diff options
Diffstat (limited to 'libpod')
-rw-r--r-- | libpod/filters/containers.go | 239 | ||||
-rw-r--r-- | libpod/filters/helpers.go | 20 | ||||
-rw-r--r-- | libpod/filters/pods.go | 139 | ||||
-rw-r--r-- | libpod/networking_linux.go | 5 | ||||
-rw-r--r-- | libpod/util.go | 9 |
5 files changed, 11 insertions, 401 deletions
diff --git a/libpod/filters/containers.go b/libpod/filters/containers.go deleted file mode 100644 index 505429de6..000000000 --- a/libpod/filters/containers.go +++ /dev/null @@ -1,239 +0,0 @@ -package lpfilters - -import ( - "strconv" - "strings" - "time" - - "github.com/containers/podman/v2/libpod" - "github.com/containers/podman/v2/libpod/define" - "github.com/containers/podman/v2/pkg/timetype" - "github.com/containers/podman/v2/pkg/util" - "github.com/pkg/errors" -) - -// GenerateContainerFilterFuncs return ContainerFilter functions based of filter. -func GenerateContainerFilterFuncs(filter string, filterValues []string, r *libpod.Runtime) (func(container *libpod.Container) bool, error) { - switch filter { - case "id": - // we only have to match one ID - return func(c *libpod.Container) bool { - return util.StringMatchRegexSlice(c.ID(), filterValues) - }, nil - case "label": - // we have to match that all given labels exits on that container - return func(c *libpod.Container) bool { - labels := c.Labels() - for _, filterValue := range filterValues { - matched := false - filterArray := strings.SplitN(filterValue, "=", 2) - filterKey := filterArray[0] - if len(filterArray) > 1 { - filterValue = filterArray[1] - } else { - filterValue = "" - } - for labelKey, labelValue := range labels { - if labelKey == filterKey && ("" == filterValue || labelValue == filterValue) { - matched = true - break - } - } - if !matched { - return false - } - } - return true - }, nil - case "name": - // we only have to match one name - return func(c *libpod.Container) bool { - return util.StringMatchRegexSlice(c.Name(), filterValues) - }, nil - case "exited": - var exitCodes []int32 - for _, exitCode := range filterValues { - ec, err := strconv.ParseInt(exitCode, 10, 32) - if err != nil { - return nil, errors.Wrapf(err, "exited code out of range %q", ec) - } - exitCodes = append(exitCodes, int32(ec)) - } - return func(c *libpod.Container) bool { - ec, exited, err := c.ExitCode() - if err == nil && exited { - for _, exitCode := range exitCodes { - if ec == exitCode { - return true - } - } - } - return false - }, nil - case "status": - for _, filterValue := range filterValues { - if !util.StringInSlice(filterValue, []string{"created", "running", "paused", "stopped", "exited", "unknown"}) { - return nil, errors.Errorf("%s is not a valid status", filterValue) - } - } - return func(c *libpod.Container) bool { - status, err := c.State() - if err != nil { - return false - } - state := status.String() - if status == define.ContainerStateConfigured { - state = "created" - } else if status == define.ContainerStateStopped { - state = "exited" - } - for _, filterValue := range filterValues { - if filterValue == "stopped" { - filterValue = "exited" - } - if state == filterValue { - return true - } - } - return false - }, nil - case "ancestor": - // This needs to refine to match docker - // - ancestor=(<image-name>[:tag]|<image-id>| ⟨image@digest⟩) - containers created from an image or a descendant. - return func(c *libpod.Container) bool { - for _, filterValue := range filterValues { - containerConfig := c.Config() - if strings.Contains(containerConfig.RootfsImageID, filterValue) || strings.Contains(containerConfig.RootfsImageName, filterValue) { - return true - } - } - return false - }, nil - case "before": - var createTime time.Time - for _, filterValue := range filterValues { - ctr, err := r.LookupContainer(filterValue) - if err != nil { - return nil, err - } - containerConfig := ctr.Config() - if createTime.IsZero() || createTime.After(containerConfig.CreatedTime) { - createTime = containerConfig.CreatedTime - } - } - return func(c *libpod.Container) bool { - cc := c.Config() - return createTime.After(cc.CreatedTime) - }, nil - case "since": - var createTime time.Time - for _, filterValue := range filterValues { - ctr, err := r.LookupContainer(filterValue) - if err != nil { - return nil, err - } - containerConfig := ctr.Config() - if