diff options
Diffstat (limited to 'pkg')
| -rw-r--r-- | pkg/domain/infra/abi/play.go | 6 | ||||
| -rw-r--r-- | pkg/machine/pull.go | 4 | ||||
| -rw-r--r-- | pkg/machine/qemu/machine.go | 14 | ||||
| -rw-r--r-- | pkg/specgen/generate/oci.go | 6 |
4 files changed, 17 insertions, 13 deletions
diff --git a/pkg/domain/infra/abi/play.go b/pkg/domain/infra/abi/play.go index 4d8112c47..e72584207 100644 --- a/pkg/domain/infra/abi/play.go +++ b/pkg/domain/infra/abi/play.go @@ -28,7 +28,7 @@ import ( "github.com/ghodss/yaml" "github.com/pkg/errors" "github.com/sirupsen/logrus" - yamlv3 "gopkg.in/yaml.v3" + yamlv2 "gopkg.in/yaml.v2" v1apps "k8s.io/api/apps/v1" v1 "k8s.io/api/core/v1" ) @@ -655,7 +655,7 @@ func readConfigMapFromFile(r io.Reader) (v1.ConfigMap, error) { func splitMultiDocYAML(yamlContent []byte) ([][]byte, error) { var documentList [][]byte - d := yamlv3.NewDecoder(bytes.NewReader(yamlContent)) + d := yamlv2.NewDecoder(bytes.NewReader(yamlContent)) for { var o interface{} // read individual document @@ -669,7 +669,7 @@ func splitMultiDocYAML(yamlContent []byte) ([][]byte, error) { if o != nil { // back to bytes - document, err := yamlv3.Marshal(o) + document, err := yamlv2.Marshal(o) if err != nil { return nil, errors.Wrapf(err, "individual doc yaml could not be marshalled") } diff --git a/pkg/machine/pull.go b/pkg/machine/pull.go index 280b47f96..cf1e708b1 100644 --- a/pkg/machine/pull.go +++ b/pkg/machine/pull.go @@ -19,8 +19,8 @@ import ( "github.com/containers/storage/pkg/archive" "github.com/sirupsen/logrus" "github.com/ulikunitz/xz" - "github.com/vbauerster/mpb/v6" - "github.com/vbauerster/mpb/v6/decor" + "github.com/vbauerster/mpb/v7" + "github.com/vbauerster/mpb/v7/decor" ) // GenericDownload is used when a user provides a URL diff --git a/pkg/machine/qemu/machine.go b/pkg/machine/qemu/machine.go index 92d8d1854..3b4548c17 100644 --- a/pkg/machine/qemu/machine.go +++ b/pkg/machine/qemu/machine.go @@ -1104,16 +1104,15 @@ func waitAndPingAPI(sock string) { func waitAPIAndPrintInfo(forwardState apiForwardingState, forwardSock string, rootFul bool, name string) { if forwardState != noForwarding { + suffix := "" + if name != machine.DefaultMachineName { + suffix = " " + name + } waitAndPingAPI(forwardSock) if !rootFul { fmt.Printf("\nThis machine is currently configured in rootless mode. If your containers\n") fmt.Printf("require root permissions (e.g. ports < 1024), or if you run into compatibility\n") fmt.Printf("issues with non-podman clients, you can switch using the following command: \n") - - suffix := "" - if name != machine.DefaultMachineName { - suffix = " " + name - } fmt.Printf("\n\tpodman machine set --rootful%s\n\n", suffix) } @@ -1127,8 +1126,9 @@ func waitAPIAndPrintInfo(forwardState apiForwardingState, forwardSock string, ro fmt.Printf("\nThe system helper service is not installed; the default Docker API socket\n") fmt.Printf("address can't be used by podman. ") if helper := findClaimHelper(); len(helper) > 0 { - fmt.Printf("If you would like to install it run the\nfollowing command:\n") - fmt.Printf("\n\tsudo %s install\n\n", helper) + fmt.Printf("If you would like to install it run the\nfollowing commands:\n") + fmt.Printf("\n\tsudo %s install\n", helper) + fmt.Printf("\tpodman machine stop%s; podman machine start%s\n\n", suffix, suffix) } case machineLocal: fmt.Printf("\nAnother process was listening on the default Docker API socket address.\n") diff --git a/pkg/specgen/generate/oci.go b/pkg/specgen/generate/oci.go index 8b3550e36..1cc3a463f 100644 --- a/pkg/specgen/generate/oci.go +++ b/pkg/specgen/generate/oci.go @@ -332,6 +332,11 @@ func SpecGenToOCI(ctx context.Context, s *specgen.SpecGenerator, rt *libpod.Runt } // Devices + // set the default rule at the beginning of device configuration + if !inUserNS && !s.Privileged { + g.AddLinuxResourcesDevice(false, "", nil, nil, "rwm") + } + var userDevices []spec.LinuxDevice if s.Privileged { // If privileged, we need to add all the host devices to the @@ -363,7 +368,6 @@ func SpecGenToOCI(ctx context.Context, s *specgen.SpecGenerator, rt *libpod.Runt // set the devices cgroup when not running in a user namespace if !inUserNS && !s.Privileged { - g.AddLinuxResourcesDevice(false, "", nil, nil, "rwm") for _, dev := range s.DeviceCgroupRule { g.AddLinuxResourcesDevice(true, dev.Type, dev.Major, dev.Minor, dev.Access) } |