opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-10-18 03:33:32 +08:00
Code Issues Packages Projects Releases Wiki Activity

Ensure that Cleanup() will not run on active containers

Browse Source 
This ensures that containers with active exec sessions will not
have storage unmounted under them or network namespaces destroyed

Signed-off-by: Matthew Heon <matthew.heon@gmail.com>

Closes: #412
Approved by: baude
This commit is contained in:
Matthew Heon
2018-02-27 13:54:48 -05:00
committed by Atomic Bot
parent 8b87a17f56
commit 70baafc1c7
1 changed files with 10 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
libpod/container_api.go
View File

@ -603,6 +603,16 @@ func (c *Container) Cleanup() error {
}
}
// Check if state is good
if c.state.State == ContainerStateRunning || c.state.State == ContainerStatePaused {
return errors.Wrapf(ErrCtrStateInvalid, "container %s is running or paused, refusing to clean up", c.ID())
}
// Check if we have active exec sessions
if len(c.state.ExecSessions) != 0 {
return errors.Wrapf(ErrCtrStateInvalid, "container %s has active exec sessions, refusing to clean up", c.ID())
}
// Stop the container's network namespace (if it has one)
if err := c.cleanupNetwork(); err != nil {
logrus.Errorf("unable cleanup network for container %s: %q", c.ID(), err)