diff options
Diffstat (limited to 'pkg')
| -rw-r--r-- | pkg/api/handlers/libpod/containers.go | 17 | ||||
| -rw-r--r-- | pkg/bindings/containers/containers.go | 2 | ||||
| -rw-r--r-- | pkg/domain/entities/containers.go | 1 | ||||
| -rw-r--r-- | pkg/specgen/container_validate.go | 4 | ||||
| -rw-r--r-- | pkg/specgen/generate/container_create.go | 4 | ||||
| -rw-r--r-- | pkg/specgen/specgen.go | 6 |
6 files changed, 27 insertions, 7 deletions
diff --git a/pkg/api/handlers/libpod/containers.go b/pkg/api/handlers/libpod/containers.go index 2556cdc2a..506286736 100644 --- a/pkg/api/handlers/libpod/containers.go +++ b/pkg/api/handlers/libpod/containers.go @@ -14,6 +14,7 @@ import ( "github.com/containers/libpod/pkg/ps" "github.com/gorilla/schema" "github.com/pkg/errors" + "github.com/sirupsen/logrus" ) func ContainerExists(w http.ResponseWriter, r *http.Request) { @@ -36,7 +37,8 @@ func ListContainers(w http.ResponseWriter, r *http.Request) { query := struct { All bool `schema:"all"` Filters map[string][]string `schema:"filters"` - Last int `schema:"last"` + Last int `schema:"last"` // alias for limit + Limit int `schema:"limit"` Namespace bool `schema:"namespace"` Pod bool `schema:"pod"` Size bool `schema:"size"` @@ -50,11 +52,22 @@ func ListContainers(w http.ResponseWriter, r *http.Request) { errors.Wrapf(err, "Failed to parse parameters for %s", r.URL.String())) return } + + limit := query.Limit + // Support `last` as an alias for `limit`. While Podman uses --last in + // the CLI, the API is using `limit`. As we first used `last` in the + // API as well, we decided to go with aliasing to prevent any + // regression. See github.com/containers/libpod/issues/6413. + if _, found := r.URL.Query()["last"]; found { + logrus.Info("List containers: received `last` parameter - overwriting `limit`") + limit = query.Last + } + runtime := r.Context().Value("runtime").(*libpod.Runtime) opts := entities.ContainerListOptions{ All: query.All, Filters: query.Filters, - Last: query.Last, + Last: limit, Size: query.Size, Sort: "", Namespace: query.Namespace, diff --git a/pkg/bindings/containers/containers.go b/pkg/bindings/containers/containers.go index 929b6bbd5..8c588bb40 100644 --- a/pkg/bindings/containers/containers.go +++ b/pkg/bindings/containers/containers.go @@ -35,7 +35,7 @@ func List(ctx context.Context, filters map[string][]string, all *bool, last *int params.Set("all", strconv.FormatBool(*all)) } if last != nil { - params.Set("last", strconv.Itoa(*last)) + params.Set("limit", strconv.Itoa(*last)) } if pod != nil { params.Set("pod", strconv.FormatBool(*pod)) diff --git a/pkg/domain/entities/containers.go b/pkg/domain/entities/containers.go index b4d8e6c29..9ea572293 100644 --- a/pkg/domain/entities/containers.go +++ b/pkg/domain/entities/containers.go @@ -294,6 +294,7 @@ type ContainerRunOptions struct { ErrorStream *os.File InputStream *os.File OutputStream *os.File + PreserveFDs uint Rm bool SigProxy bool Spec *specgen.SpecGenerator diff --git a/pkg/specgen/container_validate.go b/pkg/specgen/container_validate.go index 45179343b..33bacecaf 100644 --- a/pkg/specgen/container_validate.go +++ b/pkg/specgen/container_validate.go @@ -61,10 +61,6 @@ func (s *SpecGenerator) Validate() error { // // ContainerSecurityConfig // - // groups and privileged are exclusive - if len(s.Groups) > 0 && s.Privileged { - return exclusiveOptions("Groups", "privileged") - } // capadd and privileged are exclusive if len(s.CapAdd) > 0 && s.Privileged { return exclusiveOptions("CapAdd", "privileged") diff --git a/pkg/specgen/generate/container_create.go b/pkg/specgen/generate/container_create.go index 2f7100e7e..ea6f938a8 100644 --- a/pkg/specgen/generate/container_create.go +++ b/pkg/specgen/generate/container_create.go @@ -104,6 +104,10 @@ func MakeContainer(ctx context.Context, rt *libpod.Runtime, s *specgen.SpecGener return nil, err } + if s.PreserveFDs > 0 { + options = append(options, libpod.WithPreserveFDs(s.PreserveFDs)) + } + opts, err := createContainerOptions(ctx, rt, s, pod, finalVolumes, newImage) if err != nil { return nil, err diff --git a/pkg/specgen/specgen.go b/pkg/specgen/specgen.go index bb01a5d14..46ff8c716 100644 --- a/pkg/specgen/specgen.go +++ b/pkg/specgen/specgen.go @@ -130,6 +130,11 @@ type ContainerBasicConfig struct { // Remove indicates if the container should be removed once it has been started // and exits Remove bool `json:"remove"` + // PreserveFDs is a number of additional file descriptors (in addition + // to 0, 1, 2) that will be passed to the executed process. The total FDs + // passed will be 3 + PreserveFDs. + // set tags as `json:"-"` for not supported remote + PreserveFDs uint `json:"-"` } // ContainerStorageConfig contains information on the storage configuration of a @@ -207,6 +212,7 @@ type ContainerSecurityConfig struct { // - Adds all devices on the system to the container. // - Adds all capabilities to the container. // - Disables Seccomp, SELinux, and Apparmor confinement. + // (Though SELinux can be manually re-enabled). // TODO: this conflicts with things. // TODO: this does more. Privileged bool `json:"privileged,omitempty"` |