diff options
Diffstat (limited to 'cmd/podman')
-rw-r--r-- | cmd/podman/common.go | 9 | ||||
-rw-r--r-- | cmd/podman/create.go | 10 | ||||
-rw-r--r-- | cmd/podman/create_cli.go | 2 | ||||
-rw-r--r-- | cmd/podman/login.go | 42 | ||||
-rw-r--r-- | cmd/podman/main.go | 3 | ||||
-rw-r--r-- | cmd/podman/shared/container.go | 14 | ||||
-rw-r--r-- | cmd/podman/shared/funcs.go | 4 | ||||
-rw-r--r-- | cmd/podman/varlink/io.podman.varlink | 2 |
8 files changed, 61 insertions, 25 deletions
diff --git a/cmd/podman/common.go b/cmd/podman/common.go index 8404a29b8..0fc9a6acc 100644 --- a/cmd/podman/common.go +++ b/cmd/podman/common.go @@ -321,6 +321,15 @@ var createFlags = []cli.Flag{ Value: "bind", }, cli.BoolFlag{ + Name: "init", + Usage: "Run an init binary inside the container that forwards signals and reaps processes", + }, + cli.StringFlag{ + Name: "init-path", + // Do not use the Value field for setting the default value to determine user input (i.e., non-empty string) + Usage: fmt.Sprintf("Path to the container-init binary (default: %q)", libpod.DefaultInitPath), + }, + cli.BoolFlag{ Name: "interactive, i", Usage: "Keep STDIN open even if not attached", }, diff --git a/cmd/podman/create.go b/cmd/podman/create.go index dae429047..395a64b3b 100644 --- a/cmd/podman/create.go +++ b/cmd/podman/create.go @@ -809,6 +809,16 @@ func parseCreateOpts(ctx context.Context, c *cli.Context, runtime *libpod.Runtim Syslog: c.GlobalBool("syslog"), } + if c.Bool("init") { + initPath := c.String("init-path") + if initPath == "" { + initPath = runtime.GetConfig().InitPath + } + if err := config.AddContainerInitBinary(initPath); err != nil { + return nil, err + } + } + if config.Privileged { config.LabelOpts = label.DisableSecOpt() } else { diff --git a/cmd/podman/create_cli.go b/cmd/podman/create_cli.go index 2a820fa43..1a0830f2e 100644 --- a/cmd/podman/create_cli.go +++ b/cmd/podman/create_cli.go @@ -7,7 +7,7 @@ import ( "strings" cc "github.com/containers/libpod/pkg/spec" - "github.com/docker/docker/pkg/sysinfo" + "github.com/containers/libpod/pkg/sysinfo" "github.com/docker/go-units" spec "github.com/opencontainers/runtime-spec/specs-go" "github.com/pkg/errors" diff --git a/cmd/podman/login.go b/cmd/podman/login.go index 4452651f8..fc7b39ed8 100644 --- a/cmd/podman/login.go +++ b/cmd/podman/login.go @@ -62,12 +62,18 @@ func loginCmd(c *cli.Context) error { return errors.Errorf("too many arguments, login takes only 1 argument") } if len(args) == 0 { - return errors.Errorf("registry must be given") + return errors.Errorf("please specify a registry to login to") } server := registryFromFullName(scrubServer(args[0])) authfile := getAuthFile(c.String("authfile")) sc := common.GetSystemContext("", authfile, false) + if c.IsSet("tls-verify") { + sc.DockerInsecureSkipTLSVerify = types.NewOptionalBool(!c.BoolT("tls-verify")) + } + if c.String("cert-dir") != "" { + sc.DockerCertPath = c.String("cert-dir") + } if c.IsSet("get-login") { user, err := config.GetUserLoggedIn(sc, server) @@ -87,39 +93,25 @@ func loginCmd(c *cli.Context) error { // username of user logged in to server (if one exists) userFromAuthFile, passFromAuthFile, err := config.GetAuthentication(sc, server) if err != nil { - return errors.Wrapf(err, "error getting logged-in user") + return errors.Wrapf(err, "error reading auth file") } ctx := getContext() - - var ( - username string - password string - ) - - if userFromAuthFile != "" { - username = userFromAuthFile - password = passFromAuthFile + // If no username and no password is specified, try to use existing ones. + if c.String("username") == "" && c.String("password") == "" { fmt.Println("Authenticating with existing credentials...") - if err := docker.CheckAuth(ctx, sc, username, password, server); err == nil { + if err := docker.CheckAuth(ctx, sc, userFromAuthFile, passFromAuthFile, server); err == nil { fmt.Println("Existing credentials are valid. Already logged in to", server) return nil } fmt.Println("Existing credentials are invalid, please enter valid username and password") } - username, password, err = getUserAndPass(c.String("username"), c.String("password"), userFromAuthFile) + username, password, err := getUserAndPass(c.String("username"), c.String("password"), userFromAuthFile) if err != nil { return errors.Wrapf(err, "error getting username and password") } - if