aboutsummaryrefslogtreecommitdiff
path: root/cmd/podman/system
diff options
context:
space:
mode:
Diffstat (limited to 'cmd/podman/system')
-rw-r--r--cmd/podman/system/connection/add.go14
-rw-r--r--cmd/podman/system/connection/remove.go3
-rw-r--r--cmd/podman/system/dial_stdio.go12
-rw-r--r--cmd/podman/system/service_abi.go36
-rw-r--r--cmd/podman/system/unshare.go6
5 files changed, 50 insertions, 21 deletions
diff --git a/cmd/podman/system/connection/add.go b/cmd/podman/system/connection/add.go
index ec5fdccc8..191603718 100644
--- a/cmd/podman/system/connection/add.go
+++ b/cmd/podman/system/connection/add.go
@@ -2,6 +2,7 @@ package connection
import (
"encoding/json"
+ "errors"
"fmt"
"net"
"net/url"
@@ -14,7 +15,6 @@ import (
"github.com/containers/podman/v4/cmd/podman/system"
"github.com/containers/podman/v4/libpod/define"
"github.com/containers/podman/v4/pkg/domain/utils"
- "github.com/pkg/errors"
"github.com/sirupsen/logrus"
"github.com/spf13/cobra"
"golang.org/x/crypto/ssh"
@@ -76,7 +76,7 @@ func add(cmd *cobra.Command, args []string) error {
// Default to ssh schema if none given
dest := args[1]
if match, err := regexp.Match("^[A-Za-z][A-Za-z0-9+.-]*://", []byte(dest)); err != nil {
- return errors.Wrapf(err, "invalid destination")
+ return fmt.Errorf("invalid destination: %w", err)
} else if !match {
dest = "ssh://" + dest
}
@@ -180,17 +180,17 @@ func add(cmd *cobra.Command, args []string) error {
func getUDS(uri *url.URL, iden string) (string, error) {
cfg, err := utils.ValidateAndConfigure(uri, iden)
if err != nil {
- return "", errors.Wrapf(err, "failed to validate")
+ return "", fmt.Errorf("failed to validate: %w", err)
}
dial, err := ssh.Dial("tcp", uri.Host, cfg)
if err != nil {
- return "", errors.Wrapf(err, "failed to connect")
+ return "", fmt.Errorf("failed to connect: %w", err)
}
defer dial.Close()
session, err := dial.NewSession()
if err != nil {
- return "", errors.Wrapf(err, "failed to create new ssh session on %q", uri.Host)
+ return "", fmt.Errorf("failed to create new ssh session on %q: %w", uri.Host, err)
}
defer session.Close()
@@ -206,11 +206,11 @@ func getUDS(uri *url.URL, iden string) (string, error) {
var info define.Info
if err := json.Unmarshal(infoJSON, &info); err != nil {
- return "", errors.Wrapf(err, "failed to parse 'podman info' results")
+ return "", fmt.Errorf("failed to parse 'podman info' results: %w", err)
}
if info.Host.RemoteSocket == nil || len(info.Host.RemoteSocket.Path) == 0 {
- return "", errors.Errorf("remote podman %q failed to report its UDS socket", uri.Host)
+ return "", fmt.Errorf("remote podman %q failed to report its UDS socket", uri.Host)
}
return info.Host.RemoteSocket.Path, nil
}
diff --git a/cmd/podman/system/connection/remove.go b/cmd/podman/system/connection/remove.go
index 463eae9fa..29bf98c43 100644
--- a/cmd/podman/system/connection/remove.go
+++ b/cmd/podman/system/connection/remove.go
@@ -1,11 +1,12 @@
package connection
import (
+ "errors"
+
"github.com/containers/common/pkg/config"
"github.com/containers/podman/v4/cmd/podman/common"
"github.com/containers/podman/v4/cmd/podman/registry"
"github.com/containers/podman/v4/cmd/podman/system"
- "github.com/pkg/errors"
"github.com/spf13/cobra"
)
diff --git a/cmd/podman/system/dial_stdio.go b/cmd/podman/system/dial_stdio.go
index 8b665bedc..42ce65746 100644
--- a/cmd/podman/system/dial_stdio.go
+++ b/cmd/podman/system/dial_stdio.go
@@ -2,13 +2,15 @@ package system
import (
"context"
+ "fmt"
"io"
"os"
+ "errors"
+
"github.com/containers/podman/v4/cmd/podman/registry"
"github.com/containers/podman/v4/cmd/podman/validate"
"github.com/containers/podman/v4/pkg/bindings"
- "github.com/pkg/errors"
"github.com/sirupsen/logrus"
"github.com/spf13/cobra"
)
@@ -40,15 +42,15 @@ func runDialStdio() error {
defer cancel()
bindCtx, err := bindings.NewConnection(ctx, cfg.URI)
if err != nil {
- return errors.Wrap(err, "failed to open connection to podman")
+ return fmt.Errorf("failed to open connection to podman: %w", err)
}
conn, err := bindings.GetClient(bindCtx)
if err != nil {
- return errors.Wrap(err, "failed to get connection after initialization")
+ return fmt.Errorf("failed to get connection after initialization: %w", err)
}
netConn, err := conn.GetDialer(bindCtx)
if err != nil {
- return errors.Wrap(err, "failed to open the raw stream connection")
+ return fmt.Errorf("failed to open the raw stream connection: %w", err)
}
defer netConn.Close()
@@ -95,7 +97,7 @@ func copier(to halfWriteCloser, from halfReadCloser, debugDescription string) er
}
}()
if _, err := io.Copy(to, from); err != nil {
- return errors.Wrapf(err, "error while Copy (%s)", debugDescription)
+ return fmt.Errorf("error while Copy (%s): %w", debugDescription, err)
}
return nil
}
diff --git a/cmd/podman/system/service_abi.go b/cmd/podman/system/service_abi.go
index 7cb1b8084..6823d77ba 100644
--- a/cmd/podman/system/service_abi.go
+++ b/cmd/podman/system/service_abi.go
@@ -4,24 +4,46 @@
package system
import (
+ "errors"
"fmt"
"net"
"net/url"
"os"
"path/filepath"
+ "github.com/containers/common/pkg/cgroups"
"github.com/containers/podman/v4/cmd/podman/registry"
api "github.com/containers/podman/v4/pkg/api/server"
"github.com/containers/podman/v4/pkg/domain/entities"
"github.com/containers/podman/v4/pkg/domain/infra"
"github.com/containers/podman/v4/pkg/servicereaper"
+ "github.com/containers/podman/v4/utils"
"github.com/coreos/go-systemd/v22/activation"
- "github.com/pkg/errors"
"github.com/sirupsen/logrus"
"github.com/spf13/pflag"
"golang.org/x/sys/unix"
)
+// maybeMoveToSubCgroup moves the current process in a sub cgroup when
+// it is running in the root cgroup on a system that uses cgroupv2.
