From 1d93d212541616135da23bcf01ca49180f113e62 Mon Sep 17 00:00:00 2001
From: Jhon Honce <jhonce@redhat.com>
Date: Wed, 15 Apr 2020 10:12:30 -0700
Subject: V2 Enable rootless

* Enable running podman V2 rootless
* Fixed cobra.PersistentPreRunE usage in all the commands
* Leveraged cobra.PersistentPreRunE/cobra.PersistentPostRunE to manage:
  * rootless
  * trace (--trace)
  * profiling (--cpu-profile)
  * initializing the registry copies of Image/Container engines
* Help and Usage templates autoset for all sub-commands

Signed-off-by: Jhon Honce <jhonce@redhat.com>
---
 pkg/domain/infra/abi/containers.go |  4 +---
 pkg/domain/infra/abi/system.go     | 39 +++++---------------------------------
 pkg/domain/infra/tunnel/system.go  |  5 +++++
 3 files changed, 11 insertions(+), 37 deletions(-)

(limited to 'pkg/domain/infra')

diff --git a/pkg/domain/infra/abi/containers.go b/pkg/domain/infra/abi/containers.go
index 4279fb756..c9df72f2d 100644
--- a/pkg/domain/infra/abi/containers.go
+++ b/pkg/domain/infra/abi/containers.go
@@ -668,9 +668,6 @@ func (ic *ContainerEngine) ContainerDiff(ctx context.Context, nameOrId string, o
 }
 
 func (ic *ContainerEngine) ContainerRun(ctx context.Context, opts entities.ContainerRunOptions) (*entities.ContainerRunReport, error) {
-	var (
-		joinPod bool
-	)
 	if err := generate.CompleteSpec(ctx, ic.Libpod, opts.Spec); err != nil {
 		return nil, err
 	}
@@ -679,6 +676,7 @@ func (ic *ContainerEngine) ContainerRun(ctx context.Context, opts entities.Conta
 		return nil, err
 	}
 
+	var joinPod bool
 	if len(ctr.PodID()) > 0 {
 		joinPod = true
 	}
diff --git a/pkg/domain/infra/abi/system.go b/pkg/domain/infra/abi/system.go
index 10872144b..67593b2dd 100644
--- a/pkg/domain/infra/abi/system.go
+++ b/pkg/domain/infra/abi/system.go
@@ -100,7 +100,7 @@ func (ic *ContainerEngine) VarlinkService(_ context.Context, opts entities.Servi
 	return nil
 }
 
-func (ic *ContainerEngine) SetupRootless(cmd *cobra.Command) error {
+func (ic *ContainerEngine) SetupRootless(_ context.Context, cmd *cobra.Command) error {
 	// do it only after podman has already re-execed and running with uid==0.
 	if os.Geteuid() == 0 {
 		ownsCgroup, err := cgroups.UserOwnsCurrentSystemdCgroup()
@@ -123,10 +123,6 @@ func (ic *ContainerEngine) SetupRootless(cmd *cobra.Command) error {
 		}
 	}
 
-	if !executeCommandInUserNS(cmd) {
-		return nil
-	}
-
 	pausePidPath, err := util.GetRootlessPauseProcessPidPath()
 	if err != nil {
 		return errors.Wrapf(err, "could not get pause process pid file path")
@@ -143,7 +139,8 @@ func (ic *ContainerEngine) SetupRootless(cmd *cobra.Command) error {
 	// if there is no pid file, try to join existing containers, and create a pause process.
 	ctrs, err := ic.Libpod.GetRunningContainers()
 	if err != nil {
-		logrus.WithError(err).Fatal("")
+		logrus.Error(err.Error())
+		os.Exit(1)
 	}
 
 	paths := []string{}
@@ -164,7 +161,8 @@ func (ic *ContainerEngine) SetupRootless(cmd *cobra.Command) error {
 		}
 	}
 	if err != nil {
-		logrus.WithError(err).Fatal("")
+		logrus.Error(err)
+		os.Exit(1)
 	}
 	if became {
 		os.Exit(ret)
@@ -172,25 +170,6 @@ func (ic *ContainerEngine) SetupRootless(cmd *cobra.Command) error {
 	return nil
 }
 
-// Most podman commands when run in rootless mode, need to be executed in the
-// users usernamespace.  This function is updated with a  list of commands that
-// should NOT be run within the user namespace.
-func executeCommandInUserNS(cmd *cobra.Command) bool {
-	return os.Geteuid() == 0
-	// if os.Geteuid() == 0 {
-	// 	return false
-	// }
-	// switch cmd {
-	// case _migrateCommand,
-	// 	_mountCommand,
-	// 	_renumberCommand,
-	// 	_searchCommand,
-	// 	_versionCommand:
-	// 	return false
-	// }
-	// return true
-}
-
 func movePauseProcessToScope() error {
 	pausePidPath, err := util.GetRootlessPauseProcessPidPath()
 	if err != nil {
@@ -234,11 +213,3 @@ func setUMask() { // nolint:deadcode,unused
 func checkInput() error { // nolint:deadcode,unused
 	return nil
 }
-
-// func getCNIPluginsDir() string {
-// 	if rootless.IsRootless() {
-// 		return ""
-// 	}
-//
-// 	return registry.PodmanOptions.Network.CNIPluginDirs[0]
-// }
diff --git a/pkg/domain/infra/tunnel/system.go b/pkg/domain/infra/tunnel/system.go
index 7c7a55c05..f373525c5 100644
--- a/pkg/domain/infra/tunnel/system.go
+++ b/pkg/domain/infra/tunnel/system.go
@@ -7,6 +7,7 @@ import (
 	"github.com/containers/libpod/libpod/define"
 	"github.com/containers/libpod/pkg/bindings/system"
 	"github.com/containers/libpod/pkg/domain/entities"
+	"github.com/spf13/cobra"
 )
 
 func (ic *ContainerEngine) Info(ctx context.Context) (*define.Info, error) {
@@ -20,3 +21,7 @@ func (ic *ContainerEngine) RestService(_ context.Context, _ entities.ServiceOpti
 func (ic *ContainerEngine) VarlinkService(_ context.Context, _ entities.ServiceOptions) error {
 	panic(errors.New("varlink service is not supported when tunneling"))
 }
+
+func (ic *ContainerEngine) SetupRootless(_ context.Context, cmd *cobra.Command) error {
+	panic(errors.New("rootless engine mode is not supported when tunneling"))
+}
-- 
cgit v1.2.3-54-g00ecf