package main import ( "fmt" "io/ioutil" "os" "path/filepath" "strconv" "strings" "github.com/containers/libpod/cmd/podman/cliconfig" "github.com/containers/libpod/cmd/podman/libpodruntime" "github.com/containers/libpod/cmd/podman/shared" "github.com/containers/libpod/libpod" "github.com/containers/libpod/pkg/rootless" opentracing "github.com/opentracing/opentracing-go" "github.com/pkg/errors" "github.com/sirupsen/logrus" "github.com/spf13/cobra" ) var ( runCommand cliconfig.RunValues runDescription = "Runs a command in a new container from the given image" _runCommand = &cobra.Command{ Use: "run [flags] IMAGE [COMMAND [ARG...]]", Short: "Run a command in a new container", Long: runDescription, RunE: func(cmd *cobra.Command, args []string) error { runCommand.InputArgs = args runCommand.GlobalFlags = MainGlobalOpts return runCmd(&runCommand) }, Example: `podman run imageID ls -alF /etc podman run --net=host imageID dnf -y install java podman run --volume /var/hostdir:/var/ctrdir -i -t fedora /bin/bash`, } ) func init() { runCommand.Command = _runCommand runCommand.SetHelpTemplate(HelpTemplate()) runCommand.SetUsageTemplate(UsageTemplate()) flags := runCommand.Flags() flags.SetInterspersed(false) flags.Bool("sig-proxy", true, "Proxy received signals to the process") getCreateFlags(&runCommand.PodmanCommand) } func runCmd(c *cliconfig.RunValues) error { if c.Bool("trace") { span, _ := opentracing.StartSpanFromContext(Ctx, "runCmd") defer span.Finish() } if err := createInit(&c.PodmanCommand); err != nil { return err } if os.Geteuid() != 0 { rootless.SetSkipStorageSetup(true) } runtime, err := libpodruntime.GetRuntime(&c.PodmanCommand) if err != nil { return errors.Wrapf(err, "error creating libpod runtime") } defer runtime.Shutdown(false) ctr, createConfig, err := shared.CreateContainer(getContext(), &c.PodmanCommand, runtime) if err != nil { return err } if logrus.GetLevel() == logrus.DebugLevel { cgroupPath, err := ctr.CGroupPath() if err == nil { logrus.Debugf("container %q has CgroupParent %q", ctr.ID(), cgroupPath) } } ctx := getContext() // Handle detached start if createConfig.Detach { // if the container was created as part of a pod, also start its dependencies, if any. if err := ctr.Start(ctx, c.IsSet("pod")); err != nil { // This means the command did not exist exitCode = 127 if strings.Index(err.Error(), "permission denied") > -1 { exitCode = 126 } return err } fmt.Printf("%s\n", ctr.ID()) exitCode = 0 return nil } outputStream := os.Stdout errorStream := os.Stderr inputStream := os.Stdin // If -i is not set, clear stdin if !c.Bool("interactive") { inputStream = nil } // If attach is set, clear stdin/stdout/stderr and only attach requested if c.IsSet("attach") || c.IsSet("a") { outputStream = nil errorStream = nil if !c.Bool("interactive") { inputStream = nil } attachTo := c.StringSlice("attach") for _, stream := range attachTo { switch strings.ToLower(stream) { case "stdout": outputStream = os.Stdout case "stderr": errorStream = os.Stderr case "stdin": inputStream = os.Stdin default: return errors.Wrapf(libpod.ErrInvalidArg, "invalid stream %q for --attach - must be one of stdin, stdout, or stderr", stream) } } } // if the container was created as part of a pod, also start its dependencies, if any. if err := startAttachCtr(ctr, outputStream, errorStream, inputStream, c.String("detach-keys"), c.Bool("sig-proxy"), true, c.IsSet("pod")); err != nil { // We've manually detached from the container // Do not perform cleanup, or wait for container exit code // Just exit immediately if errors.Cause(err) == libpod.ErrDetach { exitCode = 0 return nil } // This means the command did not exist exitCode = 127 if strings.Index(err.Error(), "permission denied") > -1 { exitCode = 126 } if c.IsSet("rm") { if deleteError := runtime.RemoveContainer(ctx, ctr, true, false); deleteError != nil { logrus.Errorf("unable to remove container %s after failing to start and attach to it", ctr.ID()) } } return err } if ecode, err := ctr.Wait(); err != nil { if errors.Cause(err) == libpod.ErrNoSuchCtr { // The container may have been removed // Go looking for an exit file rtc, err := runtime.GetConfig() if err != nil { return err } ctrExitCode, err := readExitFile(rtc.TmpDir, ctr.ID()) if err != nil { logrus.Errorf("Cannot get exit code: %v", err) exitCode = 127 } else { exitCode = ctrExitCode } } } else { exitCode = int(ecode) } if c.IsSet("rm") { runtime.RemoveContainer(ctx, ctr, false, true) } return nil } // Read a container's exit file func readExitFile(runtimeTmp, ctrID string) (int, error) { exitFile := filepath.Join(runtimeTmp, "exits", fmt.Sprintf("%s-old", ctrID)) logrus.Debugf("Attempting to read container %s exit code from file %s", ctrID, exitFile) // Check if it exists if _, err := os.Stat(exitFile); err != nil { return 0, errors.Wrapf(err, "error getting exit file for container %s", ctrID) } // File exists, read it in and convert to int statusStr, err := ioutil.ReadFile(exitFile) if err != nil { return 0, errors.Wrapf(err, "error reading exit file for container %s", ctrID) } exitCode, err := strconv.Atoi(string(statusStr)) if err != nil { return 0, errors.Wrapf(err, "error parsing exit code for container %s", ctrID) } return exitCode, nil }