aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--Makefile2
-rw-r--r--go.mod2
-rw-r--r--go.sum4
-rw-r--r--vendor/github.com/containers/common/pkg/config/config.go81
-rw-r--r--vendor/github.com/containers/common/pkg/config/config_local.go81
-rw-r--r--vendor/github.com/containers/common/pkg/config/config_remote.go25
-rw-r--r--vendor/github.com/containers/common/pkg/config/config_unix.go15
-rw-r--r--vendor/github.com/containers/common/pkg/config/config_windows.go10
-rw-r--r--vendor/github.com/containers/common/pkg/config/default.go17
-rw-r--r--vendor/github.com/containers/common/pkg/config/libpodConfig.go4
-rw-r--r--vendor/github.com/containers/common/pkg/sysinfo/sysinfo_linux.go11
-rw-r--r--vendor/modules.txt2
12 files changed, 159 insertions, 95 deletions
diff --git a/Makefile b/Makefile
index 680c60589..75cf64c6c 100644
--- a/Makefile
+++ b/Makefile
@@ -22,7 +22,7 @@ ETCDIR ?= /etc
TMPFILESDIR ?= ${PREFIX}/lib/tmpfiles.d
SYSTEMDDIR ?= ${PREFIX}/lib/systemd/system
USERSYSTEMDDIR ?= ${PREFIX}/lib/systemd/user
-REMOTETAGS ?= !ABISupport remoteclient exclude_graphdriver_btrfs btrfs_noversion exclude_graphdriver_devicemapper containers_image_openpgp
+REMOTETAGS ?= !ABISupport remote exclude_graphdriver_btrfs btrfs_noversion exclude_graphdriver_devicemapper containers_image_openpgp
BUILDTAGS ?= \
$(shell hack/apparmor_tag.sh) \
$(shell hack/btrfs_installed_tag.sh) \
diff --git a/go.mod b/go.mod
index 3760a76a6..910571e6c 100644
--- a/go.mod
+++ b/go.mod
@@ -11,7 +11,7 @@ require (
github.com/containernetworking/cni v0.7.2-0.20200304161608-4fae32b84921
github.com/containernetworking/plugins v0.8.6
github.com/containers/buildah v1.14.9-0.20200523094741-de0f541d9224
- github.com/containers/common v0.11.4
+ github.com/containers/common v0.12.0
github.com/containers/conmon v2.0.16+incompatible
github.com/containers/image/v5 v5.4.4
github.com/containers/psgo v1.5.0
diff --git a/go.sum b/go.sum
index 64a8a7ec4..6465ea79d 100644
--- a/go.sum
+++ b/go.sum
@@ -69,8 +69,8 @@ github.com/containernetworking/plugins v0.8.6/go.mod h1:qnw5mN19D8fIwkqW7oHHYDHV
github.com/containers/buildah v1.14.9-0.20200523094741-de0f541d9224 h1:EqwBZRqyUYvU7JOmmSSPviSaAoUP1wN0cefXXDZ9ATo=
github.com/containers/buildah v1.14.9-0.20200523094741-de0f541d9224/go.mod h1:5ZkWjOuK90yl55L5R+purJNLfUo0VUr8pstJazNtYck=
github.com/containers/common v0.11.2/go.mod h1:2w3QE6VUmhltGYW4wV00h4okq1Crs7hNI1ZD2I0QRUY=
-github.com/containers/common v0.11.4 h1:M7lmjaVY+29g+YiaWH/UP4YeHjT/pZMxvRgmsWsQn74=
-github.com/containers/common v0.11.4/go.mod h1:AOxw4U5TJJrR/J1QPRvWbjHNdwU13wMy79rjK+7+aJE=
+github.com/containers/common v0.12.0 h1:LR/sYyzFa22rFhfu6J9dEYhVkrWjagUigz/ewHhHL9s=
+github.com/containers/common v0.12.0/go.mod h1:PKlahPDnQQYcXuIw5qq8mq6yNuCHBtgABphzy6pN0iI=
github.com/containers/conmon v2.0.16+incompatible h1:QFOlb9Id4WoJ24BelCFWwDSPTquwKMp3L3g2iGmRTq4=
github.com/containers/conmon v2.0.16+incompatible/go.mod h1:hgwZ2mtuDrppv78a/cOBNiCm6O0UMWGx1mu7P00nu5I=
github.com/containers/image/v5 v5.4.3/go.mod h1:pN0tvp3YbDd7BWavK2aE0mvJUqVd2HmhPjekyWSFm0U=
diff --git a/vendor/github.com/containers/common/pkg/config/config.go b/vendor/github.com/containers/common/pkg/config/config.go
