summaryrefslogtreecommitdiff
path: root/libpod
diff options
context:
space:
mode:
Diffstat (limited to 'libpod')
-rw-r--r--libpod/container_api.go5
-rw-r--r--libpod/image/pull.go25
-rw-r--r--libpod/oci.go12
-rw-r--r--libpod/oci_internal_linux.go16
-rw-r--r--libpod/oci_linux.go6
-rw-r--r--libpod/runtime.go6
-rw-r--r--libpod/runtime_pod_linux.go6
7 files changed, 52 insertions, 24 deletions
diff --git a/libpod/container_api.go b/libpod/container_api.go
index abcfcb271..9e59104cc 100644
--- a/libpod/container_api.go
+++ b/libpod/container_api.go
@@ -274,6 +274,11 @@ func (c *Container) Exec(tty, privileged bool, env, cmd []string, user, workDir
}
}()
+ // if the user is empty, we should inherit the user that the container is currently running with
+ if user == "" {
+ user = c.config.User
+ }
+
pid, attachChan, err := c.ociRuntime.execContainer(c, cmd, capList, env, tty, workDir, user, sessionID, streams, preserveFDs, resize, detachKeys)
if err != nil {
ec := define.ExecErrorCodeGeneric
diff --git a/libpod/image/pull.go b/libpod/image/pull.go
index 78cfe3626..dbf3a4ef5 100644
--- a/libpod/image/pull.go
+++ b/libpod/image/pull.go
@@ -13,6 +13,7 @@ import (
dockerarchive "github.com/containers/image/docker/archive"
"github.com/containers/image/docker/tarfile"
ociarchive "github.com/containers/image/oci/archive"
+ oci "github.com/containers/image/oci/layout"
is "github.com/containers/image/storage"
"github.com/containers/image/transports"
"github.com/containers/image/transports/alltransports"
@@ -37,6 +38,9 @@ var (
DirTransport = directory.Transport.Name()
// DockerTransport is the transport for docker registries
DockerTransport = docker.Transport.Name()
+ // OCIDirTransport is the transport for pushing and pulling
+ // images to and from a directory containing an OCI image
+ OCIDirTransport = oci.Transport.Name()
// AtomicTransport is the transport for atomic registries
AtomicTransport = "atomic"
// DefaultTransport is a prefix that we apply to an image name
@@ -189,12 +193,12 @@ func (ir *Runtime) pullGoalFromImageReference(ctx context.Context, srcRef types.
return ir.getSinglePullRefPairGoal(srcRef, dest)
case DirTransport:
- path := srcRef.StringWithinTransport()
- image := path
- if image[:1] == "/" {
- // Set localhost as the registry so docker.io isn't prepended, and the path becomes the repository
- image = DefaultLocalRegistry + image
- }
+ image := toLocalImageName(srcRef.StringWithinTransport())
+ return ir.getSinglePullRefPairGoal(srcRef, image)
+
+ case OCIDirTransport:
+ split := strings.SplitN(srcRef.StringWithinTransport(), ":", 2)
+ image := toLocalImageName(split[0])
return ir.getSinglePullRefPairGoal(srcRef, image)
default:
@@ -202,6 +206,15 @@ func (ir *Runtime) pullGoalFromImageReference(ctx context.Context, srcRef types.
}
}
+// toLocalImageName converts an image name into a 'localhost/' prefixed one
+func toLocalImageName(imageName string) string {
+ return fmt.Sprintf(
+ "%s/%s",
+ DefaultLocalRegistry,
+ strings.TrimLeft(imageName, "/"),
+ )
+}
+
// pullImageFromHeuristicSource pulls an image based on inputName, which is heuristically parsed and may involve configured registries.
// Use pullImageFromReference if the source is known precisely.
func (ir *Runtime) pullImageFromHeuristicSource(ctx context.Context, inputName string, writer io.Writer, authfile, signaturePolicyPath string, signingOptions SigningOptions, dockerOptions *DockerRegistryOptions, label *string) ([]string, error) {
diff --git a/libpod/oci.go b/libpod/oci.go
index 4ba3114e3..8a873ca5b 100644
--- a/libpod/oci.go
+++ b/libpod/oci.go
@@ -213,7 +213,7 @@ func bindPorts(ports []ocicni.PortMapping) ([]*os.File, error) {
func (r *OCIRuntime) updateContainerStatus(ctr *Container, useRuntime bool) error {
exitFile := ctr.exitFilePath()
- runtimeDir, err := util.GetRootlessRuntimeDir()
+ runtimeDir, err := util.GetRuntimeDir()
if err != nil {
return err
}
@@ -336,7 +336,7 @@ func (r *OCIRuntime) updateContainerStatus(ctr *Container, useRuntime bool) erro
// Sets time the container was started, but does not save it.
func (r *OCIRuntime) startContainer(ctr *Container) error {
// TODO: streams should probably *not* be our STDIN/OUT/ERR - redirect to buffers?
