aboutsummaryrefslogtreecommitdiff
path: root/cmd
diff options
context:
space:
mode:
Diffstat (limited to 'cmd')
-rw-r--r--cmd/podman/commands.go1
-rw-r--r--cmd/podman/libpodruntime/runtime.go6
-rw-r--r--cmd/podman/runlabel.go2
-rw-r--r--cmd/podman/shared/create_cli.go7
-rw-r--r--cmd/podman/unshare.go54
-rw-r--r--cmd/podman/version.go2
6 files changed, 69 insertions, 3 deletions
diff --git a/cmd/podman/commands.go b/cmd/podman/commands.go
index 3a409f503..2ac465b9d 100644
--- a/cmd/podman/commands.go
+++ b/cmd/podman/commands.go
@@ -20,6 +20,7 @@ func getMainCommands() []*cobra.Command {
_refreshCommand,
_searchCommand,
_statsCommand,
+ _unshareCommand,
}
if len(_varlinkCommand.Use) > 0 {
diff --git a/cmd/podman/libpodruntime/runtime.go b/cmd/podman/libpodruntime/runtime.go
index b533dc056..b8d77602d 100644
--- a/cmd/podman/libpodruntime/runtime.go
+++ b/cmd/podman/libpodruntime/runtime.go
@@ -107,7 +107,11 @@ func getRuntime(ctx context.Context, c *cliconfig.PodmanCommand, renumber bool,
if c.Flags().Changed("cgroup-manager") {
options = append(options, libpod.WithCgroupManager(c.GlobalFlags.CGroupManager))
} else {
- if rootless.IsRootless() {
+ unified, err := util.IsCgroup2UnifiedMode()
+ if err != nil {
+ return nil, err
+ }
+ if rootless.IsRootless() && !unified {
options = append(options, libpod.WithCgroupManager("cgroupfs"))
}
}
diff --git a/cmd/podman/runlabel.go b/cmd/podman/runlabel.go
index c426817de..e87b88992 100644
--- a/cmd/podman/runlabel.go
+++ b/cmd/podman/runlabel.go
@@ -152,7 +152,7 @@ func runlabelCmd(c *cliconfig.RunlabelValues) error {
return err
}
if !c.Quiet {
- fmt.Printf("command: %s\n", strings.Join(cmd, " "))
+ fmt.Printf("command: %s\n", strings.Join(append([]string{os.Args[0]}, cmd[1:]...), " "))
if c.Display {
return nil
}
diff --git a/cmd/podman/shared/create_cli.go b/cmd/podman/shared/create_cli.go
index f731e8db5..7f158b09a 100644
--- a/cmd/podman/shared/create_cli.go
+++ b/cmd/podman/shared/create_cli.go
@@ -7,6 +7,7 @@ import (
"github.com/containers/libpod/cmd/podman/shared/parse"
cc "github.com/containers/libpod/pkg/spec"
"github.com/containers/libpod/pkg/sysinfo"
+ "github.com/containers/libpod/pkg/util"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
)
@@ -76,6 +77,12 @@ func addWarning(warnings []string, msg string) []string {
func verifyContainerResources(config *cc.CreateConfig, update bool) ([]string, error) {
warnings := []string{}
+
+ cgroup2, err := util.IsCgroup2UnifiedMode()
+ if err != nil || cgroup2 {
+ return warnings, err
+ }
+
sysInfo := sysinfo.New(true)
// memory subsystem checks and adjustments
diff --git a/cmd/podman/unshare.go b/cmd/podman/unshare.go
new file mode 100644
index 000000000..1db647dba
--- /dev/null
+++ b/cmd/podman/unshare.go
@@ -0,0 +1,54 @@
+// +build linux
+
+package main
+
+import (
+ "os"
+ "os/exec"
+
+ "github.com/containers/buildah/pkg/unshare"
+ "github.com/pkg/errors"
+ "github.com/spf13/cobra"
+)
+
+var (
+ unshareDescription = "Runs a command in a modified user namespace."
+ _unshareCommand = &cobra.Command{
+ Use: "unshare [flags] [COMMAND [ARG]]",
+ Short: "Run a command in a modified user namespace",
+ Long: unshareDescription,
+ RunE: unshareCmd,
+ Example: `podman unshare id
+ podman unshare cat /proc/self/uid_map,
+ podman unshare podman-script.sh`,
+ }
+)
+
+func init() {
+ _unshareCommand.SetUsageTemplate(UsageTemplate())
+ flags := _unshareCommand.Flags()
+ flags.SetInterspersed(false)
+}
+
+// unshareCmd execs whatever using the ID mappings that we want to use for ourselves
+func unshareCmd(c *cobra.Command, args []string) error {
+ if isRootless := unshare.IsRootless(); !isRootless {
+ return errors.Errorf("please use unshare with rootless")
+ }
+ // exec the specified command, if there is one
+ if len(args) < 1 {
+ // try to exec the shell, if one's set
+ shell, shellSet := os.LookupEnv("SHELL")
+ if !shellSet {
+ return errors.Errorf("no command specified and no $SHELL specified")
+ }
+ args = []string{shell}
+ }
+ cmd := exec.Command(args[0], args[1:]...)
+ cmd.Env = unshare.RootlessEnv()
+ cmd.Stdin = os.Stdin
+ cmd.Stdout = os.Stdout
+ cmd.Stderr = os.Stderr
+ unshare.ExecRunnable(cmd)
+ return nil
+}
diff --git a/cmd/podman/version.go b/cmd/podman/version.go
index 439a1cca6..52a518db8 100644
--- a/cmd/podman/version.go
+++ b/cmd/podman/version.go
@@ -70,7 +70,7 @@ func versionCmd(c *cliconfig.VersionValues) error {
if remote {
fmt.Fprintf(w, "\nService:\n")
- runtime, err := adapter.GetRuntime(getContext(), nil)
+ runtime, err := adapter.GetRuntime(getContext(), &c.PodmanCommand)
if err != nil {
return errors.Wrapf(err, "could not get runtime")
}