index ef75d9847..d0b56c7f6 100644
--- a/vendor/github.com/containers/common/pkg/config/config.go
+++ b/vendor/github.com/containers/common/pkg/config/config.go
@@ -7,7 +7,6 @@ import (
"path/filepath"
"strings"
"sync"
- "syscall"
"github.com/BurntSushi/toml"
"github.com/containers/common/pkg/capabilities"
@@ -263,6 +262,13 @@ type EngineConfig struct {
// PullPolicy determines whether to pull image before creating or running a container
// default is "missing"
PullPolicy string `toml:"pull_policy"`
+
+ // Indicates whether the application should be running in Remote mode
+ Remote bool `toml:"_"`
+
+ // RemoteURI containers connection information used to connect to remote system.
+ RemoteURI string `toml:"remote_uri,omitempty"`
+
// RuntimePath is the path to OCI runtime binary for launching containers.
// The first path pointing to a valid file will be used This is used only
// when there are no OCIRuntime/OCIRuntimes defined. It is used only to be
@@ -540,17 +546,8 @@ func (c *Config) Validate() error {
// It returns an `error` on validation failure, otherwise
// `nil`.
func (c *EngineConfig) Validate() error {
- // Relative paths can cause nasty bugs, because core paths we use could
- // shift between runs (or even parts of the program - the OCI runtime
- // uses a different working directory than we do, for example.
- if c.StaticDir != "" && !filepath.IsAbs(c.StaticDir) {
- return fmt.Errorf("static directory must be an absolute path - instead got %q", c.StaticDir)
- }
- if c.TmpDir != "" && !filepath.IsAbs(c.TmpDir) {
- return fmt.Errorf("temporary directory must be an absolute path - instead got %q", c.TmpDir)
- }
- if c.VolumePath != "" && !filepath.IsAbs(c.VolumePath) {
- return fmt.Errorf("volume path must be an absolute path - instead got %q", c.VolumePath)
+ if err := c.validatePaths(); err != nil {
+ return err
}
// Check if the pullPolicy from containers.conf is valid
@@ -566,22 +563,13 @@ func (c *EngineConfig) Validate() error {
// It returns an `error` on validation failure, otherwise
// `nil`.
func (c *ContainersConfig) Validate() error {
- for _, u := range c.DefaultUlimits {
- ul, err := units.ParseUlimit(u)
- if err != nil {
- return fmt.Errorf("unrecognized ulimit %s: %v", u, err)
- }
- _, err = ul.GetRlimit()
- if err != nil {
- return err
- }
+
+ if err := c.validateUlimits(); err != nil {
+ return err
}
- for _, d := range c.Devices {
- _, _, _, err := Device(d)
- if err != nil {
- return err
- }
+ if err := c.validateDevices(); err != nil {
+ return err
}
if c.LogSizeMax >= 0 && c.LogSizeMax < OCIBufSize {
@@ -600,8 +588,7 @@ func (c *ContainersConfig) Validate() error {
// execution checks. It returns an `error` on validation failure, otherwise
// `nil`.
func (c *NetworkConfig) Validate() error {
-
- if c.NetworkConfigDir != cniConfigDir {
+ if c.NetworkConfigDir != _cniConfigDir {
err := isDirectory(c.NetworkConfigDir)
if err != nil {
return errors.Wrapf(err, "invalid network_config_dir: %s", c.NetworkConfigDir)
@@ -803,31 +790,6 @@ func resolveHomeDir(path string) (string, error) {
return strings.Replace(path, "~", home, 1), nil
}
-// isDirectory tests whether the given path exists and is a directory. It
-// follows symlinks.
