diff options
Diffstat (limited to 'cmd')
-rw-r--r-- | cmd/podman/common/create.go | 18 | ||||
-rw-r--r-- | cmd/podman/common/util.go | 13 | ||||
-rw-r--r-- | cmd/podman/common/volumes.go | 44 | ||||
-rw-r--r-- | cmd/podman/containers/create.go | 16 | ||||
-rw-r--r-- | cmd/podman/containers/exec.go | 7 | ||||
-rw-r--r-- | cmd/podman/containers/run.go | 10 | ||||
-rw-r--r-- | cmd/podman/containers/start.go | 11 | ||||
-rw-r--r-- | cmd/podman/registry/remote.go | 26 | ||||
-rw-r--r-- | cmd/podman/system/service.go | 5 |
9 files changed, 100 insertions, 50 deletions
diff --git a/cmd/podman/common/create.go b/cmd/podman/common/create.go index e96b6a8d6..403a1065b 100644 --- a/cmd/podman/common/create.go +++ b/cmd/podman/common/create.go @@ -518,21 +518,3 @@ func GetCreateFlags(cf *ContainerCLIOpts) *pflag.FlagSet { ) return &createFlags } - -func AliasFlags(_ *pflag.FlagSet, name string) pflag.NormalizedName { - switch name { - case "healthcheck-command": - name = "health-cmd" - case "healthcheck-interval": - name = "health-interval" - case "healthcheck-retries": - name = "health-retries" - case "healthcheck-start-period": - name = "health-start-period" - case "healthcheck-timeout": - name = "health-timeout" - case "net": - name = "network" - } - return pflag.NormalizedName(name) -} diff --git a/cmd/podman/common/util.go b/cmd/podman/common/util.go index 41432c6f0..17e779c86 100644 --- a/cmd/podman/common/util.go +++ b/cmd/podman/common/util.go @@ -175,12 +175,15 @@ func parseSplitPort(hostIP, hostPort *string, ctrPort string, protocol *string) if hostIP != nil { if *hostIP == "" { return newPort, errors.Errorf("must provide a non-empty container host IP to publish") + } else if *hostIP != "0.0.0.0" { + // If hostIP is 0.0.0.0, leave it unset - CNI treats + // 0.0.0.0 and empty differently, Docker does not. + testIP := net.ParseIP(*hostIP) + if testIP == nil { + return newPort, errors.Errorf("cannot parse %q as an IP address", *hostIP) + } + newPort.HostIP = testIP.String() } - testIP := net.ParseIP(*hostIP) - if testIP == nil { - return newPort, errors.Errorf("cannot parse %q as an IP address", *hostIP) - } - newPort.HostIP = testIP.String() } if hostPort != nil { if *hostPort == "" { diff --git a/cmd/podman/common/volumes.go b/cmd/podman/common/volumes.go index 3b8f7ec6e..20c31bd81 100644 --- a/cmd/podman/common/volumes.go +++ b/cmd/podman/common/volumes.go @@ -20,6 +20,8 @@ const ( TypeVolume = "volume" // TypeTmpfs is the type for mounting tmpfs TypeTmpfs = "tmpfs" + // TypeDevpts is the type for creating a devpts + TypeDevpts = "devpts" ) var ( @@ -197,6 +199,15 @@ func getMounts(mountFlag []string) (map[string]spec.Mount, map[string]*specgen.N return nil, nil, errors.Wrapf(errDuplicateDest, mount.Destination) } finalMounts[mount.Destination] = mount + case TypeDevpts: + mount, err := getDevptsMount(tokens) + if err != nil { + return nil, nil, err + } + if _, ok := finalMounts[mount.Destination]; ok { + return nil, nil, errors.Wrapf(errDuplicateDest, mount.Destination) + } + finalMounts[mount.Destination] = mount case "volume": volume, err := getNamedVolume(tokens) if err != nil { @@ -416,6 +427,39 @@ func getTmpfsMount(args []string) (spec.Mount, error) { return newMount, nil } +// Parse a single devpts mount entry from the --mount flag +func getDevptsMount(args []string) (spec.Mount, error) { + newMount := spec.Mount{ + Type: TypeDevpts, + Source: TypeDevpts, + } + + var setDest bool + + for _, val := range args { + kv := strings.Split(val, "=") + switch kv[0] { + case "target", "dst", "destination": + if len(kv) == 1 { + return newMount, errors.Wrapf(optionArgError, kv[0]) + } + if err := parse.ValidateVolumeCtrDir(kv[1]); err != nil { + return newMount, err + } + newMount.Destination = filepath.Clean(kv[1]) + setDest = true + default: + return newMount, errors.Wrapf(util.ErrBadMntOption, kv[0]) + } + } + + if !setDest { + return newMount, noDestError + } + + return newMount, nil +} + // Parse a single volume mount entry from the --mount flag. // Note that the volume-label