diff options
Diffstat (limited to 'pkg')
-rw-r--r-- | pkg/api/server/server.go | 49 | ||||
-rw-r--r-- | pkg/bindings/test/containers_test.go | 12 | ||||
-rw-r--r-- | pkg/rootless/rootless_linux.c | 51 | ||||
-rw-r--r-- | pkg/rootless/rootless_linux.go | 2 | ||||
-rw-r--r-- | pkg/spec/namespaces.go | 2 | ||||
-rw-r--r-- | pkg/specgen/namespaces.go | 2 |
6 files changed, 72 insertions, 46 deletions
diff --git a/pkg/api/server/server.go b/pkg/api/server/server.go index e7b2a5525..a5922e5d7 100644 --- a/pkg/api/server/server.go +++ b/pkg/api/server/server.go @@ -140,36 +140,31 @@ func newServer(runtime *libpod.Runtime, duration time.Duration, listener *net.Li func (s *APIServer) Serve() error { // stalker to count the connections. Should the timer expire it will shutdown the service. go func() { - for { - select { - case delta := <-s.ConnectionCh: - // Always stop the current timer, things will change... + for delta := range s.ConnectionCh { + switch delta { + case EnterHandler: s.Timer.Stop() - switch delta { - case EnterHandler: - s.ActiveConnections += 1 - s.TotalConnections += 1 - case ExitHandler: - s.ActiveConnections -= 1 - if s.ActiveConnections == 0 { - // Server will be shutdown iff the timer expires before being reset or stopped - s.Timer = time.AfterFunc(s.Duration, func() { - if err := s.Shutdown(); err != nil { - logrus.Errorf("Failed to shutdown APIServer: %v", err) - os.Exit(1) - } - }) - } else { - s.Timer.Reset(s.Duration) - } - case NOOPHandler: - // push the check out another duration... + s.ActiveConnections += 1 + s.TotalConnections += 1 + case ExitHandler: + s.Timer.Stop() + s.ActiveConnections -= 1 + if s.ActiveConnections == 0 { + // Server will be shutdown iff the timer expires before being reset or stopped + s.Timer = time.AfterFunc(s.Duration, func() { + if err := s.Shutdown(); err != nil { + logrus.Errorf("Failed to shutdown APIServer: %v", err) + os.Exit(1) + } + }) + } else { s.Timer.Reset(s.Duration) - default: - logrus.Errorf("ConnectionCh received unsupported input %d", delta) } + case NOOPHandler: + // push the check out another duration... + s.Timer.Reset(s.Duration) default: - time.Sleep(1 * time.Second) + logrus.Errorf("ConnectionCh received unsupported input %d", delta) } } }() @@ -212,7 +207,7 @@ func (s *APIServer) Shutdown() error { go func() { err := s.Server.Shutdown(ctx) - if err != nil && err != context.Canceled { + if err != nil && err != context.Canceled && err != http.ErrServerClosed { logrus.Errorf("Failed to cleanly shutdown APIServer: %s", err.Error()) } }() diff --git a/pkg/bindings/test/containers_test.go b/pkg/bindings/test/containers_test.go index f6ef4abec..6756e81c7 100644 --- a/pkg/bindings/test/containers_test.go +++ b/pkg/bindings/test/containers_test.go @@ -3,10 +3,12 @@ package test_bindings import ( "context" "net/http" + "strconv" "time" "github.com/containers/libpod/pkg/bindings" "github.com/containers/libpod/pkg/bindings/containers" + "github.com/containers/libpod/test/utils" . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" "github.com/onsi/gomega/gexec" @@ -175,6 +177,14 @@ var _ = Describe("Podman containers ", func() { }) It("podman remove a paused container by id with force", func() { + // FIXME: Skip on F31 and later + host := utils.GetHostDistributionInfo() + osVer, err := strconv.Atoi(host.Version) + Expect(err).To(BeNil()) + if host.Distribution == "fedora" && osVer >= 31 { + Skip("FIXME: https://github.com/containers/libpod/issues/5325") + } + // Removing a paused container with force should work var name = "top" bt.RunTopContainer(&name, &falseFlag, nil) @@ -225,7 +235,7 @@ var _ = Describe("Podman containers ", func() { Expect(data.State.Status).To(Equal("exited")) }) - It("podman stop a running container by ID)", func() { + It("podman stop a running container by ID", func() { // Stopping a running container by ID