c.IsSet("tls-verify") { - sc.DockerInsecureSkipTLSVerify = types.NewOptionalBool(!c.BoolT("tls-verify")) - } - if c.String("cert-dir") != "" { - sc.DockerCertPath = c.String("cert-dir") - } - if err = docker.CheckAuth(ctx, sc, username, password, server); err == nil { // Write the new credentials to the authfile if err = config.SetAuthentication(sc, server, username, password); err != nil { @@ -131,14 +123,15 @@ func loginCmd(c *cli.Context) error { fmt.Println("Login Succeeded!") return nil case docker.ErrUnauthorizedForCredentials: - return errors.Errorf("error logging into %q: invalid username/password\n", server) + return errors.Errorf("error logging into %q: invalid username/password", server) default: return errors.Wrapf(err, "error authenticating creds for %q", server) } } // getUserAndPass gets the username and password from STDIN if not given -// using the -u and -p flags +// using the -u and -p flags. If the username prompt is left empty, the +// displayed userFromAuthFile will be used instead. func getUserAndPass(username, password, userFromAuthFile string) (string, string, error) { var err error reader := bufio.NewReader(os.Stdin) @@ -152,7 +145,10 @@ func getUserAndPass(username, password, userFromAuthFile string) (string, string if err != nil { return "", "", errors.Wrapf(err, "error reading username") } - // If no username provided, use userFromAuthFile instead. + // If the user just hit enter, use the displayed user from the + // the authentication file. This allows to do a lazy + // `$ podman login -p $NEW_PASSWORD` without specifying the + // user. if strings.TrimSpace(username) == "" { username = userFromAuthFile } diff --git a/cmd/podman/main.go b/cmd/podman/main.go index 7ef22a93b..43804ee35 100644 --- a/cmd/podman/main.go +++ b/cmd/podman/main.go @@ -161,6 +161,9 @@ func main() { logrus.Info("running as rootless") } + // Be sure we can create directories with 0755 mode. + syscall.Umask(0022) + if logLevel == "debug" { debug = true diff --git a/cmd/podman/shared/container.go b/cmd/podman/shared/container.go index 30beb4a49..6c7d8eb52 100644 --- a/cmd/podman/shared/container.go +++ b/cmd/podman/shared/container.go @@ -4,6 +4,7 @@ import ( "context" "encoding/json" "fmt" + "github.com/google/shlex" "io" "os" "path/filepath" @@ -640,6 +641,14 @@ func GetRunlabel(label string, runlabelImage string, ctx context.Context, runtim // GenerateRunlabelCommand generates the command that will eventually be execucted by podman func GenerateRunlabelCommand(runLabel, imageName, name string, opts map[string]string, extraArgs []string) ([]string, []string, error) { + // If no name is provided, we use the image's basename instead + if name == "" { + baseName, err := image.GetImageBaseName(imageName) + if err != nil { + return nil, nil, err + } + name = baseName + } // The user provided extra arguments that need to be tacked onto the label's command if len(extraArgs) > 0 { runLabel = fmt.Sprintf("%s %s", runLabel, strings.Join(extraArgs, " ")) @@ -665,7 +674,10 @@ func GenerateRunlabelCommand(runLabel, imageName, name string, opts map[string]s return "" } newS := os.Expand(strings.Join(cmd, " "), envmapper) - cmd = strings.Split(newS, " ") + cmd, err = shlex.Split(newS) + if err != nil { + return nil, nil, err + } return cmd, env, nil } diff --git a/cmd/podman/shared/funcs.go b/cmd/podman/shared/funcs.go index 8770b8ec0..70d041fd2 100644 --- a/cmd/podman/shared/funcs.go +++ b/cmd/podman/shared/funcs.go @@ -65,6 +65,8 @@ func GenerateCommand(command, imageName, name string) ([]string, error) { switch arg { case "IMAGE": newArg = imageName + case "$IMAGE": + newArg = imageName case "IMAGE=IMAGE": newArg = fmt.Sprintf("IMAGE=%s", imageName) case "IMAGE=$IMAGE": @@ -75,6 +77,8 @@ func GenerateCommand(command, imageName, name string) ([]string, error) { newArg = fmt.Sprintf("NAME=%s", name) case "NAME=$NAME": newArg = fmt.Sprintf("NAME=%s", name) + case "$NAME": + newArg = name default: newArg = arg } diff --git a/cmd/podman/varlink/io.podman.varlink b/cmd/podman/varlink/io.podman.varlink index c1b7c703a..4e8b69faf 100644 --- a/cmd/podman/varlink/io.podman.varlink +++ b/cmd/podman/varlink/io.podman.varlink @@ -211,6 +211,8 @@ type Create ( hostname: string, image: string, image_id: string, + init: bool, + init_path: string, builtin_imgvolumes: []string, id_mappings: IDMappingOptions, image_volume_type: string, |