diff options
Diffstat (limited to 'cmd/podman')
| -rw-r--r-- | cmd/podman/create.go | 28 | ||||
| -rw-r--r-- | cmd/podman/libpodruntime/runtime.go | 6 | ||||
| -rw-r--r-- | cmd/podman/play_kube.go | 2 |
3 files changed, 24 insertions, 12 deletions
diff --git a/cmd/podman/create.go b/cmd/podman/create.go index d98b78bd4..1aa3425a5 100644 --- a/cmd/podman/create.go +++ b/cmd/podman/create.go @@ -4,6 +4,7 @@ import ( "context" "encoding/json" "fmt" + "io/ioutil" "os" "path/filepath" "strconv" @@ -144,7 +145,7 @@ func createContainer(c *cli.Context, runtime *libpod.Runtime) (*libpod.Container return nil, nil, err } - ctr, err := createContainerFromCreateConfig(runtime, createConfig, ctx) + ctr, err := createContainerFromCreateConfig(runtime, createConfig, ctx, nil) if err != nil { return nil, nil, err } @@ -421,6 +422,16 @@ func parseCreateOpts(ctx context.Context, c *cli.Context, runtime *libpod.Runtim } if c.IsSet("pod") { if strings.HasPrefix(originalPodName, "new:") { + if rootless.IsRootless() { + // To create a new pod, we must immediately create the userns. + became, ret, err := rootless.BecomeRootInUserNS() + if err != nil { + return nil, err + } + if became { + os.Exit(ret) + } + } // pod does not exist; lets make it var podOptions []libpod.PodCreateOption podOptions = append(podOptions, libpod.WithPodName(podName), libpod.WithInfraContainer(), libpod.WithPodCgroups()) @@ -785,11 +796,15 @@ func joinOrCreateRootlessUserNamespace(createConfig *cc.CreateConfig, runtime *l if s != libpod.ContainerStateRunning && s != libpod.ContainerStatePaused { continue } - pid, err := prevCtr.PID() + data, err := ioutil.ReadFile(prevCtr.Config().ConmonPidFile) if err != nil { - return false, -1, err + return false, -1, errors.Wrapf(err, "cannot read conmon PID file %q", prevCtr.Config().ConmonPidFile) } - return rootless.JoinNS(uint(pid)) + conmonPid, err := strconv.Atoi(string(data)) + if err != nil { + return false, -1, errors.Wrapf(err, "cannot parse PID %q", data) + } + return rootless.JoinDirectUserAndMountNS(uint(conmonPid)) } } @@ -817,17 +832,16 @@ func joinOrCreateRootlessUserNamespace(createConfig *cc.CreateConfig, runtime *l return rootless.BecomeRootInUserNS() } -func createContainerFromCreateConfig(r *libpod.Runtime, createConfig *cc.CreateConfig, ctx context.Context) (*libpod.Container, error) { +func createContainerFromCreateConfig(r *libpod.Runtime, createConfig *cc.CreateConfig, ctx context.Context, pod *libpod.Pod) (*libpod.Container, error) { runtimeSpec, err := cc.CreateConfigToOCISpec(createConfig) if err != nil { return nil, err } - options, err := createConfig.GetContainerCreateOptions(r) + options, err := createConfig.GetContainerCreateOptions(r, pod) if err != nil { return nil, err } - became, ret, err := joinOrCreateRootlessUserNamespace(createConfig, r) if err != nil { return nil, err diff --git a/cmd/podman/libpodruntime/runtime.go b/cmd/podman/libpodruntime/runtime.go index d7a0dd931..dca2f5022 100644 --- a/cmd/podman/libpodruntime/runtime.go +++ b/cmd/podman/libpodruntime/runtime.go @@ -4,17 +4,15 @@ import ( "github.com/containers/libpod/libpod" "github.com/containers/libpod/pkg/rootless" "github.com/containers/libpod/pkg/util" - "github.com/containers/storage" "github.com/pkg/errors" "github.com/urfave/cli" ) // GetRuntime generates a new libpod runtime configured by command line options func GetRuntime(c *cli.Context) (*libpod.Runtime, error) { - storageOpts := new(storage.StoreOptions) options := []libpod.RuntimeOption{} - _, volumePath, err := util.GetDefaultStoreOptions() + storageOpts, volumePath, err := util.GetDefaultStoreOptions() if err != nil { return nil, err } @@ -44,7 +42,7 @@ func GetRuntime(c *cli.Context) (*libpod.Runtime, error) { storageOpts.GraphDriverOptions = c.GlobalStringSlice("storage-opt") } - options = append(options, libpod.WithStorageConfig(*storageOpts)) + options = append(options, libpod.WithStorageConfig(storageOpts)) // TODO CLI flags for image config? // TODO CLI flag for signature policy? diff --git a/cmd/podman/play_kube.go b/cmd/podman/play_kube.go index f165c5f0f..2ce2e21bb 100644 --- a/cmd/podman/play_kube.go +++ b/cmd/podman/play_kube.go @@ -154,7 +154,7 @@ func playKubeYAMLCmd(c *cli.Context) error { if err != nil { return err } - ctr, err := createContainerFromCreateConfig(runtime, createConfig, ctx) + ctr, err := createContainerFromCreateConfig(runtime, createConfig, ctx, pod) if err != nil { return err } |