summaryrefslogtreecommitdiff
path: root/cmd
diff options
context:
space:
mode:
Diffstat (limited to 'cmd')
-rw-r--r--cmd/podman/common/create.go5
-rw-r--r--cmd/podman/common/create_opts.go2
-rw-r--r--cmd/podman/common/specgen.go15
-rw-r--r--cmd/podman/common/volumes.go8
-rw-r--r--cmd/podman/containers/create.go5
-rw-r--r--cmd/podman/early_init_linux.go2
-rw-r--r--cmd/podman/root.go37
-rw-r--r--cmd/podman/system/connection/add.go2
8 files changed, 60 insertions, 16 deletions
diff --git a/cmd/podman/common/create.go b/cmd/podman/common/create.go
index 403a1065b..d0bc8d466 100644
--- a/cmd/podman/common/create.go
+++ b/cmd/podman/common/create.go
@@ -516,5 +516,10 @@ func GetCreateFlags(cf *ContainerCLIOpts) *pflag.FlagSet {
"seccomp-policy", "default",
"Policy for selecting a seccomp profile (experimental)",
)
+ createFlags.StringSliceVar(
+ &cf.CgroupConf,
+ "cgroup-conf", []string{},
+ "Configure cgroup v2 (key=value)",
+ )
return &createFlags
}
diff --git a/cmd/podman/common/create_opts.go b/cmd/podman/common/create_opts.go
index f9e4d7ca5..16d41988f 100644
--- a/cmd/podman/common/create_opts.go
+++ b/cmd/podman/common/create_opts.go
@@ -106,4 +106,6 @@ type ContainerCLIOpts struct {
SeccompPolicy string
Net *entities.NetOptions
+
+ CgroupConf []string
}
diff --git a/cmd/podman/common/specgen.go b/cmd/podman/common/specgen.go
index bf50bb56b..4de622916 100644
--- a/cmd/podman/common/specgen.go
+++ b/cmd/podman/common/specgen.go
@@ -450,7 +450,20 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string
s.ResourceLimits.Pids = &pids
}
s.ResourceLimits.CPU = getCPULimits(c)
- if s.ResourceLimits.CPU == nil && s.ResourceLimits.Pids == nil && s.ResourceLimits.BlockIO == nil && s.ResourceLimits.Memory == nil {
+
+ unifieds := make(map[string]string)
+ for _, unified := range c.CgroupConf {
+ splitUnified := strings.SplitN(unified, "=", 2)
+ if len(splitUnified) < 2 {
+ return errors.Errorf("--cgroup-conf must be formatted KEY=VALUE")
+ }
+ unifieds[splitUnified[0]] = splitUnified[1]
+ }
+ if len(unifieds) > 0 {
+ s.ResourceLimits.Unified = unifieds
+ }
+
+ if s.ResourceLimits.CPU == nil && s.ResourceLimits.Pids == nil && s.ResourceLimits.BlockIO == nil && s.ResourceLimits.Memory == nil && s.ResourceLimits.Unified == nil {
s.ResourceLimits = nil
}
diff --git a/cmd/podman/common/volumes.go b/cmd/podman/common/volumes.go
index 20c31bd81..ca0b10765 100644
--- a/cmd/podman/common/volumes.go
+++ b/cmd/podman/common/volumes.go
@@ -88,17 +88,11 @@ func parseVolumes(volumeFlag, mountFlag, tmpfsFlag []string, addReadOnlyTmpfs bo
if _, ok := unifiedVolumes[dest]; ok {
continue
}
- localOpts := options
- if dest == "/run" {
- localOpts = append(localOpts, "noexec", "size=65536k")
- } else {
- localOpts = append(localOpts, "exec")
- }
unifiedMounts[dest] = spec.Mount{
Destination: dest,
Type: TypeTmpfs,
Source: "tmpfs",
- Options: localOpts,
+ Options: options,
}
}
}
diff --git a/cmd/podman/containers/create.go b/cmd/podman/containers/create.go
index 6eec93f98..801547033 100644
--- a/cmd/podman/containers/create.go
+++ b/cmd/podman/containers/create.go
@@ -297,7 +297,12 @@ func createPodIfNecessary(s *specgen.SpecGenerator, netOpts *entities.NetOptions
Infra: true,
Net: netOpts,
CreateCommand: os.Args,
+ Hostname: s.ContainerBasicConfig.Hostname,
}
+ // Unset config values we passed to the pod to prevent them being used twice for the container and pod.
