diff options
Diffstat (limited to 'libpod')
| -rw-r--r-- | libpod/boltdb_state.go | 11 | ||||
| -rw-r--r-- | libpod/container_internal.go | 3 | ||||
| -rw-r--r-- | libpod/info.go | 13 |
3 files changed, 24 insertions, 3 deletions
diff --git a/libpod/boltdb_state.go b/libpod/boltdb_state.go index e43d54eee..0bb1df7b8 100644 --- a/libpod/boltdb_state.go +++ b/libpod/boltdb_state.go @@ -2,6 +2,7 @@ package libpod import ( "bytes" + "os" "strings" "sync" @@ -658,9 +659,13 @@ func (s *BoltState) UpdateContainer(ctr *Container) error { return err } - // Handle network namespace - if err := replaceNetNS(netNSPath, ctr, newState); err != nil { - return err + // Handle network namespace. + if os.Geteuid() == 0 { + // Do it only when root, either on the host or as root in the + // user namespace. + if err := replaceNetNS(netNSPath, ctr, newState); err != nil { + return err + } } // New state compiled successfully, swap it into the current state diff --git a/libpod/container_internal.go b/libpod/container_internal.go index a4dcd23be..ac921d737 100644 --- a/libpod/container_internal.go +++ b/libpod/container_internal.go @@ -939,6 +939,9 @@ func (c *Container) init(ctx context.Context, retainRetries bool) error { // With the spec complete, do an OCI create if err := c.ociRuntime.createContainer(c, nil); err != nil { + if strings.Contains(err.Error(), "this version of runc doesn't work on cgroups v2") { + logrus.Errorf("oci runtime %q does not support CGroups V2: use system migrate to mitigate", c.ociRuntime.name) + } return err } diff --git a/libpod/info.go b/libpod/info.go index 297086ebb..6caa87038 100644 --- a/libpod/info.go +++ b/libpod/info.go @@ -69,6 +69,18 @@ func (r *Runtime) hostInfo() (map[string]interface{}, error) { program["Package"] = packageVersion(path) info["slirp4netns"] = program } + uidmappings, err := rootless.ReadMappingsProc("/proc/self/uid_map") + if err != nil { + return nil, errors.Wrapf(err, "error reading uid mappings") + } + gidmappings, err := rootless.ReadMappingsProc("/proc/self/gid_map") + if err != nil { + return nil, errors.Wrapf(err, "error reading gid mappings") + } + idmappings := make(map[string]interface{}) + idmappings["uidmap"] = uidmappings + idmappings["gidmap"] = gidmappings + info["IDMappings"] = idmappings } info["OCIRuntime"] = map[string]interface{}{ "path": r.defaultOCIRuntime.path, @@ -128,6 +140,7 @@ func (r *Runtime) hostInfo() (map[string]interface{}, error) { } info["hostname"] = host info["eventlogger"] = r.eventer.String() + return info, nil } |