/containers/ocicrypt v1.1.5 github.com/containers/psgo v1.7.3 - github.com/containers/storage v1.42.1-0.20220909095216-b32188140319 + github.com/containers/storage v1.42.1-0.20220911223137-e11b246de159 github.com/coreos/go-systemd/v22 v22.3.2 github.com/coreos/stream-metadata-go v0.0.0-20210225230131-70edb9eb47b3 github.com/cyphar/filepath-securejoin v0.2.3 @@ -445,8 +445,8 @@ github.com/containers/psgo v1.7.3/go.mod h1:PfaNzzHmMb8M9/blPgyD4BB3ZEj/0ApZIxN6 github.com/containers/storage v1.37.0/go.mod h1:kqeJeS0b7DO2ZT1nVWs0XufrmPFbgV3c+Q/45RlH6r4= github.com/containers/storage v1.42.0/go.mod h1:JiUJwOgOo1dr2DdOUc1MRe2GCAXABYoYmOdPF8yvH78= github.com/containers/storage v1.42.1-0.20220907083030-5aff7f62e8d0/go.mod h1:nj2fW3rgwkr6toBVFzv5OqUYs1kowX+AMiPjgv2UXN0= -github.com/containers/storage v1.42.1-0.20220909095216-b32188140319 h1:39KnMhYzk3fFH3njZgZogEHPagPQn8JlLZEWIUQQZ1I= -github.com/containers/storage v1.42.1-0.20220909095216-b32188140319/go.mod h1:nj2fW3rgwkr6toBVFzv5OqUYs1kowX+AMiPjgv2UXN0= +github.com/containers/storage v1.42.1-0.20220911223137-e11b246de159 h1:euFlaTBhuBLuUUQK4wGXjruNUh24ZbdQLREvLz15r9o= +github.com/containers/storage v1.42.1-0.20220911223137-e11b246de159/go.mod h1:nj2fW3rgwkr6toBVFzv5OqUYs1kowX+AMiPjgv2UXN0= github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk= github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= github.com/coreos/etcd v3.3.13+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= diff --git a/libpod/container_internal.go b/libpod/container_internal.go index 7753c38c7..a7ea3c5c5 100644 --- a/libpod/container_internal.go +++ b/libpod/container_internal.go @@ -1671,7 +1671,7 @@ func (c *Container) mountNamedVolume(v *ContainerNamedVolume, mountpoint string) // a bizarre issue where something copier.Get will ENOENT on // empty directories and sometimes it will not. // RHBZ#1928643 - srcContents, err := ioutil.ReadDir(srcDir) + srcContents, err := os.ReadDir(srcDir) if err != nil { return nil, fmt.Errorf("reading contents of source directory for copy up into volume %s: %w", vol.Name(), err) } @@ -1681,7 +1681,7 @@ func (c *Container) mountNamedVolume(v *ContainerNamedVolume, mountpoint string) // If the volume is not empty, we should not copy up. volMount := vol.mountPoint() - contents, err := ioutil.ReadDir(volMount) + contents, err := os.ReadDir(volMount) if err != nil { return nil, fmt.Errorf("listing contents of volume %s mountpoint when copying up from container %s: %w", vol.Name(), c.ID(), err) } diff --git a/libpod/lock/file/file_lock.go b/libpod/lock/file/file_lock.go index 90ed7cd8c..bcbaea5e6 100644 --- a/libpod/lock/file/file_lock.go +++ b/libpod/lock/file/file_lock.go @@ -2,7 +2,6 @@ package file import ( "fmt" - "io/ioutil" "os" "path/filepath" "strconv" @@ -129,7 +128,7 @@ func (locks *FileLocks) DeallocateAllLocks() error { if !locks.valid { return fmt.Errorf("locks have already been closed: %w", syscall.EINVAL) } - files, err := ioutil.ReadDir(locks.lockPath) + files, err := os.ReadDir(locks.lockPath) if err != nil { return fmt.Errorf("reading directory %s: %w", locks.lockPath, err) } diff --git a/libpod/oci_conmon_common.go b/libpod/oci_conmon_common.go