diff options
Diffstat (limited to 'pkg/machine/qemu')
| -rw-r--r-- | pkg/machine/qemu/config.go | 8 | ||||
| -rw-r--r-- | pkg/machine/qemu/machine.go | 62 |
2 files changed, 44 insertions, 26 deletions
diff --git a/pkg/machine/qemu/config.go b/pkg/machine/qemu/config.go index 840bd5c59..9473eef6f 100644 --- a/pkg/machine/qemu/config.go +++ b/pkg/machine/qemu/config.go @@ -57,8 +57,8 @@ type MachineVMV1 struct { QMPMonitor Monitorv1 // RemoteUsername of the vm user RemoteUsername string - // Whether this machine should run in a rootfull or rootless manner - Rootfull bool + // Whether this machine should run in a rootful or rootless manner + Rootful bool // UID is the numerical id of the user that called machine UID int } @@ -105,8 +105,8 @@ type ImageConfig struct { // HostUser describes the host user type HostUser struct { - // Whether this machine should run in a rootfull or rootless manner - Rootfull bool + // Whether this machine should run in a rootful or rootless manner + Rootful bool // UID is the numerical id of the user that called machine UID int } diff --git a/pkg/machine/qemu/machine.go b/pkg/machine/qemu/machine.go index c54d18a4b..969acb760 100644 --- a/pkg/machine/qemu/machine.go +++ b/pkg/machine/qemu/machine.go @@ -76,7 +76,6 @@ func (p *Provider) NewMachine(opts machine.InitOptions) (machine.VM, error) { return nil, err } vm.IgnitionFilePath = *ignitionFile - imagePath, err := NewMachineFile(opts.ImagePath, nil) if err != nil { return nil, err @@ -206,7 +205,7 @@ func migrateVM(configPath string, config []byte, vm *MachineVM) error { vm.QMPMonitor = qmpMonitor vm.ReadySocket = readySocket vm.RemoteUsername = old.RemoteUsername - vm.Rootfull = old.Rootfull + vm.Rootful = old.Rootful vm.UID = old.UID // Backup the original config file @@ -260,7 +259,7 @@ func (v *MachineVM) Init(opts machine.InitOptions) (bool, error) { ) sshDir := filepath.Join(homedir.Get(), ".ssh") v.IdentityPath = filepath.Join(sshDir, v.Name) - v.Rootfull = opts.Rootfull + v.Rootful = opts.Rootful switch opts.ImagePath { case Testing, Next, Stable, "": @@ -358,8 +357,8 @@ func (v *MachineVM) Init(opts machine.InitOptions) (bool, error) { names := []string{v.Name, v.Name + "-root"} // The first connection defined when connections is empty will become the default - // regardless of IsDefault, so order according to rootfull - if opts.Rootfull { + // regardless of IsDefault, so order according to rootful + if opts.Rootful { uris[0], names[0], uris[1], names[1] = uris[1], names[1], uris[0], names[0] } @@ -375,7 +374,6 @@ func (v *MachineVM) Init(opts machine.InitOptions) (bool, error) { if err := v.writeConfig(); err != nil { return false, fmt.Errorf("writing JSON file: %w", err) } - // User has provided ignition file so keygen // will be skipped. if len(opts.IgnitionPath) < 1 { @@ -389,7 +387,6 @@ func (v *MachineVM) Init(opts machine.InitOptions) (bool, error) { if err := v.prepare(); err != nil { return false, err } - originalDiskSize, err := getDiskSize(v.getImageFile()) if err != nil { return false, err @@ -437,7 +434,7 @@ func (v *MachineVM) Init(opts machine.InitOptions) (bool, error) { } func (v *MachineVM) Set(_ string, opts machine.SetOptions) error { - if v.Rootfull == opts.Rootfull { + if v.Rootful == opts.Rootful { return nil } @@ -461,7 +458,7 @@ func (v *MachineVM) Set(_ string, opts machine.SetOptions) error { if changeCon { newDefault := v.Name - if opts.Rootfull { + if opts.Rootful { newDefault += "-root" } if err := machine.ChangeDefault(newDefault); err != nil { @@ -469,7 +466,7 @@ func (v *MachineVM) Set(_ string, opts machine.SetOptions) error { } } - v.Rootfull = opts.Rootfull + v.Rootful = opts.Rootful return v.writeConfig() } @@ -528,17 +525,28 @@ func (v *MachineVM) Start(name string, _ machine.StartOptions) error { time.Sleep(wait) wait++ } + defer qemuSocketConn.Close() if err != nil { return err } - fd, err := qemuSocketConn.