From cfe1d2768847929b44ddd10184eff28fd5762c2d Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Tue, 3 Sep 2019 11:03:58 +0200 Subject: rootless: detect user namespace configuration changes detect if the current user namespace doesn't match the configuration in the /etc/subuid and /etc/subgid files. If there is a mismatch, raise a warning and suggest the user to recreate the user namespace with "system migrate", that also restarts the containers. Signed-off-by: Giuseppe Scrivano --- cmd/podman/main_local.go | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'cmd/podman') diff --git a/cmd/podman/main_local.go b/cmd/podman/main_local.go index 648dc166e..0feba609b 100644 --- a/cmd/podman/main_local.go +++ b/cmd/podman/main_local.go @@ -120,6 +120,14 @@ func profileOff(cmd *cobra.Command) error { } func setupRootless(cmd *cobra.Command, args []string) error { + matches, err := rootless.ConfigurationMatches() + if err != nil { + return err + } + if !matches { + logrus.Warningf("the current user namespace doesn't match the configuration in /etc/subuid or /etc/subgid") + logrus.Warningf("you can use `%s system migrate` to recreate the user namespace and restart the containers", os.Args[0]) + } if os.Geteuid() == 0 || cmd == _searchCommand || cmd == _versionCommand || cmd == _mountCommand || cmd == _migrateCommand || strings.HasPrefix(cmd.Use, "help") { return nil } @@ -140,7 +148,7 @@ func setupRootless(cmd *cobra.Command, args []string) error { became, ret, err := rootless.TryJoinFromFilePaths("", false, []string{pausePidPath}) if err != nil { logrus.Errorf("cannot join pause process. You may need to remove %s and stop all containers", pausePidPath) - logrus.Errorf("you can use `%s system migrate` to recreate the pause process", os.Args[0]) + logrus.Errorf("you can use `%s system migrate` to recreate the pause process and restart the containers", os.Args[0]) logrus.Errorf(err.Error()) os.Exit(1) } -- cgit v1.2.3-54-g00ecf