libpod: Build oci_conmon_common.go and oci_conmon_attach_common on FreeBSD

This also adds FreeBSD equivalents to the functions moved to
oci_conmon*_linux.go. For openUnixSocket, we create a temporary symlink
to shorten the path to something that fits into sockaddr_un.

[NO NEW TESTS NEEDED]

Signed-off-by: Doug Rabson <dfr@rabson.org>

libpod/networking_unsupported.go

@@ -77,3 +77,10 @@ func (r *RootlessNetNS) Cleanup(runtime *Runtime) error {
 func (r *Runtime) GetRootlessNetNs(new bool) (*RootlessNetNS, error) {
 	return nil, errors.New("not implemented (*Runtime) GetRootlessNetNs")
 }
+
+// convertPortMappings will remove the HostIP part from the ports when running inside podman machine.
+// This is need because a HostIP of 127.0.0.1 would now allow the gvproxy forwarder to reach to open ports.
+// For machine the HostIP must only be used by gvproxy and never in the VM.
+func (c *Container) convertPortMappings() []types.PortMapping {
+	return []types.PortMapping{}
+}

libpod/oci_conmon_attach_common.go

@@ -1,5 +1,5 @@
-//go:build linux
-// +build linux
+//go:build linux || freebsd
+// +build linux freebsd
 
 package libpod
 

libpod/oci_conmon_attach_freebsd.go

@@ -0,0 +1,21 @@
+package libpod
+
+import (
+	"net"
+	"os"
+	"path/filepath"
+)
+
+func openUnixSocket(path string) (*net.UnixConn, error) {
+	// socket paths can be too long to fit into a sockaddr_un so we create a shorter symlink.
+	tmpdir, err := os.MkdirTemp("", "podman")
+	if err != nil {
+		return nil, err
+	}
+	defer os.RemoveAll(tmpdir)
+	tmpsockpath := filepath.Join(tmpdir, "sock")
+	if err := os.Symlink(path, tmpsockpath); err != nil {
+		return nil, err
+	}
+	return net.DialUnix("unixpacket", nil, &net.UnixAddr{Name: tmpsockpath, Net: "unixpacket"})
+}

libpod/oci_conmon_common.go

@@ -1,5 +1,5 @@
-//go:build linux
-// +build linux
+//go:build linux || freebsd
+// +build linux freebsd
 
 package libpod
 

libpod/oci_conmon_freebsd.go

@@ -0,0 +1,24 @@
+package libpod
+
+import (
+	"errors"
+	"os"
+	"os/exec"
+)
+
+func (r *ConmonOCIRuntime) createRootlessContainer(ctr *Container, restoreOptions *ContainerCheckpointOptions) (int64, error) {
+	return -1, errors.New("unsupported (*ConmonOCIRuntime) createRootlessContainer")
+}
+
+// Run the closure with the container's socket label set
+func (r *ConmonOCIRuntime) withContainerSocketLabel(ctr *Container, closure func() error) error {
+	// No label support yet
+	return closure()
+}
+
+// moveConmonToCgroupAndSignal gets a container's cgroupParent and moves the conmon process to that cgroup
+// it then signals for conmon to start by sending nonce data down the start fd
+func (r *ConmonOCIRuntime) moveConmonToCgroupAndSignal(ctr *Container, cmd *exec.Cmd, startFd *os.File) error {
+	// No equivalent on FreeBSD
+	return nil
+}

libpod/oci_conmon_unsupported.go

@@ -1,5 +1,5 @@
-//go:build !linux
-// +build !linux
+//go:build !linux && !freebsd
+// +build !linux,!freebsd
 
 package libpod