createTime.IsZero() || createTime.After(containerConfig.CreatedTime) { - createTime = containerConfig.CreatedTime - } - } - return func(c *libpod.Container) bool { - cc := c.Config() - return createTime.Before(cc.CreatedTime) - }, nil - case "volume": - //- volume=(<volume-name>|<mount-point-destination>) - return func(c *libpod.Container) bool { - containerConfig := c.Config() - var dest string - for _, filterValue := range filterValues { - arr := strings.SplitN(filterValue, ":", 2) - source := arr[0] - if len(arr) == 2 { - dest = arr[1] - } - for _, mount := range containerConfig.Spec.Mounts { - if dest != "" && (mount.Source == source && mount.Destination == dest) { - return true - } - if dest == "" && mount.Source == source { - return true - } - } - for _, vname := range containerConfig.NamedVolumes { - if dest != "" && (vname.Name == source && vname.Dest == dest) { - return true - } - if dest == "" && vname.Name == source { - return true - } - } - } - return false - }, nil - case "health": - return func(c *libpod.Container) bool { - hcStatus, err := c.HealthCheckStatus() - if err != nil { - return false - } - for _, filterValue := range filterValues { - if hcStatus == filterValue { - return true - } - } - return false - }, nil - case "until": - if len(filterValues) != 1 { - return nil, errors.Errorf("specify exactly one timestamp for %s", filter) - } - ts, err := timetype.GetTimestamp(filterValues[0], time.Now()) - if err != nil { - return nil, err - } - seconds, nanoseconds, err := timetype.ParseTimestamps(ts, 0) - if err != nil { - return nil, err - } - until := time.Unix(seconds, nanoseconds) - return func(c *libpod.Container) bool { - if !until.IsZero() && c.CreatedTime().After((until)) { - return true - } - return false - }, nil - case "pod": - var pods []*libpod.Pod - for _, podNameOrID := range filterValues { - p, err := r.LookupPod(podNameOrID) - if err != nil { - if errors.Cause(err) == define.ErrNoSuchPod { - continue - } - return nil, err - } - pods = append(pods, p) - } - return func(c *libpod.Container) bool { - // if no pods match, quick out - if len(pods) < 1 { - return false - } - // if the container has no pod id, quick out - if len(c.PodID()) < 1 { - return false - } - for _, p := range pods { - // we already looked up by name or id, so id match - // here is ok - if p.ID() == c.PodID() { - return true - } - } - return false - }, nil - - } - return nil, errors.Errorf("%s is an invalid filter", filter) -} diff --git a/libpod/filters/helpers.go b/libpod/filters/helpers.go deleted file mode 100644 index 859db3a9a..000000000 --- a/libpod/filters/helpers.go +++ /dev/null @@ -1,20 +0,0 @@ -package lpfilters - -import ( - "net/url" - "strings" - - "github.com/pkg/errors" -) - -func ParseFilterArgumentsIntoFilters(filters []string) (url.Values, error) { - parsedFilters := make(url.Values) - for _, f := range filters { - t := strings.SplitN(f, "=", 2) - if len(t) < 2 { - return parsedFilters, errors.Errorf("filter input must be in the form of filter=value: %s is invalid", f) - } - parsedFilters.Add(t[0], t[1]) - } - return parsedFilters, nil -} diff --git a/libpod/filters/pods.go b/libpod/filters/pods.go deleted file mode 100644 index 17b3f3ca9..000000000 --- a/libpod/filters/pods.go +++ /dev/null @@ -1,139 +0,0 @@ -package lpfilters - -import ( - "strconv" - "strings" - - "github.com/containers/podman/v2/libpod" - "github.com/containers/podman/v2/libpod/define" - "github.com/containers/podman/v2/pkg/util" - "github.com/pkg/errors" -) - -// GeneratePodFilterFunc takes a filter and filtervalue (key, value) -// and generates a libpod function that can be used to filter -// pods -func GeneratePodFilterFunc(filter string, filterValues []string) ( - func(pod *libpod.Pod) bool, error) { - switch filter { - case "ctr-ids": - return func(p *libpod.Pod) bool { - ctrIds, err := p.AllContainersByID() - if err != nil { - return false - } - for _, id := range ctrIds { - return util.StringMatchRegexSlice(id, filterValues) - } - return false - }, nil - case "ctr-names": - return func(p *libpod.Pod) bool { - ctrs, err := p.AllContainers() - if err != nil { - return false - } - for _, ctr := range ctrs { - return util.StringMatchRegexSlice(ctr.Name(), filterValues) - } - return false - }, nil - case "ctr-number": - return func(p *libpod.Pod) bool { - ctrIds, err := p.AllContainersByID() - if