should work var name = "top" bt.RunTopContainer(&name, &falseFlag, nil) diff --git a/pkg/rootless/rootless_linux.c b/pkg/rootless/rootless_linux.c index 83f4f3254..db898e706 100644 --- a/pkg/rootless/rootless_linux.c +++ b/pkg/rootless/rootless_linux.c @@ -58,7 +58,7 @@ static const char *_max_user_namespaces = "/proc/sys/user/max_user_namespaces"; static const char *_unprivileged_user_namespaces = "/proc/sys/kernel/unprivileged_userns_clone"; static int open_files_max_fd; -fd_set open_files_set; +static fd_set *open_files_set; static uid_t rootless_uid_init; static gid_t rootless_gid_init; @@ -240,17 +240,39 @@ static void __attribute__((constructor)) init() if (d) { struct dirent *ent; + size_t size = 0; - FD_ZERO (&open_files_set); for (ent = readdir (d); ent; ent = readdir (d)) { - int fd = atoi (ent->d_name); - if (fd != dirfd (d)) + int fd; + + if (ent->d_name[0] == '.') + continue; + + fd = atoi (ent->d_name); + if (fd == dirfd (d)) + continue; + + if (fd >= size * FD_SETSIZE) { - if (fd > open_files_max_fd) - open_files_max_fd = fd; - FD_SET (fd, &open_files_set); + int i; + size_t new_size; + + new_size = (fd / FD_SETSIZE) + 1; + open_files_set = realloc (open_files_set, new_size * sizeof (fd_set)); + if (open_files_set == NULL) + _exit (EXIT_FAILURE); + + for (i = size; i < new_size; i++) + FD_ZERO (&(open_files_set[i])); + + size = new_size; } + + if (fd > open_files_max_fd) + open_files_max_fd = fd; + + FD_SET (fd % FD_SETSIZE, &(open_files_set[fd / FD_SETSIZE])); } closedir (d); } @@ -553,10 +575,8 @@ reexec_userns_join (int userns, int mountns, char *pause_pid_file_path) /* We passed down these fds, close them. */ int f; for (f = 3; f < open_files_max_fd; f++) - { - if (FD_ISSET (f, &open_files_set)) - close (f); - } + if (open_files_set == NULL || FD_ISSET (f % FD_SETSIZE, &(open_files_set[f / FD_SETSIZE]))) + close (f); return pid; } @@ -747,10 +767,11 @@ reexec_in_user_namespace (int ready, char *pause_pid_file_path, char *file_to_re num_fds = strtol (listen_fds, NULL, 10); if (num_fds != LONG_MIN && num_fds != LONG_MAX) { - long i; - for (i = 3; i < num_fds + 3; i++) - if (FD_ISSET (i, &open_files_set)) - close (i); + int f; + + for (f = 3; f < num_fds + 3; f++) + if (open_files_set == NULL || FD_ISSET (f % FD_SETSIZE, &(open_files_set[f / FD_SETSIZE]))) + close (f); } unsetenv ("LISTEN_PID"); unsetenv ("LISTEN_FDS"); diff --git a/pkg/rootless/rootless_linux.go b/pkg/rootless/rootless_linux.go index f71d55776..5ddfab7ad 100644 --- a/pkg/rootless/rootless_linux.go +++ b/pkg/rootless/rootless_linux.go @@ -510,7 +510,7 @@ func TryJoinFromFilePaths(pausePidPath string, needNewNamespace bool, paths []st } } } - if !foundProcess { + if !foundProcess && pausePidPath != "" { return BecomeRootInUserNS(pausePidPath) } if lastErr != nil { diff --git a/pkg/spec/namespaces.go b/pkg/spec/namespaces.go index 1f98e6e25..838d95c54 100644 --- a/pkg/spec/namespaces.go +++ b/pkg/spec/namespaces.go @@ -422,7 +422,7 @@ func (c *UtsConfig) ConfigureGenerator(g *generate.Generator, net *NetworkConfig if hostname == "" { switch { case utsCtrID != "": - utsCtr, err := runtime.GetContainer(utsCtrID) + utsCtr, err := runtime.LookupContainer(utsCtrID) if err != nil { return errors.Wrapf(err, "unable to retrieve hostname from dependency container %s", utsCtrID) } diff --git a/pkg/specgen/namespaces.go b/pkg/specgen/namespaces.go index 025cb31e0..17b180cde 100644 --- a/pkg/specgen/namespaces.go +++ b/pkg/specgen/namespaces.go @@ -276,7 +276,7 @@ func (s *SpecGenerator) utsConfigureGenerator(g *generate.Generator, runtime *li if hostname == "" { switch { case s.UtsNS.IsContainer(): - utsCtr, err := runtime.GetContainer(s.UtsNS.Value) + utsCtr, err := runtime.LookupContainer(s.UtsNS.Value) if err != nil { return errors.Wrapf(err, "unable to retrieve hostname from dependency container %s", s.UtsNS.Value) } |