(*net.UnixConn).File() if err != nil { return err } + defer fd.Close() + dnr, err := os.OpenFile("/dev/null", os.O_RDONLY, 0755) + if err != nil { + return err + } + defer dnr.Close() + dnw, err := os.OpenFile("/dev/null", os.O_WRONLY, 0755) + if err != nil { + return err + } + defer dnw.Close() attr := new(os.ProcAttr) - files := []*os.File{os.Stdin, os.Stdout, os.Stderr, fd} + files := []*os.File{dnr, dnw, dnw, fd} attr.Files = files logrus.Debug(v.CmdLine) cmd := v.CmdLine @@ -566,7 +574,7 @@ func (v *MachineVM) Start(name string, _ machine.StartOptions) error { } _, err = os.StartProcess(cmd[0], cmd, attr) if err != nil { - return err + return errors.Wrapf(err, "unable to execute %q", cmd) } } fmt.Println("Waiting for VM ...") @@ -589,11 +597,11 @@ func (v *MachineVM) Start(name string, _ machine.StartOptions) error { if err != nil { return err } + defer conn.Close() _, err = bufio.NewReader(conn).ReadString('\n') if err != nil { return err } - if len(v.Mounts) > 0 { state, err := v.State(true) if err != nil { @@ -944,7 +952,7 @@ func (v *MachineVM) SSH(_ string, opts machine.SSHOptions) error { sshDestination := username + "@localhost" port := strconv.Itoa(v.Port) - args := []string{"-i", v.IdentityPath, "-p", port, sshDestination, "-o", "UserKnownHostsFile /dev/null", "-o", "StrictHostKeyChecking no"} + args := []string{"-i", v.IdentityPath, "-p", port, sshDestination, "-o", "UserKnownHostsFile=/dev/null", "-o", "StrictHostKeyChecking=no"} if len(opts.Args) > 0 { args = append(args, opts.Args...) } else { @@ -1120,9 +1128,19 @@ func (v *MachineVM) startHostNetworking() (string, apiForwardingState, error) { } attr := new(os.ProcAttr) - // Pass on stdin, stdout, stderr - files := []*os.File{os.Stdin, os.Stdout, os.Stderr} - attr.Files = files + dnr, err := os.OpenFile("/dev/null", os.O_RDONLY, 0755) + if err != nil { + return "", noForwarding, err + } + dnw, err := os.OpenFile("/dev/null", os.O_WRONLY, 0755) + if err != nil { + return "", noForwarding, err + } + + defer dnr.Close() + defer dnw.Close() + + attr.Files = []*os.File{dnr, dnw, dnw} cmd := []string{binary} cmd = append(cmd, []string{"-listen-qemu", fmt.Sprintf("unix://%s", v.QMPMonitor.Address.GetPath()), "-pid-file", v.PidFilePath.GetPath()}...) // Add the ssh port @@ -1139,7 +1157,7 @@ func (v *MachineVM) startHostNetworking() (string, apiForwardingState, error) { fmt.Println(cmd) } _, err = os.StartProcess(cmd[0], cmd, attr) - return forwardSock, state, err + return forwardSock, state, errors.Wrapf(err, "unable to execute: %q", cmd) } func (v *MachineVM) setupAPIForwarding(cmd []string) ([]string, string, apiForwardingState) { @@ -1152,7 +1170,7 @@ func (v *MachineVM) setupAPIForwarding(cmd []string) ([]string, string, apiForwa destSock := fmt.Sprintf("/run/user/%d/podman/podman.sock", v.UID) forwardUser := "core" - if v.Rootfull { + if v.Rootful { destSock = "/run/podman/podman.sock" forwardUser = "root" } @@ -1358,11 +1376,11 @@ func (v *MachineVM) waitAPIAndPrintInfo(forwardState apiForwardingState, forward } waitAndPingAPI(forwardSock) - if !v.Rootfull { + if !v.Rootful { fmt.Printf("\nThis machine is currently configured in rootless mode. If your containers\n") fmt.Printf("require root permissions (e.g. ports < 1024), or if you run into compatibility\n") fmt.Printf("issues with non-podman clients, you can switch using the following command: \n") - fmt.Printf("\n\tpodman machine set --rootfull%s\n\n", suffix) + fmt.Printf("\n\tpodman machine set --rootful%s\n\n", suffix) } fmt.Printf("API forwarding listening on: %s\n", forwardSock) |