err != nil { - return false - } - for _, filterValue := range filterValues { - fVint, err2 := strconv.Atoi(filterValue) - if err2 != nil { - return false - } - if len(ctrIds) == fVint { - return true - } - } - return false - }, nil - case "ctr-status": - for _, filterValue := range filterValues { - if !util.StringInSlice(filterValue, []string{"created", "running", "paused", "stopped", "exited", "unknown"}) { - return nil, errors.Errorf("%s is not a valid status", filterValue) - } - } - return func(p *libpod.Pod) bool { - ctrStatuses, err := p.Status() - if err != nil { - return false - } - for _, ctrStatus := range ctrStatuses { - state := ctrStatus.String() - if ctrStatus == define.ContainerStateConfigured { - state = "created" - } else if ctrStatus == define.ContainerStateStopped { - state = "exited" - } - for _, filterValue := range filterValues { - if filterValue == "stopped" { - filterValue = "exited" - } - if state == filterValue { - return true - } - } - } - return false - }, nil - case "id": - return func(p *libpod.Pod) bool { - return util.StringMatchRegexSlice(p.ID(), filterValues) - }, nil - case "name": - return func(p *libpod.Pod) bool { - return util.StringMatchRegexSlice(p.Name(), filterValues) - }, nil - case "status": - for _, filterValue := range filterValues { - if !util.StringInSlice(filterValue, []string{"stopped", "running", "paused", "exited", "dead", "created", "degraded"}) { - return nil, errors.Errorf("%s is not a valid pod status", filterValue) - } - } - return func(p *libpod.Pod) bool { - status, err := p.GetPodStatus() - if err != nil { - return false - } - for _, filterValue := range filterValues { - if strings.ToLower(status) == filterValue { - return true - } - } - return false - }, nil - case "label": - return func(p *libpod.Pod) bool { - labels := p.Labels() - for _, filterValue := range filterValues { - matched := false - filterArray := strings.SplitN(filterValue, "=", 2) - filterKey := filterArray[0] - if len(filterArray) > 1 { - filterValue = filterArray[1] - } else { - filterValue = "" - } - for labelKey, labelValue := range labels { - if labelKey == filterKey && ("" == filterValue || labelValue == filterValue) { - matched = true - break - } - } - if !matched { - return false - } - } - return true - }, nil - } - return nil, errors.Errorf("%s is an invalid filter", filter) -} diff --git a/libpod/networking_linux.go b/libpod/networking_linux.go index 863e82efd..be6867399 100644 --- a/libpod/networking_linux.go +++ b/libpod/networking_linux.go @@ -247,6 +247,7 @@ func (r *Runtime) setupRootlessNetNS(ctr *Container) error { func (r *Runtime) setupSlirp4netns(ctr *Container) error { path := r.config.Engine.NetworkCmdPath slirpOptions := r.config.Engine.NetworkCmdOptions + noPivotRoot := r.config.Engine.NoPivotRoot if path == "" { var err error path, err = exec.LookPath("slirp4netns") @@ -351,7 +352,7 @@ func (r *Runtime) setupSlirp4netns(ctr *Container) error { if slirpFeatures.HasMTU { cmdArgs = append(cmdArgs, "--mtu", "65520") } - if slirpFeatures.HasEnableSandbox { + if !noPivotRoot && slirpFeatures.HasEnableSandbox { cmdArgs = append(cmdArgs, "--enable-sandbox") } if slirpFeatures.HasEnableSeccomp { @@ -424,7 +425,7 @@ func (r *Runtime) setupSlirp4netns(ctr *Container) error { } // workaround for https://github.com/rootless-containers/slirp4netns/pull/153 - if slirpFeatures.HasEnableSandbox { + if !noPivotRoot && slirpFeatures.HasEnableSandbox { cmd.SysProcAttr.Cloneflags = syscall.CLONE_NEWNS cmd.SysProcAttr.Unshareflags = syscall.CLONE_NEWNS } diff --git a/libpod/util.go b/libpod/util.go index 8faf665e7..bf9bf2542 100644 --- a/libpod/util.go +++ b/libpod/util.go @@ -153,6 +153,10 @@ func queryPackageVersion(cmdArg ...string) string { return strings.Trim(output, "\n") } +func equeryVersion(path string) string { + return queryPackageVersion("/usr/bin/equery", "b", path) +} + func pacmanVersion(path string) string { return queryPackageVersion("/usr/bin/pacman", "-Qo", path) } @@ -172,7 +176,10 @@ func packageVersion(program string) string { if out := dpkgVersion(program); out != unknownPackage { return out } - return pacmanVersion(program) + if out := pacmanVersion(program); out != unknownPackage { + return out + } + return equeryVersion(program) } func programVersion(mountProgram string) (string, error) { |