-func isDirectory(path string) error {
- path, err := resolveHomeDir(path)
- if err != nil {
- return err
- }
-
- info, err := os.Stat(path)
- if err != nil {
- return err
- }
-
- if !info.Mode().IsDir() {
- // Return a PathError to be consistent with os.Stat().
- return &os.PathError{
- Op: "stat",
- Path: path,
- Err: syscall.ENOTDIR,
- }
- }
-
- return nil
-}
-
func rootlessConfigPath() (string, error) {
if configHome := os.Getenv("XDG_CONFIG_HOME"); configHome != "" {
return filepath.Join(configHome, _configPath), nil
@@ -878,3 +840,16 @@ func Default() (*Config, error) {
})
return config, err
}
+
+func Path() string {
+ if path := os.Getenv("CONTAINERS_CONF"); path != "" {
+ return path
+ }
+ if unshare.IsRootless() {
+ if rpath, err := rootlessConfigPath(); err == nil {
+ return rpath
+ }
+ return "$HOME/" + UserOverrideContainersConfig
+ }
+ return OverrideContainersConfig
+}
diff --git a/vendor/github.com/containers/common/pkg/config/config_local.go b/vendor/github.com/containers/common/pkg/config/config_local.go
new file mode 100644
index 000000000..8f4daa3d7
--- /dev/null
+++ b/vendor/github.com/containers/common/pkg/config/config_local.go
@@ -0,0 +1,81 @@
+// +build !remote
+
+package config
+
+import (
+ "fmt"
+ "os"
+ "path/filepath"
+ "syscall"
+
+ units "github.com/docker/go-units"
+)
+
+// isDirectory tests whether the given path exists and is a directory. It
+// follows symlinks.
+func isDirectory(path string) error {
+ path, err := resolveHomeDir(path)
+ if err != nil {
+ return err
+ }
+
+ info, err := os.Stat(path)
+ if err != nil {
+ return err
+ }
+
+ if !info.Mode().IsDir() {
+ // Return a PathError to be consistent with os.Stat().
+ return &os.PathError{
+ Op: "stat",
+ Path: path,
+ Err: syscall.ENOTDIR,
+ }
+ }
+
+ return nil
+}
+
+func (c *EngineConfig) validatePaths() error {
+ // Relative paths can cause nasty bugs, because core paths we use could
+ // shift between runs or even parts of the program. - The OCI runtime
+ // uses a different working directory than we do, for example.
+ if c.StaticDir != "" && !filepath.IsAbs(c.StaticDir) {
+ return fmt.Errorf("static directory must be an absolute path - instead got %q", c.StaticDir)
+ }
+ if c.TmpDir != "" && !filepath.IsAbs(c.TmpDir) {
+ return fmt.Errorf("temporary directory must be an absolute path - instead got %q", c.TmpDir)
+ }
+ if c.VolumePath != "" && !filepath.IsAbs(c.VolumePath) {
+ return fmt.Errorf("volume path must be an absolute path - instead got %q", c.VolumePath)
+ }
+ return nil
+}
+
+func (c *ContainersConfig) validateDevices() error {
+ for _, d := range c.Devices {
+ _, _, _, err := Device(d)
+ if err != nil {
+ return err
+ }
+ }
+ return nil
+}
+
+func (c *ContainersConfig) validateUlimits() error {
+ for _, u := range c.DefaultUlimits {
+ ul, err := units.ParseUlimit(u)
+ if err != nil {
+ return fmt.Errorf("unrecognized ulimit %s: %v", u, err)
+ }
+ _, err = ul.GetRlimit()
+ if err != nil {
+ return err
+ }
+ }
+ return nil
+}
+
+func isRemote() bool {
+ return false
+}
diff --git a/vendor/github.com/containers/common/pkg/config/config_remote.go b/vendor/github.com/containers/common/pkg/config/config_remote.go
new file mode 100644
index 000000000..d012dbd2f
--- /dev/null
+++ b/vendor/github.com/containers/common/pkg/config/config_remote.go
@@ -0,0 +1,25 @@
+// +build remote
+
+package config
+
+// isDirectory tests whether the given path exists and is a directory. It
+// follows symlinks.
