summaryrefslogtreecommitdiff
path: root/cmd
diff options
context:
space:
mode:
Diffstat (limited to 'cmd')
-rw-r--r--cmd/podman/common/create.go18
-rw-r--r--cmd/podman/common/util.go13
-rw-r--r--cmd/podman/common/volumes.go44
-rw-r--r--cmd/podman/containers/create.go16
-rw-r--r--cmd/podman/containers/exec.go7
-rw-r--r--cmd/podman/containers/run.go10
-rw-r--r--cmd/podman/containers/start.go11
-rw-r--r--cmd/podman/registry/remote.go26
-rw-r--r--cmd/podman/system/service.go5
9 files changed, 100 insertions, 50 deletions
diff --git a/cmd/podman/common/create.go b/cmd/podman/common/create.go
index e96b6a8d6..403a1065b 100644
--- a/cmd/podman/common/create.go
+++ b/cmd/podman/common/create.go
@@ -518,21 +518,3 @@ func GetCreateFlags(cf *ContainerCLIOpts) *pflag.FlagSet {
)
return &createFlags
}
-
-func AliasFlags(_ *pflag.FlagSet, name string) pflag.NormalizedName {
- switch name {
- case "healthcheck-command":
- name = "health-cmd"
- case "healthcheck-interval":
- name = "health-interval"
- case "healthcheck-retries":
- name = "health-retries"
- case "healthcheck-start-period":
- name = "health-start-period"
- case "healthcheck-timeout":
- name = "health-timeout"
- case "net":
- name = "network"
- }
- return pflag.NormalizedName(name)
-}
diff --git a/cmd/podman/common/util.go b/cmd/podman/common/util.go
index 41432c6f0..17e779c86 100644
--- a/cmd/podman/common/util.go
+++ b/cmd/podman/common/util.go
@@ -175,12 +175,15 @@ func parseSplitPort(hostIP, hostPort *string, ctrPort string, protocol *string)
if hostIP != nil {
if *hostIP == "" {
return newPort, errors.Errorf("must provide a non-empty container host IP to publish")
+ } else if *hostIP != "0.0.0.0" {
+ // If hostIP is 0.0.0.0, leave it unset - CNI treats
+ // 0.0.0.0 and empty differently, Docker does not.
+ testIP := net.ParseIP(*hostIP)
+ if testIP == nil {
+ return newPort, errors.Errorf("cannot parse %q as an IP address", *hostIP)
+ }
+ newPort.HostIP = testIP.String()
}
- testIP := net.ParseIP(*hostIP)
- if testIP == nil {
- return newPort, errors.Errorf("cannot parse %q as an IP address", *hostIP)
- }
- newPort.HostIP = testIP.String()
}
if hostPort != nil {
if *hostPort == "" {
diff --git a/cmd/podman/common/volumes.go b/cmd/podman/common/volumes.go
index 3b8f7ec6e..20c31bd81 100644
--- a/cmd/podman/common/volumes.go
+++ b/cmd/podman/common/volumes.go
@@ -20,6 +20,8 @@ const (
TypeVolume = "volume"
// TypeTmpfs is the type for mounting tmpfs
TypeTmpfs = "tmpfs"
+ // TypeDevpts is the type for creating a devpts
+ TypeDevpts = "devpts"
)
var (
@@ -197,6 +199,15 @@ func getMounts(mountFlag []string) (map[string]spec.Mount, map[string]*specgen.N
return nil, nil, errors.Wrapf(errDuplicateDest, mount.Destination)
}
finalMounts[mount.Destination] = mount
+ case TypeDevpts:
+ mount, err := getDevptsMount(tokens)
+ if err != nil {
+ return nil, nil, err
+ }
+ if _, ok := finalMounts[mount.Destination]; ok {
+ return nil, nil, errors.Wrapf(errDuplicateDest, mount.Destination)
+ }
+ finalMounts[mount.Destination] = mount
case "volume":
volume, err := getNamedVolume(tokens)
if err != nil {
@@ -416,6 +427,39 @@ func getTmpfsMount(args []string) (spec.Mount, error) {
return newMount, nil
}
+// Parse a single devpts mount entry from the --mount flag
+func getDevptsMount(args []string) (spec.Mount, error) {
+ newMount := spec.Mount{
+ Type: TypeDevpts,
+ Source: TypeDevpts,
+ }
+
+ var setDest bool
+
+ for _, val := range args {
+ kv := strings.Split(val, "=")
+ switch kv[0] {
+ case "target", "dst", "destination":
+ if len(kv) == 1 {
+ return newMount, errors.Wrapf(optionArgError, kv[0])
+ }
+ if err := parse.ValidateVolumeCtrDir(kv[1]); err != nil {
+ return newMount, err
+ }
+ newMount.Destination = filepath.Clean(kv[1])
+ setDest = true
+ default:
+ return newMount, errors.Wrapf(util.ErrBadMntOption, kv[0])
+ }
+ }
+
+ if !setDest {
+ return newMount, noDestError
+ }
+
+ return newMount, nil
+}
+
// Parse a single volume mount entry from the --mount flag.
