From d8caa2f2fa006b61737d68600808c7ff10b21ece Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Fri, 29 Mar 2019 11:10:30 +0100 Subject: oci: drop reference to runc it can be any OCI runtime. Signed-off-by: Giuseppe Scrivano --- libpod/oci.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'libpod') diff --git a/libpod/oci.go b/libpod/oci.go index b25175b9d..62331b879 100644 --- a/libpod/oci.go +++ b/libpod/oci.go @@ -473,7 +473,7 @@ func (r *OCIRuntime) createOCIContainer(ctr *Container, cgroupParent string, res // If useRunc is false, we will not directly hit runc to see the container's // status, but will instead only check for the existence of the conmon exit file // and update state to stopped if it exists. -func (r *OCIRuntime) updateContainerStatus(ctr *Container, useRunc bool) error { +func (r *OCIRuntime) updateContainerStatus(ctr *Container, useRuntime bool) error { exitFile := ctr.exitFilePath() runtimeDir, err := util.GetRootlessRuntimeDir() @@ -481,8 +481,8 @@ func (r *OCIRuntime) updateContainerStatus(ctr *Container, useRunc bool) error { return err } - // If not using runc, we don't need to do most of this. - if !useRunc { + // If not using the OCI runtime, we don't need to do most of this. + if !useRuntime { // If the container's not running, nothing to do. if ctr.state.State != ContainerStateRunning && ctr.state.State != ContainerStatePaused { return nil -- cgit v1.2.3-54-g00ecf From 2fa9861d788d821b6089becf3f3833b79d08d443 Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Fri, 29 Mar 2019 11:23:42 +0100 Subject: rootless: set sticky bit on rundir it prevents the directory to be auto pruned, according to the XDG specifications. Signed-off-by: Giuseppe Scrivano --- libpod/runtime.go | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) (limited to 'libpod') diff --git a/libpod/runtime.go b/libpod/runtime.go index f7b166513..6e54de558 100644 --- a/libpod/runtime.go +++ b/libpod/runtime.go @@ -309,7 +309,17 @@ func getDefaultTmpDir() (string, error) { if err != nil { return "", err } - return filepath.Join(rootlessRuntimeDir, "libpod", "tmp"), nil + libpodRuntimeDir := filepath.Join(rootlessRuntimeDir, "libpod") + + if err := os.Mkdir(libpodRuntimeDir, 0700|os.ModeSticky); err != nil { + if !os.IsExist(err) { + return "", errors.Wrapf(err, "cannot mkdir %s", libpodRuntimeDir) + } else if err := os.Chmod(libpodRuntimeDir, 0700|os.ModeSticky); err != nil { + // The directory already exist, just set the sticky bit + return "", errors.Wrapf(err, "could not set sticky bit on %s", libpodRuntimeDir) + } + } + return filepath.Join(libpodRuntimeDir, "tmp"), nil } // SetXdgRuntimeDir ensures the XDG_RUNTIME_DIR env variable is set -- cgit v1.2.3-54-g00ecf