From 0aedddd3b3ec0f14818aa0f04c24df1f0b2e3f3b Mon Sep 17 00:00:00 2001 From: Dan Čermák Date: Tue, 13 Sep 2022 14:43:47 +0200 Subject: [systemd] Ensure that podCreateArgs appear last in ExecStartPre= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit When creating a new pod without the `--name` flag, e.g.: `podman pod create foobar` it will get the name `foobar` implicitly and this will be recorded as the in the `podCreateArgs`. Unfortunately, the implicit name only works if it appears as the **last** argument of the startup command. With 6e2e3a78ed1d05ee5f23f65b814e8135021961dd we started appending the pod security policy to the startCommand, resulting in the following `ExecStartPre=` line: ``` /usr/bin/podman pod create --infra-conmon-pidfile %t/pod-foobar.pid --pod-id-file %t/pod-foobar.pod-id foobar --exit-policy=stop ``` This fails to launch, as the `pod create` command expects only a single non-flag parameter, but it assumes that `exit-policy=stop` is a second and terminates immediately instead. This fixes https://github.com/containers/podman/issues/15592 Signed-off-by: Dan Čermák --- test/e2e/generate_systemd_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'test/e2e') diff --git a/test/e2e/generate_systemd_test.go b/test/e2e/generate_systemd_test.go index f47abbc13..550464829 100644 --- a/test/e2e/generate_systemd_test.go +++ b/test/e2e/generate_systemd_test.go @@ -562,7 +562,7 @@ var _ = Describe("Podman generate systemd", func() { Expect(session.OutputToString()).To(ContainSubstring("# pod-foo.service")) Expect(session.OutputToString()).To(ContainSubstring("Requires=container-foo-1.service container-foo-2.service")) Expect(session.OutputToString()).To(ContainSubstring("BindsTo=pod-foo.service")) - Expect(session.OutputToString()).To(ContainSubstring("pod create --infra-conmon-pidfile %t/pod-foo.pid --pod-id-file %t/pod-foo.pod-id --name foo")) + Expect(session.OutputToString()).To(ContainSubstring("pod create --infra-conmon-pidfile %t/pod-foo.pid --pod-id-file %t/pod-foo.pod-id --exit-policy=stop --name foo")) Expect(session.OutputToString()).To(ContainSubstring("ExecStartPre=/bin/rm -f %t/pod-foo.pid %t/pod-foo.pod-id")) Expect(session.OutputToString()).To(ContainSubstring("pod stop --ignore --pod-id-file %t/pod-foo.pod-id -t 10")) Expect(session.OutputToString()).To(ContainSubstring("pod rm --ignore -f --pod-id-file %t/pod-foo.pod-id")) -- cgit v1.2.3-54-g00ecf