opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-06-19 08:09:12 +08:00
Code Issues Packages Projects Releases Wiki Activity

Don't mount /dev/shm if the user told you --ipc=none

Browse Source 
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>

Closes: #1466
Approved by: mheon
This commit is contained in:
Daniel J Walsh
2018-09-13 17:33:07 -04:00
committed by Atomic Bot
parent 4f42fe2e9e
commit 09f506930c
3 changed files with 11 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
cmd/podman/create.go
View File

@ -528,17 +528,6 @@ func parseCreateOpts(ctx context.Context, c *cli.Context, runtime *libpod.Runtim
} }
} }
shmDir := ""
if ipcMode.IsHost() {
shmDir = "/dev/shm"
} else if ipcMode.IsContainer() {
ctr, err := runtime.LookupContainer(ipcMode.Container())
if err != nil {
return nil, errors.Wrapf(err, "container %q not found", ipcMode.Container())
}
shmDir = ctr.ShmDir()
}
// USER // USER
user := c.String("user") user := c.String("user")
if user == "" { if user == "" {
@ -775,7 +764,6 @@ func parseCreateOpts(ctx context.Context, c *cli.Context, runtime *libpod.Runtim
Ulimit: c.StringSlice("ulimit"), Ulimit: c.StringSlice("ulimit"),
}, },
Rm: c.Bool("rm"), Rm: c.Bool("rm"),
ShmDir: shmDir,
StopSignal: stopSignal, StopSignal: stopSignal,
StopTimeout: c.Uint("stop-timeout"), StopTimeout: c.Uint("stop-timeout"),
Sysctl: sysctl, Sysctl: sysctl,

14
pkg/spec/createconfig.go
View File

@ -112,8 +112,7 @@ type CreateConfig struct {
Quiet bool //quiet Quiet bool //quiet
ReadOnlyRootfs bool //read-only ReadOnlyRootfs bool //read-only
Resources CreateResourceConfig Resources CreateResourceConfig
Rm bool //rm Rm bool //rm
ShmDir string
StopSignal syscall.Signal // stop-signal StopSignal syscall.Signal // stop-signal
StopTimeout uint // stop-timeout StopTimeout uint // stop-timeout
Sysctl map[string]string //sysctl Sysctl map[string]string //sysctl
@ -447,7 +446,16 @@ func (c *CreateConfig) GetContainerCreateOptions(runtime *libpod.Runtime) ([]lib
options = append(options, libpod.WithConmonPidFile(c.ConmonPidFile)) options = append(options, libpod.WithConmonPidFile(c.ConmonPidFile))
options = append(options, libpod.WithLabels(c.Labels)) options = append(options, libpod.WithLabels(c.Labels))
options = append(options, libpod.WithUser(c.User)) options = append(options, libpod.WithUser(c.User))
options = append(options, libpod.WithShmDir(c.ShmDir)) if c.IpcMode.IsHost() {
options = append(options, libpod.WithShmDir("/dev/shm"))
} else if c.IpcMode.IsContainer() {
ctr, err := runtime.LookupContainer(c.IpcMode.Container())
if err != nil {
return nil, errors.Wrapf(err, "container %q not found", c.IpcMode.Container())
}
options = append(options, libpod.WithShmDir(ctr.ShmDir()))
}
options = append(options, libpod.WithShmSize(c.Resources.ShmSize)) options = append(options, libpod.WithShmSize(c.Resources.ShmSize))
options = append(options, libpod.WithGroups(c.GroupAdd)) options = append(options, libpod.WithGroups(c.GroupAdd))
options = append(options, libpod.WithIDMappings(*c.IDMappings)) options = append(options, libpod.WithIDMappings(*c.IDMappings))

1
pkg/varlinkapi/containers_create.go
View File

@ -202,7 +202,6 @@ func varlinkCreateToCreateConfig(ctx context.Context, create iopodman.Create, ru
Ulimit: create.Resources.Ulimit, Ulimit: create.Resources.Ulimit,
}, },
Rm: create.Rm, Rm: create.Rm,
ShmDir: create.Shm_dir,
StopSignal: stopSignal, StopSignal: stopSignal,
StopTimeout: uint(create.Stop_timeout), StopTimeout: uint(create.Stop_timeout),
Sysctl: create.Sys_ctl, Sysctl: create.Sys_ctl,