diff options
Diffstat (limited to 'cmd/podman')
| -rw-r--r-- | cmd/podman/commands.go | 1 | ||||
| -rw-r--r-- | cmd/podman/libpodruntime/runtime.go | 6 | ||||
| -rw-r--r-- | cmd/podman/runlabel.go | 2 | ||||
| -rw-r--r-- | cmd/podman/shared/create_cli.go | 7 | ||||
| -rw-r--r-- | cmd/podman/unshare.go | 54 | ||||
| -rw-r--r-- | cmd/podman/version.go | 2 |
6 files changed, 69 insertions, 3 deletions
diff --git a/cmd/podman/commands.go b/cmd/podman/commands.go index 3a409f503..2ac465b9d 100644 --- a/cmd/podman/commands.go +++ b/cmd/podman/commands.go @@ -20,6 +20,7 @@ func getMainCommands() []*cobra.Command { _refreshCommand, _searchCommand, _statsCommand, + _unshareCommand, } if len(_varlinkCommand.Use) > 0 { diff --git a/cmd/podman/libpodruntime/runtime.go b/cmd/podman/libpodruntime/runtime.go index b533dc056..b8d77602d 100644 --- a/cmd/podman/libpodruntime/runtime.go +++ b/cmd/podman/libpodruntime/runtime.go @@ -107,7 +107,11 @@ func getRuntime(ctx context.Context, c *cliconfig.PodmanCommand, renumber bool, if c.Flags().Changed("cgroup-manager") { options = append(options, libpod.WithCgroupManager(c.GlobalFlags.CGroupManager)) } else { - if rootless.IsRootless() { + unified, err := util.IsCgroup2UnifiedMode() + if err != nil { + return nil, err + } + if rootless.IsRootless() && !unified { options = append(options, libpod.WithCgroupManager("cgroupfs")) } } diff --git a/cmd/podman/runlabel.go b/cmd/podman/runlabel.go index c426817de..e87b88992 100644 --- a/cmd/podman/runlabel.go +++ b/cmd/podman/runlabel.go @@ -152,7 +152,7 @@ func runlabelCmd(c *cliconfig.RunlabelValues) error { return err } if !c.Quiet { - fmt.Printf("command: %s\n", strings.Join(cmd, " ")) + fmt.Printf("command: %s\n", strings.Join(append([]string{os.Args[0]}, cmd[1:]...), " ")) if c.Display { return nil } diff --git a/cmd/podman/shared/create_cli.go b/cmd/podman/shared/create_cli.go index f731e8db5..7f158b09a 100644 --- a/cmd/podman/shared/create_cli.go +++ b/cmd/podman/shared/create_cli.go @@ -7,6 +7,7 @@ import ( "github.com/containers/libpod/cmd/podman/shared/parse" cc "github.com/containers/libpod/pkg/spec" "github.com/containers/libpod/pkg/sysinfo" + "github.com/containers/libpod/pkg/util" "github.com/pkg/errors" "github.com/sirupsen/logrus" ) @@ -76,6 +77,12 @@ func addWarning(warnings []string, msg string) []string { func verifyContainerResources(config *cc.CreateConfig, update bool) ([]string, error) { warnings := []string{} + + cgroup2, err := util.IsCgroup2UnifiedMode() + if err != nil || cgroup2 { + return warnings, err + } + sysInfo := sysinfo.New(true) // memory subsystem checks and adjustments diff --git a/cmd/podman/unshare.go b/cmd/podman/unshare.go new file mode 100644 index 000000000..1db647dba --- /dev/null +++ b/cmd/podman/unshare.go @@ -0,0 +1,54 @@ +// +build linux + +package main + +import ( + "os" + "os/exec" + + "github.com/containers/buildah/pkg/unshare" + "github.com/pkg/errors" + "github.com/spf13/cobra" +) + +var ( + unshareDescription = "Runs a command in a modified user namespace." + _unshareCommand = &cobra.Command{ + Use: "unshare [flags] [COMMAND [ARG]]", + Short: "Run a command in a modified user namespace", + Long: unshareDescription, + RunE: unshareCmd, + Example: `podman unshare id + podman unshare cat /proc/self/uid_map, + podman unshare podman-script.sh`, + } +) + +func init() { + _unshareCommand.SetUsageTemplate(UsageTemplate()) + flags := _unshareCommand.Flags() + flags.SetInterspersed(false) +} + +// unshareCmd execs whatever using the ID mappings that we want to use for ourselves +func unshareCmd(c *cobra.Command, args []string) error { + if isRootless := unshare.IsRootless(); !isRootless { + return errors.Errorf("please use unshare with rootless") + } + // exec the specified command, if there is one + if len(args) < 1 { + // try to exec the shell, if one's set + shell, shellSet := os.LookupEnv("SHELL") + if !shellSet { + return errors.Errorf("no command specified and no $SHELL specified") + } + args = []string{shell} + } + cmd := exec.Command(args[0], args[1:]...) + cmd.Env = unshare.RootlessEnv() + cmd.Stdin = os.Stdin + cmd.Stdout = os.Stdout + cmd.Stderr = os.Stderr + unshare.ExecRunnable(cmd) + return nil +} diff --git a/cmd/podman/version.go b/cmd/podman/version.go index 439a1cca6..52a518db8 100644 --- a/cmd/podman/version.go +++ b/cmd/podman/version.go @@ -70,7 +70,7 @@ func versionCmd(c *cliconfig.VersionValues) error { if remote { fmt.Fprintf(w, "\nService:\n") - runtime, err := adapter.GetRuntime(getContext(), nil) + runtime, err := adapter.GetRuntime(getContext(), &c.PodmanCommand) if err != nil { return errors.Wrapf(err, "could not get runtime") } |