+func maybeMoveToSubCgroup() error {
+ unifiedMode, err := cgroups.IsCgroup2UnifiedMode()
+ if err != nil {
+ return err
+ }
+ if !unifiedMode {
+ return nil
+ }
+ cgroup, err := utils.GetOwnCgroup()
+ if err != nil {
+ return err
+ }
+ if cgroup == "/" {
+ return utils.MoveUnderCgroupSubtree("init")
+ }
+ return nil
+}
+
func restService(flags *pflag.FlagSet, cfg *entities.PodmanConfig, opts entities.ServiceOptions) error {
var (
listener net.Listener
@@ -48,13 +70,13 @@ func restService(flags *pflag.FlagSet, cfg *entities.PodmanConfig, opts entities
listener = listeners[0]
// note that activation.Listeners() returns nil when it cannot listen on the fd (i.e. udp connection)
if listener == nil {
- return fmt.Errorf("unexpected fd received from systemd: cannot listen on it")
+ return errors.New("unexpected fd received from systemd: cannot listen on it")
}
libpodRuntime.SetRemoteURI(listeners[0].Addr().String())
} else {
uri, err := url.Parse(opts.URI)
if err != nil {
- return errors.Errorf("%s is an invalid socket destination", opts.URI)
+ return fmt.Errorf("%s is an invalid socket destination", opts.URI)
}
switch uri.Scheme {
@@ -74,7 +96,7 @@ func restService(flags *pflag.FlagSet, cfg *entities.PodmanConfig, opts entities
} else {
listener, err = net.Listen(uri.Scheme, path)
if err != nil {
- return errors.Wrapf(err, "unable to create socket")
+ return fmt.Errorf("unable to create socket: %w", err)
}
}
case "tcp":
@@ -85,7 +107,7 @@ func restService(flags *pflag.FlagSet, cfg *entities.PodmanConfig, opts entities
}
listener, err = net.Listen(uri.Scheme, host)
if err != nil {
- return errors.Wrapf(err, "unable to create socket %v", host)
+ return fmt.Errorf("unable to create socket %v: %w", host, err)
}
default:
logrus.Debugf("Attempting API Service endpoint scheme %q", uri.Scheme)
@@ -103,6 +125,10 @@ func restService(flags *pflag.FlagSet, cfg *entities.PodmanConfig, opts entities
return err
}
+ if err := maybeMoveToSubCgroup(); err != nil {
+ return err
+ }
+
servicereaper.Start()
infra.StartWatcher(libpodRuntime)
server, err := api.NewServerWithSettings(libpodRuntime, listener, opts)
diff --git a/cmd/podman/system/unshare.go b/cmd/podman/system/unshare.go
index 1ed08eac3..6d9c33b64 100644
--- a/cmd/podman/system/unshare.go
+++ b/cmd/podman/system/unshare.go
@@ -1,6 +1,7 @@
package system
import (
+ "errors"
"os"
"github.com/containers/common/pkg/completion"
@@ -8,7 +9,6 @@ import (
"github.com/containers/podman/v4/cmd/podman/utils"
"github.com/containers/podman/v4/pkg/domain/entities"
"github.com/containers/podman/v4/pkg/rootless"
- "github.com/pkg/errors"
"github.com/spf13/cobra"
"github.com/spf13/pflag"
)
@@ -47,14 +47,14 @@ func init() {
func unshare(cmd *cobra.Command, args []string) error {
if isRootless := rootless.IsRootless(); !isRootless {
- return errors.Errorf("please use unshare with rootless")
+ return errors.New("please use unshare with rootless")
}
// exec the specified command, if there is one
if len(args) < 1 {
// try to exec the shell, if one's set
shell, shellSet := os.LookupEnv("SHELL")
if !shellSet {
- return errors.Errorf("no command specified and no $SHELL specified")
+ return errors.New("no command specified and no $SHELL specified")
}
args = []string{shell}
}