opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-06-21 09:28:09 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #8192 from rhatdan/shm

Browse Source 
Pod's that share the IPC Namespace need to share /dev/shm
This commit is contained in:
OpenShift Merge Robot
2020-10-30 16:54:00 +01:00
committed by GitHub
parent 3db54bacaa 916825b675
commit 6b5a94cf28
4 changed files with 45 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
libpod/runtime_pod_infra_linux.go
View File

@ -131,6 +131,7 @@ func (r *Runtime) makeInfraContainer(ctx context.Context, p *Pod, imgName, rawIm
logrus.Debugf("Using %q as infra container entrypoint", entryCmd) logrus.Debugf("Using %q as infra container entrypoint", entryCmd)
g.RemoveMount("/dev/shm")
if isRootless { if isRootless {
g.RemoveMount("/dev/pts") g.RemoveMount("/dev/pts")
devPts := spec.Mount{ devPts := spec.Mount{

1
pkg/specgen/generate/namespaces.go
View File

@ -127,6 +127,7 @@ func namespaceOptions(ctx context.Context, s *specgen.SpecGenerator, rt *libpod.
return nil, errNoInfra return nil, errNoInfra
} }
toReturn = append(toReturn, libpod.WithIPCNSFrom(infraCtr)) toReturn = append(toReturn, libpod.WithIPCNSFrom(infraCtr))
toReturn = append(toReturn, libpod.WithShmDir(infraCtr.ShmDir()))
case specgen.FromContainer: case specgen.FromContainer:
ipcCtr, err := rt.LookupContainer(s.IpcNS.Value) ipcCtr, err := rt.LookupContainer(s.IpcNS.Value)
if err != nil { if err != nil {

19
test/e2e/pod_pod_namespaces.go
View File

@ -60,6 +60,25 @@ var _ = Describe("Podman pod create", func() {
Expect(NAMESPACE1).To(Equal(NAMESPACE2)) Expect(NAMESPACE1).To(Equal(NAMESPACE2))
}) })
It("podman pod container share ipc && /dev/shm ", func() {
session := podmanTest.Podman([]string{"pod", "create"})
session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(0))
podID := session.OutputToString()
session = podmanTest.Podman([]string{"pod", "start", podID})
session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(0))
session = podmanTest.Podman([]string{"run", "--rm", "--pod", podID, ALPINE, "touch", "/dev/shm/test"})
session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(0))
session = podmanTest.Podman([]string{"run", "--rm", "--pod", podID, ALPINE, "ls", "/dev/shm/test"})
session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(0))
})
It("podman pod container dontshare PIDNS", func() { It("podman pod container dontshare PIDNS", func() {
session := podmanTest.Podman([]string{"pod", "create"}) session := podmanTest.Podman([]string{"pod", "create"})
session.WaitWithDefaultTimeout() session.WaitWithDefaultTimeout()

24
test/system/200-pod.bats
View File

@ -116,6 +116,30 @@ function teardown() {
run_podman 1 pod exists $podname run_podman 1 pod exists $podname
} }
@test "podman pod - communicating via /dev/shm " {
if is_remote && is_rootless; then
skip "FIXME: pending #7139"
fi
podname=pod$(random_string)
run_podman 1 pod exists $podname
run_podman pod create --infra=true --name=$podname
podid="$output"
run_podman pod exists $podname
run_podman pod exists $podid
run_podman run --rm --pod $podname $IMAGE touch /dev/shm/test1
run_podman run --rm --pod $podname $IMAGE ls /dev/shm/test1
is "$output" "/dev/shm/test1"
# ...then rm the pod, then rmi the pause image so we don't leave strays.
run_podman pod rm $podname
# Pod no longer exists
run_podman 1 pod exists $podid
run_podman 1 pod exists $podname
}
# Random byte # Random byte
function octet() { function octet() {
echo $(( $RANDOM & 255 )) echo $(( $RANDOM & 255 ))