opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-10-20 20:54:45 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #26177 from Luap99/machine-linger

Browse Source 
pkg/machine: setup lingering for custom username and remove unnecessary sleep service
This commit is contained in:
openshift-merge-bot[bot]
2025-06-04 14:04:37 +00:00
committed by GitHub
parent 4030ee62c8 5797c1dd27
commit 2d234fab34
4 changed files with 39 additions and 58 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
pkg/machine/e2e/init_test.go
View File

@ -238,6 +238,17 @@ var _ = Describe("podman machine init", func() {
Expect(testMachine.Resources.Memory).To(BeEquivalentTo(uint64(2048))) Expect(testMachine.Resources.Memory).To(BeEquivalentTo(uint64(2048)))
} }
Expect(testMachine.SSHConfig.RemoteUsername).To(Equal(remoteUsername)) Expect(testMachine.SSHConfig.RemoteUsername).To(Equal(remoteUsername))
s := new(startMachine)
session, err = mb.setCmd(s).run()
Expect(err).ToNot(HaveOccurred())
Expect(session).To(Exit(0))
ssh := sshMachine{}
sshSession, err := mb.setName(mb.name).setCmd(ssh.withSSHCommand([]string{"loginctl -P Linger show-user " + remoteUsername})).run()
Expect(err).ToNot(HaveOccurred())
Expect(sshSession).To(Exit(0))
Expect(sshSession.outputToString()).To(ContainSubstring("yes"))
}) })
It("machine init with cpus, disk size, memory, timezone", func() { It("machine init with cpus, disk size, memory, timezone", func() {

55
pkg/machine/ignition/ignition.go
View File

@ -138,7 +138,7 @@ func (ign *DynamicIgnition) GenerateIgnitionConfig() error {
ignStorage := Storage{ ignStorage := Storage{
Directories: getDirs(ign.Name), Directories: getDirs(ign.Name),
Files: getFiles(ign.Name, ign.UID, ign.Rootful, ign.VMType, ign.NetRecover, ign.Swap), Files: getFiles(ign.Name, ign.UID, ign.Rootful, ign.VMType, ign.NetRecover, ign.Swap),
Links: getLinks(ign.Name), Links: getLinks(),
} }
// Add or set the time zone for the machine // Add or set the time zone for the machine
@ -281,7 +281,6 @@ func getDirs(usrName string) []Directory {
"/home/" + usrName + "/.config/containers", "/home/" + usrName + "/.config/containers",
"/home/" + usrName + "/.config/systemd", "/home/" + usrName + "/.config/systemd",
"/home/" + usrName + "/.config/systemd/user", "/home/" + usrName + "/.config/systemd/user",
"/home/" + usrName + "/.config/systemd/user/default.target.wants",
} }
var ( var (
dirs = make([]Directory, len(newDirs)) dirs = make([]Directory, len(newDirs))
@ -304,15 +303,22 @@ func getDirs(usrName string) []Directory {
func getFiles(usrName string, uid int, rootful bool, vmtype define.VMType, _ bool, swap uint64) []File { func getFiles(usrName string, uid int, rootful bool, vmtype define.VMType, _ bool, swap uint64) []File {
files := make([]File, 0) files := make([]File, 0)
lingerExample := parser.NewUnitFile() // enable linger mode for the user
lingerExample.Add("Unit", "Description", "A systemd user unit demo") files = append(files, File{
lingerExample.Add("Unit", "After", "network-online.target") Node: Node{
lingerExample.Add("Unit", "Wants", "network-online.target podman.socket") Group: GetNodeGrp("root"),
lingerExample.Add("Service", "ExecStart", "/usr/bin/sleep infinity") Path: "/var/lib/systemd/linger/" + usrName,
lingerExampleFile, err := lingerExample.ToString() User: GetNodeUsr("root"),
if err != nil { // the coreos image might already have this defined
logrus.Warn(err.Error()) Overwrite: BoolToPtr(true),
} },
FileEmbedded1: FileEmbedded1{
Contents: Resource{
Source: EncodeDataURLPtr(""),
},
Mode: IntToPtr(0644),
},
})
containers := `[containers] containers := `[containers]
netns="bridge" netns="bridge"
@ -332,22 +338,6 @@ pids_limit=0
} }
etcSubUID := fmt.Sprintf(`%s:%d:%d`, usrName, subUID, subUIDs) etcSubUID := fmt.Sprintf(`%s:%d:%d`, usrName, subUID, subUIDs)
// Add a fake systemd service to get the user socket rolling
files = append(files, File{
Node: Node{
Group: GetNodeGrp(usrName),
Path: "/home/" + usrName + "/.config/systemd/user/linger-example.service",
User: GetNodeUsr(usrName),
},
FileEmbedded1: FileEmbedded1{
Append: nil,
Contents: Resource{
Source: EncodeDataURLPtr(lingerExampleFile),
},
Mode: IntToPtr(0744),
},
})
// Set containers.conf up for core user to use networks // Set containers.conf up for core user to use networks
// by default // by default
files = append(files, File{ files = append(files, File{
@ -589,16 +579,17 @@ func getSSLFile(path, content string) File {
} }
} }
func getLinks(usrName string) []Link { func getLinks() []Link {
return []Link{{ return []Link{{
Node: Node{ Node: Node{
Group: GetNodeGrp(usrName), Group: GetNodeGrp("root"),
Path: "/home/" + usrName + "/.config/systemd/user/default.target.wants/linger-example.service", Path: "/etc/systemd/user/sockets.target.wants/podman.socket",
User: GetNodeUsr(usrName), User: GetNodeUsr("root"),
Overwrite: BoolToPtr(true),
}, },
LinkEmbedded1: LinkEmbedded1{ LinkEmbedded1: LinkEmbedded1{
Hard: BoolToPtr(false), Hard: BoolToPtr(false),
Target: "/home/" + usrName + "/.config/systemd/user/linger-example.service", Target: "/usr/lib/systemd/user/podman.socket",
}, },
}, { }, {
Node: Node{ Node: Node{

