From d615ab81f9f8bbed5f335683f4bbcdda0e789ee1 Mon Sep 17 00:00:00 2001 From: David Gibson Date: Wed, 19 Jan 2022 11:22:20 +1100 Subject: tests: Remove inaccurate comment This comment refers to overiding $PODMAN although the code below does nothing of the sort. Presumbly the comment has been outdated by altering the containers.conf / $CONTAINERS_CONF instead. Signed-off-by: David Gibson --- test/system/helpers.bash | 3 --- 1 file changed, 3 deletions(-) diff --git a/test/system/helpers.bash b/test/system/helpers.bash index c622a5172..ee5f73867 100644 --- a/test/system/helpers.bash +++ b/test/system/helpers.bash @@ -37,9 +37,6 @@ fi # while retaining the ability to include these if they so desire. # Some CI systems set this to runc, overriding the default crun. -# Although it would be more elegant to override options in run_podman(), -# we instead override $PODMAN itself because some tests (170-run-userns) -# have to invoke $PODMAN directly. if [[ -n $OCI_RUNTIME ]]; then if [[ -z $CONTAINERS_CONF ]]; then # FIXME: BATS provides no mechanism for end-of-run cleanup[1]; how -- cgit v1.2.3-54-g00ecf From db4d15e852c574a2f2f4039cfef4814982776544 Mon Sep 17 00:00:00 2001 From: David Gibson Date: Wed, 19 Jan 2022 13:20:53 +1100 Subject: Propagate $CONTAINERS_CONF to conmon The CONTAINERS_CONF environment variable can be used to override the configuration file, which is useful for testing. However, at the moment this variable is not propagated to conmon. That means in particular, that conmon can't propagate it back to podman when invoking its --exit-command. The mismatch in configuration between the starting and cleaning up podman instances can cause a variety of errors. This patch also adds two related test cases. One checks explicitly that the correct CONTAINERS_CONF value appears in conmon's environment. The other checks for a possible specific impact of this bug: if we use a nonstandard name for the runtime (even if its path is just a regular crun), then the podman container cleanup invoked at container exit will fail. That has the effect of meaning that a container started with -d --rm won't be correctly removed once complete. Fixes #12917 Signed-off-by: David Gibson --- libpod/oci_conmon_linux.go | 4 +++ test/system/800-config.bats | 80 +++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 84 insertions(+) create mode 100644 test/system/800-config.bats diff --git a/libpod/oci_conmon_linux.go b/libpod/oci_conmon_linux.go index 268a301fb..a328f7621 100644 --- a/libpod/oci_conmon_linux.go +++ b/libpod/oci_conmon_linux.go @@ -1318,6 +1318,10 @@ func (r *ConmonOCIRuntime) configureConmonEnv(ctr *Container, runtimeDir string) env = append(env, e) } } + conf, ok := os.LookupEnv("CONTAINERS_CONF") + if ok { + env = append(env, fmt.Sprintf("CONTAINERS_CONF=%s", conf)) + } env = append(env, fmt.Sprintf("XDG_RUNTIME_DIR=%s", runtimeDir)) env = append(env, fmt.Sprintf("_CONTAINERS_USERNS_CONFIGURED=%s", os.Getenv("_CONTAINERS_USERNS_CONFIGURED"))) env = append(env, fmt.Sprintf("_CONTAINERS_ROOTLESS_UID=%s", os.Getenv("_CONTAINERS_ROOTLESS_UID"))) diff --git a/test/system/800-config.bats b/test/system/800-config.bats new file mode 100644 index 000000000..f5b4e9570 --- /dev/null +++ b/test/system/800-config.bats @@ -0,0 +1,80 @@ +#!/usr/bin/env bats -*- bats -*- +# +# Test specific configuration options and overrides +# + +load helpers + +@test "podman CONTAINERS_CONF - CONTAINERS_CONF in conmon" { + skip_if_remote "can't check conmon environment over remote" + + # Get the normal runtime for this host + run_podman info --format '{{ .Host.OCIRuntime.Name }}' + runtime="$output" + run_podman info --format "{{ .Host.OCIRuntime.Path }}" + ocipath="$output" + + # Make an innocuous containers.conf in a non-standard location + conf_tmp="$PODMAN_TMPDIR/containers.conf" + cat >$conf_tmp < $conf_tmp <