// Note that the volume-label option for named volumes is currently NOT supported.
// TODO: add support for --volume-label
diff --git a/cmd/podman/containers/create.go b/cmd/podman/containers/create.go
index dd77dc9d7..6eec93f98 100644
--- a/cmd/podman/containers/create.go
+++ b/cmd/podman/containers/create.go
@@ -12,6 +12,7 @@ import (
"github.com/containers/image/v5/transports/alltransports"
"github.com/containers/podman/v2/cmd/podman/common"
"github.com/containers/podman/v2/cmd/podman/registry"
+ "github.com/containers/podman/v2/cmd/podman/utils"
"github.com/containers/podman/v2/libpod/define"
"github.com/containers/podman/v2/pkg/domain/entities"
"github.com/containers/podman/v2/pkg/errorhandling"
@@ -58,7 +59,7 @@ func createFlags(flags *pflag.FlagSet) {
flags.SetInterspersed(false)
flags.AddFlagSet(common.GetCreateFlags(&cliVals))
flags.AddFlagSet(common.GetNetFlags())
- flags.SetNormalizeFunc(common.AliasFlags)
+ flags.SetNormalizeFunc(utils.AliasFlags)
if registry.IsRemote() {
_ = flags.MarkHidden("authfile")
@@ -124,7 +125,7 @@ func create(cmd *cobra.Command, args []string) error {
return err
}
- if _, err := createPodIfNecessary(s); err != nil {
+ if _, err := createPodIfNecessary(s, cliVals.Net); err != nil {
return err
}
@@ -283,7 +284,7 @@ func openCidFile(cidfile string) (*os.File, error) {
// createPodIfNecessary automatically creates a pod when requested. if the pod name
// has the form new:ID, the pod ID is created and the name in the spec generator is replaced
// with ID.
-func createPodIfNecessary(s *specgen.SpecGenerator) (*entities.PodCreateReport, error) {
+func createPodIfNecessary(s *specgen.SpecGenerator, netOpts *entities.NetOptions) (*entities.PodCreateReport, error) {
if !strings.HasPrefix(s.Pod, "new:") {
return nil, nil
}
@@ -292,11 +293,10 @@ func createPodIfNecessary(s *specgen.SpecGenerator) (*entities.PodCreateReport,
return nil, errors.Errorf("new pod name must be at least one character")
}
createOptions := entities.PodCreateOptions{
- Name: podName,
- Infra: true,
- Net: &entities.NetOptions{
- PublishPorts: s.PortMappings,
- },
+ Name: podName,
+ Infra: true,
+ Net: netOpts,
+ CreateCommand: os.Args,
}
s.Pod = podName
return registry.ContainerEngine().PodCreate(context.Background(), createOptions)
diff --git a/cmd/podman/containers/exec.go b/cmd/podman/containers/exec.go
index da450054f..e301ca588 100644
--- a/cmd/podman/containers/exec.go
+++ b/cmd/podman/containers/exec.go
@@ -10,6 +10,7 @@ import (
"github.com/containers/podman/v2/libpod/define"
"github.com/containers/podman/v2/pkg/domain/entities"
envLib "github.com/containers/podman/v2/pkg/env"
+ "github.com/containers/podman/v2/pkg/rootless"
"github.com/pkg/errors"
"github.com/spf13/cobra"
"github.com/spf13/pflag"
@@ -110,6 +111,12 @@ func exec(_ *cobra.Command, args []string) error {
execOpts.Envs = envLib.Join(execOpts.Envs, cliEnv)
+ for fd := 3; fd < int(3+execOpts.PreserveFDs); fd++ {
+ if !rootless.IsFdInherited(fd) {
+ return errors.Errorf("file descriptor %d is not available - the preserve-fds option requires that file descriptors must be passed", fd)
+ }
+ }
+
if !execDetach {
streams := define.AttachStreams{}
streams.OutputStream = os.Stdout
diff --git a/cmd/podman/containers/run.go b/cmd/podman/containers/run.go
index 646c52645..a84cb6814 100644
--- a/cmd/podman/containers/run.go
+++ b/cmd/podman/containers/run.go
@@ -8,6 +8,7 @@ import (
"github.com/containers/podman/v2/cmd/podman/common"
"github.com/containers/podman/v2/cmd/podman/registry"
+ "github.com/containers/podman/v2/cmd/podman/utils"
"github.com/containers/podman/v2/libpod/define"
"github.com/containers/podman/v2/pkg/domain/entities"
"github.com/containers/podman/v2/pkg/errorhandling"
@@ -58,7 +59,7 @@ func runFlags(flags *pflag.FlagSet) {
flags.SetInterspersed(false)
flags.AddFlagSet(common.GetCreateFlags(&cliVals))
flags.AddFlagSet(common.GetNetFlags())
- flags.SetNormalizeFunc(common.AliasFlags)
+ flags.SetNormalizeFunc(utils.AliasFlags)
flags.BoolVar(&runOpts.SigProxy, "sig-proxy", true, "Proxy received signals to the process")