option for named volumes is currently NOT supported. // TODO: add support for --volume-label diff --git a/cmd/podman/containers/create.go b/cmd/podman/containers/create.go index dd77dc9d7..6eec93f98 100644 --- a/cmd/podman/containers/create.go +++ b/cmd/podman/containers/create.go @@ -12,6 +12,7 @@ import ( "github.com/containers/image/v5/transports/alltransports" "github.com/containers/podman/v2/cmd/podman/common" "github.com/containers/podman/v2/cmd/podman/registry" + "github.com/containers/podman/v2/cmd/podman/utils" "github.com/containers/podman/v2/libpod/define" "github.com/containers/podman/v2/pkg/domain/entities" "github.com/containers/podman/v2/pkg/errorhandling" @@ -58,7 +59,7 @@ func createFlags(flags *pflag.FlagSet) { flags.SetInterspersed(false) flags.AddFlagSet(common.GetCreateFlags(&cliVals)) flags.AddFlagSet(common.GetNetFlags()) - flags.SetNormalizeFunc(common.AliasFlags) + flags.SetNormalizeFunc(utils.AliasFlags) if registry.IsRemote() { _ = flags.MarkHidden("authfile") @@ -124,7 +125,7 @@ func create(cmd *cobra.Command, args []string) error { return err } - if _, err := createPodIfNecessary(s); err != nil { + if _, err := createPodIfNecessary(s, cliVals.Net); err != nil { return err } @@ -283,7 +284,7 @@ func openCidFile(cidfile string) (*os.File, error) { // createPodIfNecessary automatically creates a pod when requested. if the pod name // has the form new:ID, the pod ID is created and the name in the spec generator is replaced // with ID. -func createPodIfNecessary(s *specgen.SpecGenerator) (*entities.PodCreateReport, error) { +func createPodIfNecessary(s *specgen.SpecGenerator, netOpts *entities.NetOptions) (*entities.PodCreateReport, error) { if !strings.HasPrefix(s.Pod, "new:") { return nil, nil } @@ -292,11 +293,10 @@ func createPodIfNecessary(s *specgen.SpecGenerator) (*entities.PodCreateReport, return nil, errors.Errorf("new pod name must be at least one character") } createOptions := entities.PodCreateOptions{ - Name: podName, - Infra: true, - Net: &entities.NetOptions{ - PublishPorts: s.PortMappings, - }, + Name: podName, + Infra: true, + Net: netOpts, + CreateCommand: os.Args, } s.Pod = podName return registry.ContainerEngine().PodCreate(context.Background(), createOptions) diff --git a/cmd/podman/containers/exec.go b/cmd/podman/containers/exec.go index da450054f..e301ca588 100644 --- a/cmd/podman/containers/exec.go +++ b/cmd/podman/containers/exec.go @@ -10,6 +10,7 @@ import ( "github.com/containers/podman/v2/libpod/define" "github.com/containers/podman/v2/pkg/domain/entities" envLib "github.com/containers/podman/v2/pkg/env" + "github.com/containers/podman/v2/pkg/rootless" "github.com/pkg/errors" "github.com/spf13/cobra" "github.com/spf13/pflag" @@ -110,6 +111,12 @@ func exec(_ *cobra.Command, args []string) error { execOpts.Envs = envLib.Join(execOpts.Envs, cliEnv) + for fd := 3; fd < int(3+execOpts.PreserveFDs); fd++ { + if !rootless.IsFdInherited(fd) { + return errors.Errorf("file descriptor %d is not available - the preserve-fds option requires that file descriptors must be passed", fd) + } + } + if !execDetach { streams := define.AttachStreams{} streams.OutputStream = os.Stdout diff --git a/cmd/podman/containers/run.go b/cmd/podman/containers/run.go index 646c52645..a84cb6814 100644 --- a/cmd/podman/containers/run.go +++ b/cmd/podman/containers/run.go @@ -8,6 +8,7 @@ import ( "github.com/containers/podman/v2/cmd/podman/common" "github.com/containers/podman/v2/cmd/podman/registry" + "github.com/containers/podman/v2/cmd/podman/utils" "github.com/containers/podman/v2/libpod/define" "github.com/containers/podman/v2/pkg/domain/entities" "github.com/containers/podman/v2/pkg/errorhandling" @@ -58,7 +59,7 @@ func runFlags(flags *pflag.FlagSet) { flags.SetInterspersed(false) flags.AddFlagSet(common.GetCreateFlags(&cliVals)) flags.AddFlagSet(common.GetNetFlags()) - flags.SetNormalizeFunc(common.AliasFlags) + flags.SetNormalizeFunc(utils.AliasFlags) flags.BoolVar(&runOpts.SigProxy, "sig-proxy", true, "Proxy received signals to the