Add default runtime flags in config

Added a way to define default runtime flags in config. Fixes: https://github.com/containers/common/issues/715 Default runtime flags should be defined as shown below: [engine.runtimes_flags] runsc = [ "net-raw", ] crun = [ "debug", ] Signed-off-by: Rosvaldas Atstupėnas <atstupenas.rosvaldas@gmail.com>
2025-11-29 01:28:22 +08:00 · 2025-09-15 13:44:15 +10:00
parent 14b68ba9c6
commit 0a20e22384
4 changed files with 21 additions and 4 deletions
--- a/cmd/podman/common/build.go
+++ b/cmd/podman/common/build.go
@@ -449,6 +449,12 @@ func buildFlagsWrapperToOptions(c *cobra.Command, contextDir string, flags *Buil
 	for _, arg := range podmanConfig.RuntimeFlags {
 		runtimeFlags = append(runtimeFlags, "--"+arg)
 	}
+	configIndex := filepath.Base(podmanConfig.RuntimePath)
+	if len(runtimeFlags) == 0 {
+		for _, arg := range podmanConfig.ContainersConfDefaultsRO.Engine.OCIRuntimesFlags[configIndex] {
+			runtimeFlags = append(runtimeFlags, "--"+arg)
+		}
+	}
 	if podmanConfig.ContainersConf.Engine.CgroupManager == config.SystemdCgroupsManager {
 		runtimeFlags = append(runtimeFlags, "--systemd-cgroup")
 	}
--- a/docs/source/markdown/options/runtime-flag.md
+++ b/docs/source/markdown/options/runtime-flag.md
@@ -6,4 +6,6 @@

 Adds global flags for the container runtime. To list the supported flags, please consult the manpages of the selected container runtime.

+Default runtime flags can be added in containers.conf.
+
 Note: Do not pass the leading -- to the flag. To pass the runc flag --log-format json to buildah build, the option given is --runtime-flag log-format=json.
--- a/docs/source/markdown/podman.1.md
+++ b/docs/source/markdown/podman.1.md
@@ -147,6 +147,8 @@ consult the manpages of the selected container runtime (`runc` is the default
 runtime, the manpage to consult is `runc(8)`.  When the machine is configured
 for cgroup V2, the default runtime is `crun`, the manpage to consult is `crun(8)`.).

+Default runtime flags can be added in containers.conf.
+
 Note: Do not pass the leading `--` to the flag. To pass the runc flag `--log-format json`
 to podman build, the option given can be `--runtime-flag log-format=json`.

--- a/libpod/oci_conmon_common.go
+++ b/libpod/oci_conmon_common.go
@@ -93,6 +93,14 @@ func newConmonOCIRuntime(name string, paths []string, conmonPath string, runtime
 		supportsKVM[r] = true
 	}

+	configIndex := filepath.Base(name)
+
+	if len(runtimeFlags) == 0 {
+		for _, arg := range runtimeCfg.Engine.OCIRuntimesFlags[configIndex] {
+			runtimeFlags = append(runtimeFlags, "--"+arg)
+		}
+	}
+
 	runtime := new(ConmonOCIRuntime)
 	runtime.name = name
 	runtime.conmonPath = conmonPath
@@ -108,10 +116,9 @@ func newConmonOCIRuntime(name string, paths []string, conmonPath string, runtime
 	// TODO: probe OCI runtime for feature and enable automatically if
 	// available.

-	base := filepath.Base(name)
-	runtime.supportsJSON = supportsJSON[base]
-	runtime.supportsNoCgroups = supportsNoCgroups[base]
-	runtime.supportsKVM = supportsKVM[base]
+	runtime.supportsJSON = supportsJSON[configIndex]
+	runtime.supportsNoCgroups = supportsNoCgroups[configIndex]
+	runtime.supportsKVM = supportsKVM[configIndex]

 	foundPath := false
 	for _, path := range paths {