+func isDirectory(path string) error {
+ return nil
+}
+
+func isRemote() bool {
+ return true
+}
+
+func (c *EngineConfig) validatePaths() error {
+ return nil
+}
+
+func (c *ContainersConfig) validateDevices() error {
+ return nil
+}
+
+func (c *ContainersConfig) validateUlimits() error {
+ return nil
+}
diff --git a/vendor/github.com/containers/common/pkg/config/config_unix.go b/vendor/github.com/containers/common/pkg/config/config_unix.go
deleted file mode 100644
index f270f2e95..000000000
--- a/vendor/github.com/containers/common/pkg/config/config_unix.go
+++ /dev/null
@@ -1,15 +0,0 @@
-// +build !windows
-
-package config
-
-// Defaults for linux/unix if none are specified
-const (
- cniConfigDir = "/etc/cni/net.d/"
-)
-
-var cniBinDir = []string{
- "/usr/libexec/cni",
- "/usr/lib/cni",
- "/usr/local/lib/cni",
- "/opt/cni/bin",
-}
diff --git a/vendor/github.com/containers/common/pkg/config/config_windows.go b/vendor/github.com/containers/common/pkg/config/config_windows.go
deleted file mode 100644
index f6a6512a1..000000000
--- a/vendor/github.com/containers/common/pkg/config/config_windows.go
+++ /dev/null
@@ -1,10 +0,0 @@
-// +build windows
-
-package config
-
-// Defaults for linux/unix if none are specified
-const (
- cniConfigDir = "C:\\cni\\etc\\net.d\\"
-)
-
-var cniBinDir = []string{"C:\\cni\\bin\\"}
diff --git a/vendor/github.com/containers/common/pkg/config/default.go b/vendor/github.com/containers/common/pkg/config/default.go
index 185ce8cee..fe523cbf5 100644
--- a/vendor/github.com/containers/common/pkg/config/default.go
+++ b/vendor/github.com/containers/common/pkg/config/default.go
@@ -53,9 +53,6 @@ var (
// DefaultDetachKeys is the default keys sequence for detaching a
// container
DefaultDetachKeys = "ctrl-p,ctrl-q"
-)
-
-var (
// ErrConmonOutdated indicates the version of conmon found (whether via the configuration or $PATH)
// is out of date for the current podman version
ErrConmonOutdated = errors.New("outdated conmon version")
@@ -80,15 +77,24 @@ var (
"CAP_SETUID",
"CAP_SYS_CHROOT",
}
+
+ cniBinDir = []string{
+ "/usr/libexec/cni",
+ "/usr/lib/cni",
+ "/usr/local/lib/cni",
+ "/opt/cni/bin",
+ }
)
const (
- // EtcDir is the sysconfdir where podman should look for system config files.
+ // _etcDir is the sysconfdir where podman should look for system config files.
// It can be overridden at build time.
_etcDir = "/etc"
// InstallPrefix is the prefix where podman will be installed.
// It can be overridden at build time.
_installPrefix = "/usr"
+ // _cniConfigDir is the directory where cni plugins are found
+ _cniConfigDir = "/etc/cni/net.d/"
// CgroupfsCgroupsManager represents cgroupfs native cgroup manager
CgroupfsCgroupsManager = "cgroupfs"
// DefaultApparmorProfile specifies the default apparmor profile for the container.