- runtimeDir, err := util.GetRootlessRuntimeDir()
+ runtimeDir, err := util.GetRuntimeDir()
if err != nil {
return err
}
@@ -356,7 +356,7 @@ func (r *OCIRuntime) startContainer(ctr *Container) error {
// killContainer sends the given signal to the given container
func (r *OCIRuntime) killContainer(ctr *Container, signal uint) error {
logrus.Debugf("Sending signal %d to container %s", signal, ctr.ID())
- runtimeDir, err := util.GetRootlessRuntimeDir()
+ runtimeDir, err := util.GetRuntimeDir()
if err != nil {
return err
}
@@ -370,7 +370,7 @@ func (r *OCIRuntime) killContainer(ctr *Container, signal uint) error {
// deleteContainer deletes a container from the OCI runtime
func (r *OCIRuntime) deleteContainer(ctr *Container) error {
- runtimeDir, err := util.GetRootlessRuntimeDir()
+ runtimeDir, err := util.GetRuntimeDir()
if err != nil {
return err
}
@@ -380,7 +380,7 @@ func (r *OCIRuntime) deleteContainer(ctr *Container) error {
// pauseContainer pauses the given container
func (r *OCIRuntime) pauseContainer(ctr *Container) error {
- runtimeDir, err := util.GetRootlessRuntimeDir()
+ runtimeDir, err := util.GetRuntimeDir()
if err != nil {
return err
}
@@ -390,7 +390,7 @@ func (r *OCIRuntime) pauseContainer(ctr *Container) error {
// unpauseContainer unpauses the given container
func (r *OCIRuntime) unpauseContainer(ctr *Container) error {
- runtimeDir, err := util.GetRootlessRuntimeDir()
+ runtimeDir, err := util.GetRuntimeDir()
if err != nil {
return err
}
diff --git a/libpod/oci_internal_linux.go b/libpod/oci_internal_linux.go
index 6e4ee2cf2..48b7370e0 100644
--- a/libpod/oci_internal_linux.go
+++ b/libpod/oci_internal_linux.go
@@ -36,7 +36,7 @@ import (
func (r *OCIRuntime) createOCIContainer(ctr *Container, restoreOptions *ContainerCheckpointOptions) (err error) {
var stderrBuf bytes.Buffer
- runtimeDir, err := util.GetRootlessRuntimeDir()
+ runtimeDir, err := util.GetRuntimeDir()
if err != nil {
return err
}
@@ -449,6 +449,15 @@ func readConmonPipeData(pipe *os.File, ociLog string) (int, error) {
select {
case ss := <-ch:
if ss.err != nil {
+ if ociLog != "" {
+ ociLogData, err := ioutil.ReadFile(ociLog)
+ if err == nil {
+ var ociErr ociError
+ if err := json.Unmarshal(ociLogData, &ociErr); err == nil {
+ return -1, getOCIRuntimeError(ociErr.Msg)
+ }
+ }
+ }
return -1, errors.Wrapf(ss.err, "error reading container (probably exited) json message")
}
logrus.Debugf("Received: %d", ss.si.Data)
@@ -476,10 +485,11 @@ func readConmonPipeData(pipe *os.File, ociLog string) (int, error) {
}
func getOCIRuntimeError(runtimeMsg string) error {
- if match, _ := regexp.MatchString(".*permission denied.*", runtimeMsg); match {
+ r := strings.ToLower(runtimeMsg)
+ if match, _ := regexp.MatchString(".*permission denied.*|.*operation not permitted.*", r); match {
return errors.Wrapf(define.ErrOCIRuntimePermissionDenied, "%s", strings.Trim(runtimeMsg, "\n"))
}
- if match, _ := regexp.MatchString(".*executable file not found in.*", runtimeMsg); match {
+ if match, _ := regexp.MatchString(".*executable file not found in.*|.*no such file or directory.*", r); match {
return errors.Wrapf(define.ErrOCIRuntimeNotFound, "%s", strings.Trim(runtimeMsg, "\n"))
}
return errors.Wrapf(define.ErrOCIRuntime, "%s", strings.Trim(runtimeMsg, "\n"))
diff --git a/libpod/oci_linux.go b/libpod/oci_linux.go
