From 0a20e223841c0848aa497c489dc6a0fbeccae793 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rosvaldas=20Atstup=C4=97nas?= Date: Mon, 15 Sep 2025 13:44:15 +1000 Subject: [PATCH] Add default runtime flags in config MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Added a way to define default runtime flags in config. Fixes: https://github.com/containers/common/issues/715 Default runtime flags should be defined as shown below: [engine.runtimes_flags] runsc = [ "net-raw", ] crun = [ "debug", ] Signed-off-by: Rosvaldas Atstupėnas --- cmd/podman/common/build.go | 6 ++++++ docs/source/markdown/options/runtime-flag.md | 2 ++ docs/source/markdown/podman.1.md | 2 ++ libpod/oci_conmon_common.go | 15 +++++++++++---- 4 files changed, 21 insertions(+), 4 deletions(-) diff --git a/cmd/podman/common/build.go b/cmd/podman/common/build.go index 488a162bcb..1348863b9b 100644 --- a/cmd/podman/common/build.go +++ b/cmd/podman/common/build.go @@ -449,6 +449,12 @@ func buildFlagsWrapperToOptions(c *cobra.Command, contextDir string, flags *Buil for _, arg := range podmanConfig.RuntimeFlags { runtimeFlags = append(runtimeFlags, "--"+arg) } + configIndex := filepath.Base(podmanConfig.RuntimePath) + if len(runtimeFlags) == 0 { + for _, arg := range podmanConfig.ContainersConfDefaultsRO.Engine.OCIRuntimesFlags[configIndex] { + runtimeFlags = append(runtimeFlags, "--"+arg) + } + } if podmanConfig.ContainersConf.Engine.CgroupManager == config.SystemdCgroupsManager { runtimeFlags = append(runtimeFlags, "--systemd-cgroup") } diff --git a/docs/source/markdown/options/runtime-flag.md b/docs/source/markdown/options/runtime-flag.md index 00347c1f0d..1d6e1c63b4 100644 --- a/docs/source/markdown/options/runtime-flag.md +++ b/docs/source/markdown/options/runtime-flag.md @@ -6,4 +6,6 @@ Adds global flags for the container runtime. To list the supported flags, please consult the manpages of the selected container runtime. +Default runtime flags can be added in containers.conf. + Note: Do not pass the leading -- to the flag. To pass the runc flag --log-format json to buildah build, the option given is --runtime-flag log-format=json. diff --git a/docs/source/markdown/podman.1.md b/docs/source/markdown/podman.1.md index 8f46dd081a..00f366ea14 100644 --- a/docs/source/markdown/podman.1.md +++ b/docs/source/markdown/podman.1.md @@ -147,6 +147,8 @@ consult the manpages of the selected container runtime (`runc` is the default runtime, the manpage to consult is `runc(8)`. When the machine is configured for cgroup V2, the default runtime is `crun`, the manpage to consult is `crun(8)`.). +Default runtime flags can be added in containers.conf. + Note: Do not pass the leading `--` to the flag. To pass the runc flag `--log-format json` to podman build, the option given can be `--runtime-flag log-format=json`. diff --git a/libpod/oci_conmon_common.go b/libpod/oci_conmon_common.go index 2185148a59..49c6505771 100644 --- a/libpod/oci_conmon_common.go +++ b/libpod/oci_conmon_common.go @@ -93,6 +93,14 @@ func newConmonOCIRuntime(name string, paths []string, conmonPath string, runtime supportsKVM[r] = true } + configIndex := filepath.Base(name) + + if len(runtimeFlags) == 0 { + for _, arg := range runtimeCfg.Engine.OCIRuntimesFlags[configIndex] { + runtimeFlags = append(runtimeFlags, "--"+arg) + } + } + runtime := new(ConmonOCIRuntime) runtime.name = name runtime.conmonPath = conmonPath @@ -108,10 +116,9 @@ func newConmonOCIRuntime(name string, paths []string, conmonPath string, runtime // TODO: probe OCI runtime for feature and enable automatically if // available. - base := filepath.Base(name) - runtime.supportsJSON = supportsJSON[base] - runtime.supportsNoCgroups = supportsNoCgroups[base] - runtime.supportsKVM = supportsKVM[base] + runtime.supportsJSON = supportsJSON[configIndex] + runtime.supportsNoCgroups = supportsNoCgroups[configIndex] + runtime.supportsKVM = supportsKVM[configIndex] foundPath := false for _, path := range paths {