process") flags.BoolVar(&runRmi, "rmi", false, "Remove container image unless used by other containers") flags.UintVar(&runOpts.PreserveFDs, "preserve-fds", 0, "Pass a number of additional file descriptors into the container") @@ -125,6 +126,11 @@ func run(cmd *cobra.Command, args []string) error { if err := createInit(cmd); err != nil { return err } + for fd := 3; fd < int(3+runOpts.PreserveFDs); fd++ { + if !rootless.IsFdInherited(fd) { + return errors.Errorf("file descriptor %d is not available - the preserve-fds option requires that file descriptors must be passed", fd) + } + } imageName := args[0] if !cliVals.RootFS { @@ -176,7 +182,7 @@ func run(cmd *cobra.Command, args []string) error { } runOpts.Spec = s - if _, err := createPodIfNecessary(s); err != nil { + if _, err := createPodIfNecessary(s, cliVals.Net); err != nil { return err } diff --git a/cmd/podman/containers/start.go b/cmd/podman/containers/start.go index 05fdfc780..ccbe80317 100644 --- a/cmd/podman/containers/start.go +++ b/cmd/podman/containers/start.go @@ -99,12 +99,17 @@ func start(cmd *cobra.Command, args []string) error { } for _, r := range responses { - if r.Err == nil && !startOptions.Attach { - fmt.Println(r.RawInput) + if r.Err == nil { + if startOptions.Attach { + // Implement the exitcode when the only one container is enabled attach + registry.SetExitCode(r.ExitCode) + } else { + fmt.Println(r.RawInput) + } } else { errs = append(errs, r.Err) } } - // TODO need to understand an implement exitcodes + return errs.PrintErrors() } diff --git a/cmd/podman/registry/remote.go b/cmd/podman/registry/remote.go index 7dbdd3824..9b7523ac0 100644 --- a/cmd/podman/registry/remote.go +++ b/cmd/podman/registry/remote.go @@ -5,22 +5,24 @@ import ( "sync" "github.com/containers/podman/v2/pkg/domain/entities" - "github.com/spf13/cobra" + "github.com/spf13/pflag" ) -var ( - // Was --remote given on command line - remoteOverride bool - remoteSync sync.Once -) +// Value for --remote given on command line +var remoteFromCLI = struct { + Value bool + sync sync.Once +}{} -// IsRemote returns true if podman was built to run remote +// IsRemote returns true if podman was built to run remote or --remote flag given on CLI // Use in init() functions as a initialization check func IsRemote() bool { - remoteSync.Do(func() { - remote := &cobra.Command{} - remote.Flags().BoolVarP(&remoteOverride, "remote", "r", false, "") - _ = remote.ParseFlags(os.Args) + remoteFromCLI.sync.Do(func() { + fs := pflag.NewFlagSet("remote", pflag.ContinueOnError) + fs.BoolVarP(&remoteFromCLI.Value, "remote", "r", false, "") + fs.ParseErrorsWhitelist.UnknownFlags = true + fs.SetInterspersed(false) + _ = fs.Parse(os.Args[1:]) }) - return podmanOptions.EngineMode == entities.TunnelMode || remoteOverride + return podmanOptions.EngineMode == entities.TunnelMode || remoteFromCLI.Value } diff --git a/cmd/podman/system/service.go b/cmd/podman/system/service.go index 2d511f0ec..7c692b07e 100644 --- a/cmd/podman/system/service.go +++ b/cmd/podman/system/service.go @@ -49,7 +49,7 @@ func init() { flags := srvCmd.Flags() flags.Int64VarP(&srvArgs.Timeout, "time", "t", 5, "Time until the service session expires in seconds. Use 0 to disable the timeout") - flags.BoolVar(&srvArgs.Varlink, "varlink", false, "Use legacy varlink service instead of REST") + flags.BoolVar(&srvArgs.Varlink, "varlink", false, "Use legacy varlink service instead of REST. Unit of --time changes from seconds to milliseconds.") _ = flags.MarkDeprecated("varlink", "valink API is deprecated.") flags.SetNormalizeFunc(aliasTimeoutFlag) @@ -88,14 +88,15 @@ func service(cmd *cobra.Command, args []string) error { opts := entities.ServiceOptions{ URI: apiURI, - Timeout: time.Duration(srvArgs.Timeout) * time.Second, Command: cmd, } if srvArgs.Varlink { + opts.Timeout = time.Duration(srvArgs.Timeout) * time.Millisecond return registry.ContainerEngine().VarlinkService(registry.GetContext(), opts) } + opts.Timeout = time.Duration(srvArgs.Timeout) * time.Second return restService(opts, cmd.Flags(), registry.PodmanConfig()) } |