index 45365203e..1613c3e68 100644
--- a/libpod/oci_linux.go
+++ b/libpod/oci_linux.go
@@ -208,7 +208,7 @@ func (r *OCIRuntime) execContainer(c *Container, cmd, capAdd, env []string, tty
}
}()
- runtimeDir, err := util.GetRootlessRuntimeDir()
+ runtimeDir, err := util.GetRuntimeDir()
if err != nil {
return -1, nil, err
}
@@ -437,7 +437,7 @@ func (r *OCIRuntime) stopContainer(ctr *Container, timeout uint) error {
args = []string{"kill", "--all", ctr.ID(), "KILL"}
}
- runtimeDir, err := util.GetRootlessRuntimeDir()
+ runtimeDir, err := util.GetRuntimeDir()
if err != nil {
return err
}
@@ -487,7 +487,7 @@ func (r *OCIRuntime) execStopContainer(ctr *Container, timeout uint) error {
if len(execSessions) == 0 {
return nil
}
- runtimeDir, err := util.GetRootlessRuntimeDir()
+ runtimeDir, err := util.GetRuntimeDir()
if err != nil {
return err
}
diff --git a/libpod/runtime.go b/libpod/runtime.go
index ffc4c0cbc..4d6a80d0b 100644
--- a/libpod/runtime.go
+++ b/libpod/runtime.go
@@ -367,7 +367,7 @@ func SetXdgDirs() error {
if runtimeDir == "" {
var err error
- runtimeDir, err = util.GetRootlessRuntimeDir()
+ runtimeDir, err = util.GetRuntimeDir()
if err != nil {
return err
}
@@ -393,11 +393,11 @@ func getDefaultTmpDir() (string, error) {
return "/var/run/libpod", nil
}
- rootlessRuntimeDir, err := util.GetRootlessRuntimeDir()
+ runtimeDir, err := util.GetRuntimeDir()
if err != nil {
return "", err
}
- libpodRuntimeDir := filepath.Join(rootlessRuntimeDir, "libpod")
+ libpodRuntimeDir := filepath.Join(runtimeDir, "libpod")
if err := os.Mkdir(libpodRuntimeDir, 0700|os.ModeSticky); err != nil {
if !os.IsExist(err) {
diff --git a/libpod/runtime_pod_linux.go b/libpod/runtime_pod_linux.go
index 073c5054d..05866d05a 100644
--- a/libpod/runtime_pod_linux.go
+++ b/libpod/runtime_pod_linux.go
@@ -204,7 +204,7 @@ func (r *Runtime) removePod(ctx context.Context, p *Pod, removeCtrs, force bool)
// Get the conmon CGroup
conmonCgroupPath := filepath.Join(p.state.CgroupPath, "conmon")
conmonCgroup, err := cgroups.Load(conmonCgroupPath)
- if err != nil && err != cgroups.ErrCgroupDeleted {
+ if err != nil && err != cgroups.ErrCgroupDeleted && err != cgroups.ErrCgroupV1Rootless {
removalErr = errors.Wrapf(err, "error retrieving pod %s conmon cgroup %s", p.ID(), conmonCgroupPath)
}
@@ -266,7 +266,7 @@ func (r *Runtime) removePod(ctx context.Context, p *Pod, removeCtrs, force bool)
// hard - instead, just log errors.
conmonCgroupPath := filepath.Join(p.state.CgroupPath, "conmon")
conmonCgroup, err := cgroups.Load(conmonCgroupPath)
- if err != nil && err != cgroups.ErrCgroupDeleted {
+ if err != nil && err != cgroups.ErrCgroupDeleted && err != cgroups.ErrCgroupV1Rootless {
if removalErr == nil {
removalErr = errors.Wrapf(err, "error retrieving pod %s conmon cgroup", p.ID())
} else {
@@ -283,7 +283,7 @@ func (r *Runtime) removePod(ctx context.Context, p *Pod, removeCtrs, force bool)
}
}
cgroup, err := cgroups.Load(p.state.CgroupPath)
- if err != nil && err != cgroups.ErrCgroupDeleted {
+ if err != nil && err != cgroups.ErrCgroupDeleted && err != cgroups.ErrCgroupV1Rootless {
if removalErr == nil {
removalErr = errors.Wrapf(err, "error retrieving pod %s cgroup", p.ID())
} else {
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-12-30 20:54:59 +0000