From 8b09b07b19126c60876aaee6c1a4250a38cdd48c Mon Sep 17 00:00:00 2001 From: baude Date: Sun, 25 Aug 2019 14:02:33 -0500 Subject: clean up after remote build when performing an image build over a varlink connection, we should clean up tmp files that are a result of sending the file to the host and untarring it for the build. Fixes: #3869 Signed-off-by: baude --- pkg/varlinkapi/images.go | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/pkg/varlinkapi/images.go b/pkg/varlinkapi/images.go index a1fdf5955..0e1ef5b76 100644 --- a/pkg/varlinkapi/images.go +++ b/pkg/varlinkapi/images.go @@ -142,7 +142,14 @@ func (i *LibpodAPI) BuildImage(call iopodman.VarlinkCall, config iopodman.BuildI return call.ReplyErrorOccurred(fmt.Sprintf("unable to untar context dir %s", contextDir)) } logrus.Debugf("untar of %s successful", contextDir) - + defer func() { + if err := os.Remove(contextDir); err != nil { + logrus.Errorf("unable to delete file '%s': %q", contextDir, err) + } + if err := os.RemoveAll(newContextDir); err != nil { + logrus.Errorf("unable to delete directory '%s': %q", newContextDir, err) + } + }() // All output (stdout, stderr) is captured in output as well var output bytes.Buffer -- cgit v1.2.3-54-g00ecf From 63d989a3449050e8cf0a168145baa512e7493772 Mon Sep 17 00:00:00 2001 From: Matthew Heon Date: Mon, 5 Aug 2019 15:53:44 -0400 Subject: Add an integration test for systemd in a container Signed-off-by: Matthew Heon --- contrib/cirrus/setup_environment.sh | 6 +++++- libpod/runtime.go | 4 ---- test/e2e/systemd_test.go | 41 +++++++++++++++++++++++++++++++++++++ 3 files changed, 46 insertions(+), 5 deletions(-) diff --git a/contrib/cirrus/setup_environment.sh b/contrib/cirrus/setup_environment.sh index 2579229a5..416a96c4e 100755 --- a/contrib/cirrus/setup_environment.sh +++ b/contrib/cirrus/setup_environment.sh @@ -44,11 +44,15 @@ case "${OS_REL_VER}" in ;; fedora-30) ;& # continue to next item fedora-29) + # All SELinux distros need this for systemd-in-a-container + setsebool container_manage_cgroup true if [[ "$ADD_SECOND_PARTITION" == "true" ]]; then bash "$SCRIPT_BASE/add_second_partition.sh"; fi ;; centos-7) # Current VM is an image-builder-image no local podman/testing - echo "No further setup required for VM image building" + echo "No further setup required for VM image building" + # All SELinux distros need this for systemd-in-a-container + setsebool container_manage_cgroup true exit 0 ;; *) bad_os_id_ver ;; diff --git a/libpod/runtime.go b/libpod/runtime.go index 4d6a80d0b..28774773e 100644 --- a/libpod/runtime.go +++ b/libpod/runtime.go @@ -76,10 +76,6 @@ var ( // place of the configuration file pointed to by ConfigPath. OverrideConfigPath = etcDir + "/containers/libpod.conf" - // DefaultInfraImage to use for infra container - - // DefaultInfraCommand to be run in an infra container - // DefaultSHMLockPath is the default path for SHM locks DefaultSHMLockPath = "/libpod_lock" // DefaultRootlessSHMLockPath is the default path for rootless SHM locks diff --git a/test/e2e/systemd_test.go b/test/e2e/systemd_test.go index 91604867d..994e99cec 100644 --- a/test/e2e/systemd_test.go +++ b/test/e2e/systemd_test.go @@ -5,6 +5,8 @@ package integration import ( "io/ioutil" "os" + "strings" + "time" . "github.com/containers/libpod/test/utils" . "github.com/onsi/ginkgo" @@ -77,4 +79,43 @@ WantedBy=multi-user.target status := SystemExec("bash", []string{"-c", "systemctl status redis"}) Expect(status.OutputToString()).To(ContainSubstring("active (running)")) }) + + It("podman run container with systemd PID1", func() { + systemdImage := "fedora" + pull := podmanTest.Podman([]string{"pull", systemdImage}) + pull.WaitWithDefaultTimeout() + Expect(pull.ExitCode()).To(Equal(0)) + + ctrName := "testSystemd" + run := podmanTest.Podman([]string{"run", "--name", ctrName, "-t", "-i", "-d", systemdImage, "init"}) + run.WaitWithDefaultTimeout() + Expect(run.ExitCode()).To(Equal(0)) + ctrID := run.OutputToString() + + logs := podmanTest.Podman([]string{"logs", ctrName}) + logs.WaitWithDefaultTimeout() + Expect(logs.ExitCode()).To(Equal(0)) + + // Give container 10 seconds to start + started := false + for i := 0; i < 10; i++ { + runningCtrs := podmanTest.Podman([]string{"ps", "-q", "--no-trunc"}) + runningCtrs.WaitWithDefaultTimeout() + Expect(runningCtrs.ExitCode()).To(Equal(0)) + + if strings.Contains(runningCtrs.OutputToString(), ctrID) { + started = true + break + } + + time.Sleep(1 * time.Second) + } + + Expect(started).To(BeTrue()) + + systemctl := podmanTest.Podman([]string{"exec", "-t", "-i", ctrName, "systemctl", "status", "--no-pager"}) + systemctl.WaitWithDefaultTimeout() + Expect(systemctl.ExitCode()).To(Equal(0)) + Expect(strings.Contains(systemctl.OutputToString(), "State:")).To(BeTrue()) + }) }) -- cgit v1.2.3-54-g00ecf From ca0dfca5c9958c4aa4963f84c69bc425c078a970 Mon Sep 17 00:00:00 2001 From: Matthew Heon Date: Tue, 27 Aug 2019 16:47:24 -0400 Subject: Temporarily disable systemd test for CGroups V2 Revert this one CGroups V2 support for systemd containers is added. Signed-off-by: Matthew Heon --- test/e2e/systemd_test.go | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/test/e2e/systemd_test.go b/test/e2e/systemd_test.go index 994e99cec..02778d493 100644 --- a/test/e2e/systemd_test.go +++ b/test/e2e/systemd_test.go @@ -8,6 +8,7 @@ import ( "strings" "time" + "github.com/containers/libpod/pkg/cgroups" . "github.com/containers/libpod/test/utils" . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" @@ -81,6 +82,12 @@ WantedBy=multi-user.target }) It("podman run container with systemd PID1", func() { + cgroupsv2, err := cgroups.IsCgroup2UnifiedMode() + Expect(err).To(BeNil()) + if cgroupsv2 { + Skip("systemd test does not work in cgroups V2 mode yet") + } + systemdImage := "fedora" pull := podmanTest.Podman([]string{"pull", systemdImage}) pull.WaitWithDefaultTimeout() -- cgit v1.2.3-54-g00ecf