+ s.ContainerBasicConfig.Hostname = ""
+ s.ContainerNetworkConfig = specgen.ContainerNetworkConfig{}
+
s.Pod = podName
return registry.ContainerEngine().PodCreate(context.Background(), createOptions)
}
diff --git a/cmd/podman/early_init_linux.go b/cmd/podman/early_init_linux.go
index e2893ff69..4e232a0b0 100644
--- a/cmd/podman/early_init_linux.go
+++ b/cmd/podman/early_init_linux.go
@@ -32,7 +32,7 @@ func setUMask() {
func earlyInitHook() {
if err := setRLimits(); err != nil {
- fmt.Fprint(os.Stderr, "Failed to set rlimits: "+err.Error())
+ fmt.Fprintf(os.Stderr, "Failed to set rlimits: %s\n", err.Error())
}
setUMask()
diff --git a/cmd/podman/root.go b/cmd/podman/root.go
index dd9c75ece..8f77e5893 100644
--- a/cmd/podman/root.go
+++ b/cmd/podman/root.go
@@ -111,6 +111,30 @@ func persistentPreRunE(cmd *cobra.Command, args []string) error {
cfg := registry.PodmanConfig()
+ // --connection is not as "special" as --remote so we can wait and process it here
+ var connErr error
+ conn := cmd.Root().LocalFlags().Lookup("connection")
+ if conn != nil && conn.Changed {
+ cfg.Engine.ActiveService = conn.Value.String()
+
+ var err error
+ cfg.URI, cfg.Identity, err = cfg.ActiveDestination()
+ if err != nil {
+ connErr = errors.Wrap(err, "failed to resolve active destination")
+ }
+
+ if err := cmd.Root().LocalFlags().Set("url", cfg.URI); err != nil {
+ connErr = errors.Wrap(err, "failed to override --url flag")
+ }
+
+ if err := cmd.Root().LocalFlags().Set("identity", cfg.Identity); err != nil {
+ connErr = errors.Wrap(err, "failed to override --identity flag")
+ }
+ }
+ if connErr != nil {
+ return connErr
+ }
+
// Prep the engines
if _, err := registry.NewImageEngine(cmd, args); err != nil {
return err
@@ -226,10 +250,11 @@ func loggingHook() {
func rootFlags(cmd *cobra.Command, opts *entities.PodmanConfig) {
cfg := opts.Config
- uri, ident := resolveDestination()
+ srv, uri, ident := resolveDestination()
lFlags := cmd.Flags()
lFlags.BoolVarP(&opts.Remote, "remote", "r", false, "Access remote Podman service (default false)")
+ lFlags.StringVarP(&opts.Engine.ActiveService, "connection", "c", srv, "Connection to use for remote Podman service")
lFlags.StringVar(&opts.URI, "url", uri, "URL to access Podman service (CONTAINER_HOST)")
lFlags.StringVar(&opts.Identity, "identity", ident, "path to SSH identity file, (CONTAINER_SSHKEY)")
@@ -279,24 +304,24 @@ func rootFlags(cmd *cobra.Command, opts *entities.PodmanConfig) {
}
}
-func resolveDestination() (string, string) {
+func resolveDestination() (string, string, string) {
if uri, found := os.LookupEnv("CONTAINER_HOST"); found {
var ident string
if v, found := os.LookupEnv("CONTAINER_SSHKEY"); found {
ident = v
}
- return uri, ident
+ return "", uri, ident
}
cfg, err := config.ReadCustomConfig()
if err != nil {
logrus.Warning(errors.Wrap(err, "unable to read local containers.conf"))
- return registry.DefaultAPIAddress(), ""
+ return "", registry.DefaultAPIAddress(), ""
}
uri, ident, err := cfg.ActiveDestination()
if err != nil {
- return registry.DefaultAPIAddress(), ""
+ return "", registry.DefaultAPIAddress(), ""
}
- return uri, ident
+ return cfg.Engine.ActiveService, uri, ident
}
diff --git a/cmd/podman/system/connection/add.go b/cmd/podman/system/connection/add.go
index af13b970c..8b9ab6dbb 100644
--- a/cmd/podman/system/connection/add.go
+++ b/cmd/podman/system/connection/add.go
@@ -95,7 +95,7 @@ func add(cmd *cobra.Command, args []string) error {
uri.Host = net.JoinHostPort(uri.Hostname(), cmd.Flag("port").DefValue)
}
- if uri.Path == "" {
+ if uri.Path == "" || uri.Path == "/" {
if uri.Path, err = getUDS(cmd, uri); err != nil {
return errors.Wrapf(err, "failed to connect to %q", uri.String())
}
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-01-22 07:52:44 +0000