@@ -191,7 +197,7 @@ func DefaultConfig() (*Config, error) {
},
Network: NetworkConfig{
DefaultNetwork: "podman",
- NetworkConfigDir: cniConfigDir,
+ NetworkConfigDir: _cniConfigDir,
CNIPluginDirs: cniBinDir,
},
Engine: *defaultEngineConfig,
@@ -233,6 +239,7 @@ func defaultConfigFromMemory() (*EngineConfig, error) {
c.CgroupManager = defaultCgroupManager()
c.StopTimeout = uint(10)
+ c.Remote = isRemote()
c.OCIRuntimes = map[string][]string{
"runc": {
"/usr/bin/runc",
diff --git a/vendor/github.com/containers/common/pkg/config/libpodConfig.go b/vendor/github.com/containers/common/pkg/config/libpodConfig.go
index a8e4c9c93..ab507e864 100644
--- a/vendor/github.com/containers/common/pkg/config/libpodConfig.go
+++ b/vendor/github.com/containers/common/pkg/config/libpodConfig.go
@@ -226,7 +226,7 @@ func newLibpodConfig(c *Config) error {
// hard code EventsLogger to "file" to match older podman versions.
if config.EventsLogger != "file" {
- logrus.Debugf("Ignoring lipod.conf EventsLogger setting %q. Use containers.conf if you want to change this setting and remove libpod.conf files.", config.EventsLogger)
+ logrus.Debugf("Ignoring libpod.conf EventsLogger setting %q. Use %q if you want to change this setting and remove libpod.conf files.", Path(), config.EventsLogger)
config.EventsLogger = "file"
}
@@ -262,7 +262,7 @@ func systemLibpodConfigs() ([]string, error) {
}
// TODO: Raise to Warnf, when Podman is updated to
// remove libpod.conf by default
- logrus.Debugf("Found deprecated file %s, please remove. Use %s to override defaults.\n", path, containersConfPath)
+ logrus.Debugf("Found deprecated file %s, please remove. Use %s to override defaults.\n", Path(), containersConfPath)
return []string{path}, nil
}
return nil, err
diff --git a/vendor/github.com/containers/common/pkg/sysinfo/sysinfo_linux.go b/vendor/github.com/containers/common/pkg/sysinfo/sysinfo_linux.go
index 269ea686a..fcb3cab72 100644
--- a/vendor/github.com/containers/common/pkg/sysinfo/sysinfo_linux.go
+++ b/vendor/github.com/containers/common/pkg/sysinfo/sysinfo_linux.go
@@ -40,7 +40,7 @@ func New(quiet bool) *SysInfo {
sysInfo.cgroupCPUInfo = checkCgroupCPU(cgMounts, quiet)
sysInfo.cgroupBlkioInfo = checkCgroupBlkioInfo(cgMounts, quiet)
sysInfo.cgroupCpusetInfo = checkCgroupCpusetInfo(cgMounts, quiet)
- sysInfo.cgroupPids = checkCgroupPids(quiet)
+ sysInfo.cgroupPids = checkCgroupPids(cgMounts, quiet)
}
_, ok := cgMounts["devices"]
@@ -227,16 +227,17 @@ func checkCgroupCpusetInfo(cgMounts map[string]string, quiet bool) cgroupCpusetI
}
// checkCgroupPids reads the pids information from the pids cgroup mount point.
-func checkCgroupPids(quiet bool) cgroupPids {
+func checkCgroupPids(cgMounts map[string]string, quiet bool) cgroupPids {
cgroup2, err := cgroupv2.Enabled()
if err != nil {
logrus.Errorf("Failed to check cgroups version: %v", err)
+ return cgroupPids{}
}
if !cgroup2 {
- _, err := cgroups.FindCgroupMountpoint("", "pids")
- if err != nil {
+ _, ok := cgMounts["pids"]
+ if !ok {
if !quiet {
- logrus.Warn(err)
+ logrus.Warn("unable to find pids cgroup in mounts")
}
return cgroupPids{}
}
diff --git a/vendor/modules.txt b/vendor/modules.txt
index b3c8b96ae..bc0143238 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -84,7 +84,7 @@ github.com/containers/buildah/pkg/secrets
github.com/containers/buildah/pkg/supplemented
github.com/containers/buildah/pkg/umask
github.com/containers/buildah/util
-# github.com/containers/common v0.11.4
+# github.com/containers/common v0.12.0
github.com/containers/common/pkg/apparmor
github.com/containers/common/pkg/auth
github.com/containers/common/pkg/capabilities