opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-06-26 21:07:02 +08:00
Code Issues Packages Projects Releases Wiki Activity

V2 Commands that require ParentNS (rootful) are report error

Browse Source 
* Updated unmount to require ParentNS

Signed-off-by: Jhon Honce <jhonce@redhat.com>
This commit is contained in:
Jhon Honce
2020-04-30 12:14:57 -07:00
parent 6900517f10
commit 399939a3de
2 changed files with 14 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
cmd/podman/containers/unmount.go
View File

@ -27,6 +27,9 @@ var (
Args: func(cmd *cobra.Command, args []string) error {
return parse.CheckAllLatestAndCIDFile(cmd, args, false, false)
},
Annotations: map[string]string{
registry.ParentNSRequired: "",
},
Example: `podman umount ctrID
podman umount ctrID1 ctrID2 ctrID3
podman umount --all`,

11
cmd/podman/main.go
View File

@ -1,6 +1,7 @@
package main
import (
"fmt"
"os"
_ "github.com/containers/libpod/cmd/podman/containers"
@ -12,7 +13,9 @@ import (
"github.com/containers/libpod/cmd/podman/registry"
_ "github.com/containers/libpod/cmd/podman/system"
_ "github.com/containers/libpod/cmd/podman/volumes"
"github.com/containers/libpod/pkg/rootless"
"github.com/containers/storage/pkg/reexec"
"github.com/spf13/cobra"
)
func main() {
@ -26,6 +29,14 @@ func main() {
for _, c := range registry.Commands {
for _, m := range c.Mode {
if cfg.EngineMode == m {
// Command cannot be run rootless
_, found := c.Command.Annotations[registry.ParentNSRequired]
if rootless.IsRootless() && found {
c.Command.RunE = func(cmd *cobra.Command, args []string) error {
return fmt.Errorf("cannot `%s` in rootless mode", cmd.CommandPath())
}
}
parent := rootCmd
if c.Parent != nil {
parent = c.Parent