opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-08-01 07:40:22 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #3177 from mheon/duplicate_volumes

Browse Source 
When superceding mounts, check for opposite types
This commit is contained in:
OpenShift Merge Robot
2019-05-22 00:10:40 +02:00
committed by GitHub
parent 1cf9a1bdba 43f28cdc16
commit 488b698040
2 changed files with 39 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
pkg/spec/storage.go
View File

@ -135,6 +135,29 @@ func (config *CreateConfig) parseVolumes(runtime *libpod.Runtime) ([]spec.Mount,
unifiedMounts[initMount.Destination] = initMount unifiedMounts[initMount.Destination] = initMount
} }
// Before superceding, we need to find volume mounts which conflict with
// named volumes, and vice versa.
// We'll delete the conflicts here as we supercede.
for dest := range unifiedMounts {
if _, ok := baseVolumes[dest]; ok {
delete(baseVolumes, dest)
}
}
for dest := range unifiedVolumes {
if _, ok := baseMounts[dest]; ok {
delete(baseMounts, dest)
}
}
// Supercede volumes-from/image volumes with unified volumes from above.
// This is an unconditional replacement.
for dest, mount := range unifiedMounts {
baseMounts[dest] = mount
}
for dest, volume := range unifiedVolumes {
baseVolumes[dest] = volume
}
// If requested, add tmpfs filesystems for read-only containers. // If requested, add tmpfs filesystems for read-only containers.
// Need to keep track of which we created, so we don't modify options // Need to keep track of which we created, so we don't modify options
// for them later... // for them later...
@ -146,14 +169,14 @@ func (config *CreateConfig) parseVolumes(runtime *libpod.Runtime) ([]spec.Mount,
if config.ReadOnlyRootfs && config.ReadOnlyTmpfs { if config.ReadOnlyRootfs && config.ReadOnlyTmpfs {
options := []string{"rw", "rprivate", "nosuid", "nodev", "tmpcopyup", "size=65536k"} options := []string{"rw", "rprivate", "nosuid", "nodev", "tmpcopyup", "size=65536k"}
for dest := range readonlyTmpfs { for dest := range readonlyTmpfs {
if _, ok := unifiedMounts[dest]; ok { if _, ok := baseMounts[dest]; ok {
continue continue
} }
localOpts := options localOpts := options
if dest == "/run" { if dest == "/run" {
localOpts = append(localOpts, "noexec") localOpts = append(localOpts, "noexec")
} }
unifiedMounts[dest] = spec.Mount{ baseMounts[dest] = spec.Mount{
Destination: dest, Destination: dest,
Type: "tmpfs", Type: "tmpfs",
Source: "tmpfs", Source: "tmpfs",
@ -163,15 +186,6 @@ func (config *CreateConfig) parseVolumes(runtime *libpod.Runtime) ([]spec.Mount,
} }
} }
// Supercede volumes-from/image volumes with unified volumes from above.
// This is an unconditional replacement.
for dest, mount := range unifiedMounts {
baseMounts[dest] = mount
}
for dest, volume := range unifiedVolumes {
baseVolumes[dest] = volume
}
// Check for conflicts between named volumes and mounts // Check for conflicts between named volumes and mounts
for dest := range baseMounts { for dest := range baseMounts {
if _, ok := baseVolumes[dest]; ok { if _, ok := baseVolumes[dest]; ok {

14
test/e2e/run_volume_test.go
View File

@ -104,4 +104,18 @@ var _ = Describe("Podman run with volumes", func() {
session.WaitWithDefaultTimeout() session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(125)) Expect(session.ExitCode()).To(Equal(125))
}) })
It("podman run with conflict between image volume and user mount succeeds", func() {
podmanTest.RestoreArtifact(redis)
mountPath := filepath.Join(podmanTest.TempDir, "secrets")
err := os.Mkdir(mountPath, 0755)
Expect(err).To(BeNil())
testFile := filepath.Join(mountPath, "test1")
f, err := os.Create(testFile)
f.Close()
Expect(err).To(BeNil())
session := podmanTest.Podman([]string{"run", "-v", fmt.Sprintf("%s:/data", mountPath), redis, "ls", "/data/test1"})
session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(0))
})
}) })