From 3619f0be9514cd7a2cbdddc6cfb8bc8b7a94485d Mon Sep 17 00:00:00 2001 From: Toshiki Sonoda Date: Fri, 24 Jun 2022 09:29:24 +0900 Subject: Fix: Prevent OCI runtime directory remain This bug was introduced in https://github.com/containers/podman/pull/8906. When we use 'podman rm/restart/stop/kill etc...' command to the container running with --rm, the OCI runtime directory remains at /run/ (root user) or /run/user// (rootless user). This bug could cause other bugs. For example, when we checkpoint the container running with --rm (podman checkpoint --export) and restore it (podman restore --import) with crun, error message "Error: OCI runtime error: crun: container `` already exists" is outputted. This error is caused by an attempt to restore the container with the same container ID as the remaining OCI runtime's container ID. Therefore, I fix that the cleanupRuntime() function runs to remove the OCI runtime directory, even if the container has already been removed by --rm option. Signed-off-by: Toshiki Sonoda --- libpod/container_api.go | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'libpod/container_api.go') diff --git a/libpod/container_api.go b/libpod/container_api.go index b064d3528..fcf3ba49c 100644 --- a/libpod/container_api.go +++ b/libpod/container_api.go @@ -621,6 +621,15 @@ func (c *Container) Cleanup(ctx context.Context) error { defer c.lock.Unlock() if err := c.syncContainer(); err != nil { + switch errors.Cause(err) { + // When the container has already been removed, the OCI runtime directory remain. + case define.ErrNoSuchCtr, define.ErrCtrRemoved: + if err := c.cleanupRuntime(ctx); err != nil { + return errors.Wrapf(err, "error cleaning up container %s from OCI runtime", c.ID()) + } + default: + logrus.Errorf("Syncing container %s status: %v", c.ID(), err) + } return err } } -- cgit v1.2.3-54-g00ecf