flags.BoolVar(&runRmi, "rmi", false, "Remove container image unless used by other containers")
flags.UintVar(&runOpts.PreserveFDs, "preserve-fds", 0, "Pass a number of additional file descriptors into the container")
@@ -125,6 +126,11 @@ func run(cmd *cobra.Command, args []string) error {
if err := createInit(cmd); err != nil {
return err
}
+ for fd := 3; fd < int(3+runOpts.PreserveFDs); fd++ {
+ if !rootless.IsFdInherited(fd) {
+ return errors.Errorf("file descriptor %d is not available - the preserve-fds option requires that file descriptors must be passed", fd)
+ }
+ }
imageName := args[0]
if !cliVals.RootFS {
@@ -176,7 +182,7 @@ func run(cmd *cobra.Command, args []string) error {
}
runOpts.Spec = s
- if _, err := createPodIfNecessary(s); err != nil {
+ if _, err := createPodIfNecessary(s, cliVals.Net); err != nil {
return err
}
diff --git a/cmd/podman/containers/start.go b/cmd/podman/containers/start.go
index 05fdfc780..ccbe80317 100644
--- a/cmd/podman/containers/start.go
+++ b/cmd/podman/containers/start.go
@@ -99,12 +99,17 @@ func start(cmd *cobra.Command, args []string) error {
}
for _, r := range responses {
- if r.Err == nil && !startOptions.Attach {
- fmt.Println(r.RawInput)
+ if r.Err == nil {
+ if startOptions.Attach {
+ // Implement the exitcode when the only one container is enabled attach
+ registry.SetExitCode(r.ExitCode)
+ } else {
+ fmt.Println(r.RawInput)
+ }
} else {
errs = append(errs, r.Err)
}
}
- // TODO need to understand an implement exitcodes
+
return errs.PrintErrors()
}
diff --git a/cmd/podman/registry/remote.go b/cmd/podman/registry/remote.go
index 7dbdd3824..9b7523ac0 100644
--- a/cmd/podman/registry/remote.go
+++ b/cmd/podman/registry/remote.go
@@ -5,22 +5,24 @@ import (
"sync"
"github.com/containers/podman/v2/pkg/domain/entities"
- "github.com/spf13/cobra"
+ "github.com/spf13/pflag"
)
-var (
- // Was --remote given on command line
- remoteOverride bool
- remoteSync sync.Once
-)
+// Value for --remote given on command line
+var remoteFromCLI = struct {
+ Value bool
+ sync sync.Once
+}{}
-// IsRemote returns true if podman was built to run remote
+// IsRemote returns true if podman was built to run remote or --remote flag given on CLI
// Use in init() functions as a initialization check
func IsRemote() bool {
- remoteSync.Do(func() {
- remote := &cobra.Command{}
- remote.Flags().BoolVarP(&remoteOverride, "remote", "r", false, "")
- _ = remote.ParseFlags(os.Args)
+ remoteFromCLI.sync.Do(func() {
+ fs := pflag.NewFlagSet("remote", pflag.ContinueOnError)
+ fs.BoolVarP(&remoteFromCLI.Value, "remote", "r", false, "")
+ fs.ParseErrorsWhitelist.UnknownFlags = true
+ fs.SetInterspersed(false)
+ _ = fs.Parse(os.Args[1:])
})
- return podmanOptions.EngineMode == entities.TunnelMode || remoteOverride
+ return podmanOptions.EngineMode == entities.TunnelMode || remoteFromCLI.Value
}
diff --git a/cmd/podman/system/service.go b/cmd/podman/system/service.go
index 2d511f0ec..7c692b07e 100644
--- a/cmd/podman/system/service.go
+++ b/cmd/podman/system/service.go
@@ -49,7 +49,7 @@ func init() {
flags := srvCmd.Flags()
flags.Int64VarP(&srvArgs.Timeout, "time", "t", 5, "Time until the service session expires in seconds. Use 0 to disable the timeout")
- flags.BoolVar(&srvArgs.Varlink, "varlink", false, "Use legacy varlink service instead of REST")
+ flags.BoolVar(&srvArgs.Varlink, "varlink", false, "Use legacy varlink service instead of REST. Unit of --time changes from seconds to milliseconds.")
_ = flags.MarkDeprecated("varlink", "valink API is deprecated.")
flags.SetNormalizeFunc(aliasTimeoutFlag)
@@ -88,14 +88,15 @@ func service(cmd *cobra.Command, args []string) error {
opts := entities.ServiceOptions{
URI: apiURI,
- Timeout: time.Duration(srvArgs.Timeout) * time.Second,
Command: cmd,
}
if srvArgs.Varlink {
+ opts.Timeout = time.Duration(srvArgs.Timeout) * time.Millisecond
return registry.ContainerEngine().VarlinkService(registry.GetContext(), opts)
}
+ opts.Timeout = time.Duration(srvArgs.Timeout) * time.Second
return restService(opts, cmd.Flags(), registry.PodmanConfig())
}