From 1074a02ff85bb9f1d0db3e4468b067a6516b1521 Mon Sep 17 00:00:00 2001 From: Brent Baude Date: Fri, 8 May 2020 13:09:11 -0500 Subject: v2 podman unshare command add unshare command add cp and init to container sub-command allow mount to run as rootless Signed-off-by: Brent Baude --- pkg/domain/entities/engine_container.go | 1 + pkg/domain/infra/abi/system.go | 16 ++++++++++++++++ pkg/domain/infra/tunnel/system.go | 4 ++++ 3 files changed, 21 insertions(+) (limited to 'pkg') diff --git a/pkg/domain/entities/engine_container.go b/pkg/domain/entities/engine_container.go index 7c93e6802..bb13794bd 100644 --- a/pkg/domain/entities/engine_container.go +++ b/pkg/domain/entities/engine_container.go @@ -71,6 +71,7 @@ type ContainerEngine interface { SetupRootless(ctx context.Context, cmd *cobra.Command) error Shutdown(ctx context.Context) SystemDf(ctx context.Context, options SystemDfOptions) (*SystemDfReport, error) + Unshare(ctx context.Context, args []string) error VarlinkService(ctx context.Context, opts ServiceOptions) error VolumeCreate(ctx context.Context, opts VolumeCreateOptions) (*IdOrNameResponse, error) VolumeInspect(ctx context.Context, namesOrIds []string, opts VolumeInspectOptions) ([]*VolumeInspectReport, error) diff --git a/pkg/domain/infra/abi/system.go b/pkg/domain/infra/abi/system.go index 24c62465f..fc92da1b2 100644 --- a/pkg/domain/infra/abi/system.go +++ b/pkg/domain/infra/abi/system.go @@ -5,6 +5,7 @@ import ( "fmt" "io/ioutil" "os" + "os/exec" "path/filepath" "strconv" "syscall" @@ -391,3 +392,18 @@ func (s SystemEngine) Shutdown(ctx context.Context) { logrus.Error(err) } } + +func unshareEnv(graphroot, runroot string) []string { + return append(os.Environ(), "_CONTAINERS_USERNS_CONFIGURED=done", + fmt.Sprintf("CONTAINERS_GRAPHROOT=%s", graphroot), + fmt.Sprintf("CONTAINERS_RUNROOT=%s", runroot)) +} + +func (ic *ContainerEngine) Unshare(ctx context.Context, args []string) error { + cmd := exec.Command(args[0], args[1:]...) + cmd.Env = unshareEnv(ic.Libpod.StorageConfig().GraphRoot, ic.Libpod.StorageConfig().RunRoot) + cmd.Stdin = os.Stdin + cmd.Stdout = os.Stdout + cmd.Stderr = os.Stderr + return cmd.Run() +} diff --git a/pkg/domain/infra/tunnel/system.go b/pkg/domain/infra/tunnel/system.go index 448fbed1f..d00795741 100644 --- a/pkg/domain/infra/tunnel/system.go +++ b/pkg/domain/infra/tunnel/system.go @@ -30,3 +30,7 @@ func (ic *ContainerEngine) SystemPrune(ctx context.Context, options entities.Sys func (ic *ContainerEngine) SystemDf(ctx context.Context, options entities.SystemDfOptions) (*entities.SystemDfReport, error) { panic(errors.New("system df is not supported on remote clients")) } + +func (ic *ContainerEngine) Unshare(ctx context.Context, args []string) error { + return errors.New("unshare is not supported on remote clients") +} -- cgit v1.2.3-54-g00ecf