14
pkg/machine/wsl/declares.go
View File

@ -28,6 +28,7 @@ const changePort = `sed -E -i 's/^Port[[:space:]]+[0-9]+/Port %d/' /etc/ssh/sshd
const configServices = `ln -fs /usr/lib/systemd/system/sshd.service /etc/systemd/system/multi-user.target.wants/sshd.service const configServices = `ln -fs /usr/lib/systemd/system/sshd.service /etc/systemd/system/multi-user.target.wants/sshd.service
ln -fs /usr/lib/systemd/system/podman.socket /etc/systemd/system/sockets.target.wants/podman.socket ln -fs /usr/lib/systemd/system/podman.socket /etc/systemd/system/sockets.target.wants/podman.socket
ln -fs /usr/lib/systemd/user/podman.socket /etc/systemd/user/sockets.target.wants/podman.socket
rm -f /etc/systemd/system/getty.target.wants/console-getty.service rm -f /etc/systemd/system/getty.target.wants/console-getty.service
rm -f /etc/systemd/system/getty.target.wants/getty@tty1.service rm -f /etc/systemd/system/getty.target.wants/getty@tty1.service
rm -f /etc/systemd/system/multi-user.target.wants/systemd-resolved.service rm -f /etc/systemd/system/multi-user.target.wants/systemd-resolved.service
@ -106,19 +107,6 @@ const overrideSysusers = `[Service]
LoadCredential= LoadCredential=
` `
const lingerService = `[Unit]
Description=A systemd user unit demo
After=network-online.target
Wants=network-online.target podman.socket
[Service]
ExecStart=/usr/bin/sleep infinity
`
const lingerSetup = `mkdir -p /home/[USER]/.config/systemd/user/default.target.wants
ln -fs /home/[USER]/.config/systemd/user/linger-example.service \
/home/[USER]/.config/systemd/user/default.target.wants/linger-example.service
`
const bindMountSystemService = ` const bindMountSystemService = `
[Unit] [Unit]
Description=Bind mount for system podman sockets Description=Bind mount for system podman sockets

17
pkg/machine/wsl/machine.go
View File

@ -173,19 +173,10 @@ func configureSystem(mc *vmconfigs.MachineConfig, dist string, ansibleConfig *vm
} }
} }
lingerCmd := withUser("cat > /home/[USER]/.config/systemd/[USER]/linger-example.service", user)
if err := wslPipe(lingerService, dist, "sh", "-c", lingerCmd); err != nil {
return fmt.Errorf("could not generate linger service for guest OS: %w", err)
}
if err := enableUserLinger(mc, dist); err != nil { if err := enableUserLinger(mc, dist); err != nil {
return err return err
} }
if err := wslPipe(withUser(lingerSetup, user), dist, "sh"); err != nil {
return fmt.Errorf("could not configure systemd settings for guest OS: %w", err)
}
if err := wslPipe(containersConf, dist, "sh", "-c", "cat > /etc/containers/containers.conf"); err != nil { if err := wslPipe(containersConf, dist, "sh", "-c", "cat > /etc/containers/containers.conf"); err != nil {
return fmt.Errorf("could not create containers.conf for guest OS: %w", err) return fmt.Errorf("could not create containers.conf for guest OS: %w", err)
} }
@ -214,6 +205,10 @@ func configureBindMounts(dist string, user string) error {
return fmt.Errorf("could not create podman binding service file for guest OS: %w", err) return fmt.Errorf("could not create podman binding service file for guest OS: %w", err)
} }
if err := wslPipe(getConfigBindServicesScript(user), dist, "sh"); err != nil {
return fmt.Errorf("could not configure podman binding services for guest OS: %w", err)
}
catUserService := "cat > " + getUserUnitPath(user) catUserService := "cat > " + getUserUnitPath(user)
if err := wslPipe(getBindMountUserService(dist), dist, "sh", "-c", catUserService); err != nil { if err := wslPipe(getBindMountUserService(dist), dist, "sh", "-c", catUserService); err != nil {
return fmt.Errorf("could not create podman binding user service file for guest OS: %w", err) return fmt.Errorf("could not create podman binding user service file for guest OS: %w", err)
@ -223,10 +218,6 @@ func configureBindMounts(dist string, user string) error {
return fmt.Errorf("could not create podman binding fstab entry for guest OS: %w", err) return fmt.Errorf("could not create podman binding fstab entry for guest OS: %w", err)
} }
if err := wslPipe(getConfigBindServicesScript(user), dist, "sh"); err != nil {
return fmt.Errorf("could not configure podman binding services for guest OS: %w", err)
}
catGroupDropin := fmt.Sprintf("cat > %s/%s", podmanSocketDropinPath, "10-group.conf") catGroupDropin := fmt.Sprintf("cat > %s/%s", podmanSocketDropinPath, "10-group.conf")
if err := wslPipe(overrideSocketGroup, dist, "sh", "-c", catGroupDropin); err != nil { if err := wslPipe(overrideSocketGroup, dist, "sh", "-c", catGroupDropin); err != nil {
return fmt.Errorf("could not configure podman socket group override: %w", err) return fmt.Errorf("could not configure podman socket group override: %w", err)