index 640ac8c78..53dddd064 100644 --- a/libpod/oci_conmon_common.go +++ b/libpod/oci_conmon_common.go @@ -1266,10 +1266,15 @@ func (r *ConmonOCIRuntime) configureConmonEnv(runtimeDir string) []string { env = append(env, e) } } - conf, ok := os.LookupEnv("CONTAINERS_CONF") - if ok { + if path, ok := os.LookupEnv("PATH"); ok { + env = append(env, fmt.Sprintf("PATH=%s", path)) + } + if conf, ok := os.LookupEnv("CONTAINERS_CONF"); ok { env = append(env, fmt.Sprintf("CONTAINERS_CONF=%s", conf)) } + if conf, ok := os.LookupEnv("CONTAINERS_HELPER_BINARY_DIR"); ok { + env = append(env, fmt.Sprintf("CONTAINERS_HELPER_BINARY_DIR=%s", conf)) + } env = append(env, fmt.Sprintf("XDG_RUNTIME_DIR=%s", runtimeDir)) env = append(env, fmt.Sprintf("_CONTAINERS_USERNS_CONFIGURED=%s", os.Getenv("_CONTAINERS_USERNS_CONFIGURED"))) env = append(env, fmt.Sprintf("_CONTAINERS_ROOTLESS_UID=%s", os.Getenv("_CONTAINERS_ROOTLESS_UID"))) diff --git a/pkg/api/handlers/compat/info.go b/pkg/api/handlers/compat/info.go index d82513284..60bbd40fe 100644 --- a/pkg/api/handlers/compat/info.go +++ b/pkg/api/handlers/compat/info.go @@ -2,7 +2,6 @@ package compat import ( "fmt" - "io/ioutil" "net/http" "os" goRuntime "runtime" @@ -198,7 +197,7 @@ func getRuntimes(configInfo *config.Config) map[string]docker.Runtime { func getFdCount() (count int) { count = -1 - if entries, err := ioutil.ReadDir("/proc/self/fd"); err == nil { + if entries, err := os.ReadDir("/proc/self/fd"); err == nil { count = len(entries) } return diff --git a/pkg/domain/infra/abi/containers.go b/pkg/domain/infra/abi/containers.go index 64b938db9..535c4a613 100644 --- a/pkg/domain/infra/abi/containers.go +++ b/pkg/domain/infra/abi/containers.go @@ -4,7 +4,6 @@ import ( "context" "errors" "fmt" - "io/ioutil" "os" "strconv" "sync" @@ -858,7 +857,7 @@ func makeExecConfig(options entities.ExecOptions, rt *libpod.Runtime) (*libpod.E func checkExecPreserveFDs(options entities.ExecOptions) error { if options.PreserveFDs > 0 { - entries, err := ioutil.ReadDir("/proc/self/fd") + entries, err := os.ReadDir("/proc/self/fd") if err != nil { return err } diff --git a/pkg/domain/infra/abi/images.go b/pkg/domain/infra/abi/images.go index 56eae470d..6934de60e 100644 --- a/pkg/domain/infra/abi/images.go +++ b/pkg/domain/infra/abi/images.go @@ -869,7 +869,7 @@ func execTransferPodman(execUser *user.User, command []string, needToTag bool) ( func getSigFilename(sigStoreDirPath string) (string, error) { sigFileSuffix := 1 - sigFiles, err := ioutil.ReadDir(sigStoreDirPath) + sigFiles, err := os.ReadDir(sigStoreDirPath) if err != nil { return "", err } diff --git a/pkg/specgen/generate/kube/kube.go b/pkg/specgen/generate/kube/kube.go index 9fd0adecf..7d85fd2f3 100644 --- a/pkg/specgen/generate/kube/kube.go +++ b/pkg/specgen/generate/kube/kube.go @@ -207,12 +207,9 @@ func ToSpecGen(ctx context.Context, opts *CtrSpecGenOptions) (*specgen.SpecGener s.SeccompProfilePath = opts.SeccompPaths.FindForContainer(opts.Container.Name) s.ResourceLimits = &spec.LinuxResources{} - milliCPU, err := quantityToInt64(opts.Container.Resources.Limits.Cpu()) - if err != nil { - return nil, fmt.Errorf("failed to set CPU quota: %w", err) - } + milliCPU := opts.Container.Resources.Limits.Cpu().MilliValue() if milliCPU > 0 { - period, quota := util.CoresToPeriodAndQuota(float64(milliCPU)) + period, quota := util.CoresToPeriodAndQuota(float64(milliCPU) / 1000) s.ResourceLimits.CPU = &spec.LinuxCPU{ Quota: "a, Period: &period, diff --git a/pkg/util/utils_linux.go b/pkg/util/utils_linux.go index e2d9e3e89..7b2d98666 100644 --- a/pkg/util/utils_linux.go +++ b/pkg/util/utils_linux.go @@ -4,7 +4,6 @@ import ( "errors" "fmt" "io/fs" - "io/ioutil" "os" "path/filepath" "strings" @@ -119,7 +118,7 @@ func AddPrivilegedDevices(g *generate.Generator) error { // based on getDevices from runc (libcontainer/devices/devices.go) func getDevices(path string) ([]spec.LinuxDevice, error) { - files, err := ioutil.ReadDir(path) + files, err := os.ReadDir(path) if err != nil { if rootless.IsRootless() && os.IsPermission(err) { return nil, nil @@ -146,7 +145,7 @@ func getDevices(path string) ([]spec.LinuxDevice, error) { } case f.Name() == "console": continue - case f.Mode()&os.ModeSymlink != 0: + case f.Type()&os.ModeSymlink != 0: continue } diff --git a/test/e2e/benchmarks_test.go b/test/e2e/benchmarks_test.go index 4be048de2..d1332665a 100644 --- a/test/e2e/benchmarks_test.go +++ b/test/e2e/benchmarks_test.go @@ -99,7 +99,7 @@ var _ = Describe("Podman Benchmark Suite", func() { } totalMemoryInKb := func() (total uint64) { - files, err := ioutil.ReadDir(timedir) + files, err := os.ReadDir(timedir) if err != nil { Fail(fmt.Sprintf("Error reading timing dir: %v", err)) } diff --git a/test/e2e/container_create_volume_test.go b/test/e2e/container_create_volume_test.go index 6d9f13694..3c54691aa 100644 --- a/test/e2e/container_create_volume_test.go +++ b/test/e2e/container_create_volume_test.go @@ -58,7 +58,7 @@ func checkDataVolumeContainer(pTest *PodmanTestIntegration, image, cont, dest, d Expect(volList.OutputToStringArray()[0]).To(Equal(mntName)) // Check the mount source directory - files, err := ioutil.ReadDir(mntSource) + files, err := os.ReadDir(mntSource) Expect(err).To(BeNil()) if data == "" { diff --git a/test/e2e/image_sign_test.go b/test/e2e/image_sign_test.go index 3c819a7d2..5568acc01 100644 --- a/test/e2e/image_sign_test.go +++ b/test/e2e/image_sign_test.go @@ -1,7 +1,6 @@ package integration import ( - "io/ioutil" "os" "os/exec" "path/filepath" @@ -69,7 +68,7 @@ var _ = Describe("Podman image sign", func() { session := podmanTest.Podman([]string{"image", "sign", "--all", "--directory", sigDir, "--sign-by", "foo@bar.com", "docker://library/alpine"}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) - fInfos, err := ioutil.ReadDir(filepath.Join(sigDir, "library")) + fInfos, err := os.ReadDir(filepath.Join(sigDir, "library")) Expect(err).To(BeNil()) Expect(len(fInfos)).To(BeNumerically(">", 1), "len(fInfos)") }) diff --git a/test/e2e/manifest_test.go b/test/e2e/manifest_test.go index 60b72dcaa..e38499257 100644 --- a/test/e2e/manifest_test.go +++ b/test/e2e/manifest_test.go @@ -332,7 +332,7 @@ var _ = Describe("Podman manifest", func() { blobsDir := filepath.Join(dest, "blobs", "sha256") - blobs, err := ioutil.ReadDir(blobsDir) + blobs, err := os.ReadDir(blobsDir) Expect(err).To(BeNil()) for _, f := range blobs { diff --git a/test/e2e/push_test.go b/test/e2e/push_test.go index 898d21d00..a73b7c87b 100644 --- a/test/e2e/push_test.go +++ b/test/e2e/push_test.go @@ -78,7 +78,7 @@ var _ = Describe("Podman push", func() { blobsDir := filepath.Join(bbdir, "blobs/sha256") - blobs, err := ioutil.ReadDir(blobsDir) + blobs, err := os.ReadDir(blobsDir) Expect(err).To(BeNil()) for _, f := range blobs { diff --git a/vendor/github.com/containers/storage/layers.go b/vendor/github.com/containers/storage/layers.go index 8929d0a40..0863648ae 100644 --- a/vendor/github.com/containers/storage/layers.go +++ b/vendor/github.com/containers/storage/layers.go @@ -344,6 +344,14 @@ func (r *layerStore) layerspath() string { func (r *layerStore) Load() error { shouldSave := false rpath := r.layerspath() + info, err := os.Stat(rpath) + if err != nil { + if !os.IsNotExist(err) { + return err + } + } else { + r.layerspathModified = info.ModTime() + } data, err := ioutil.ReadFile(rpath) if err != nil && !os.IsNotExist(err) { return err @@ -423,15 +431,6 @@ func (r *layerStore) Load() error { } } - info, statErr := os.Stat(r.layerspath()) - if statErr != nil && !os.IsNotExist(statErr) { - return statErr - } - - if info != nil { - r.layerspathModified = info.ModTime() - } - return err } diff --git a/vendor/github.com/containers/storage/pkg/system/meminfo_freebsd.go b/vendor/github.com/containers/storage/pkg/system/meminfo_freebsd.go index 85dd52bad..46cb40291 100644 --- a/vendor/github.com/containers/storage/pkg/system/meminfo_freebsd.go +++ b/vendor/github.com/containers/storage/pkg/system/meminfo_freebsd.go @@ -4,6 +4,7 @@ package system import ( + "errors" "fmt" "unsafe" diff --git a/vendor/github.com/containers/storage/pkg/unshare/unshare_linux.go b/vendor/github.com/containers/storage/pkg/unshare/unshare_linux.go index f29c93dba..b7ad1e19e 100644 --- a/vendor/github.com/containers/storage/pkg/unshare/unshare_linux.go +++ b/vendor/github.com/containers/storage/pkg/unshare/unshare_linux.go @@ -394,7 +394,9 @@ func hasFullUsersMappings() (bool, error) { if err != nil { return false, err } - // if the uid_map contains 4294967295, the entire IDs space is available in the + // The kernel rejects attempts to create mappings where either starting + // point is (u32)-1: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/kernel/user_namespace.c?id=af3e9579ecfb#n1006 . + // So, if the uid_map contains 4294967295, the entire IDs space is available in the // user namespace, so it is likely the initial user namespace. return bytes.Contains(content, []byte("4294967295")), nil } diff --git a/vendor/modules.txt b/vendor/modules.txt index b9e3033ea..43fa24b56 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -255,7 +255,7 @@ github.com/containers/psgo/internal/dev github.com/containers/psgo/internal/host github.com/containers/psgo/internal/proc github.com/containers/psgo/internal/process -# github.com/containers/storage v1.42.1-0.20220909095216-b32188140319 +# github.com/containers/storage v1.42.1-0.20220911223137-e11b246de159 ## explicit github.com/containers/storage github.com/containers/storage/drivers |