From a66bab340324eeb9c0d1f999c479a3d3c8f60a2d Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Fri, 9 Jun 2023 11:16:24 -0400 Subject: [PATCH 1/2] Add WorkingDir support to quadlet One feature needed for podmansh is the ability to set the default homedir to be the workingdir when you login. Signed-off-by: Daniel J Walsh --- docs/source/markdown/podman-systemd.unit.5.md | 7 ++++ pkg/systemd/quadlet/quadlet.go | 6 +++ test/e2e/quadlet/workingdir.container | 6 +++ test/e2e/quadlet_test.go | 41 ++++++++++--------- 4 files changed, 40 insertions(+), 20 deletions(-) create mode 100644 test/e2e/quadlet/workingdir.container diff --git a/docs/source/markdown/podman-systemd.unit.5.md b/docs/source/markdown/podman-systemd.unit.5.md index 43d7e8890a..39d1c62601 100644 --- a/docs/source/markdown/podman-systemd.unit.5.md +++ b/docs/source/markdown/podman-systemd.unit.5.md @@ -137,6 +137,7 @@ Valid options for `[Container]` are listed below: | UserNS=keep-id:uid=200,gid=210 | --userns keep-id:uid=200,gid=210 | | VolatileTmp=true | --tmpfs /tmp | | Volume=/source:/dest | --volume /source:/dest | +| WorkingDir=$HOME | --workdir $HOME | Description of `[Container]` section are: @@ -491,6 +492,12 @@ created by using a `$name.volume` Quadlet file. This key can be listed multiple times. +### `WorkingDir=` (default to images working dir) + +Working directory inside the container. + +The default working directory for running binaries within a container is the root directory (/). The image developer can set a different default with the WORKDIR instruction. This option overrides the working directory by using the -w option. + ## Kube units [Kube] Kube units are named with a `.kube` extension and contain a `[Kube]` section describing diff --git a/pkg/systemd/quadlet/quadlet.go b/pkg/systemd/quadlet/quadlet.go index 3e514dd17a..a01bf64219 100644 --- a/pkg/systemd/quadlet/quadlet.go +++ b/pkg/systemd/quadlet/quadlet.go @@ -104,6 +104,7 @@ const ( KeyUserNS = "UserNS" KeyVolatileTmp = "VolatileTmp" KeyVolume = "Volume" + KeyWorkingDir = "WorkingDir" KeyYaml = "Yaml" ) @@ -168,6 +169,7 @@ var ( KeyUserNS: true, KeyVolatileTmp: true, KeyVolume: true, + KeyWorkingDir: true, } // Supported keys in "Volume" group @@ -504,6 +506,10 @@ func ConvertContainer(container *parser.UnitFile, isUser bool) (*parser.UnitFile } } + if workdir, exists := container.Lookup(ContainerGroup, KeyWorkingDir); exists { + podman.addf("-w=%s", workdir) + } + if err := handleUserRemap(container, ContainerGroup, podman, isUser, true); err != nil { return nil, err } diff --git a/test/e2e/quadlet/workingdir.container b/test/e2e/quadlet/workingdir.container new file mode 100644 index 0000000000..28a082b0dd --- /dev/null +++ b/test/e2e/quadlet/workingdir.container @@ -0,0 +1,6 @@ +## assert-podman-final-args localhost/imagename +## assert-podman-args "-w=%h" + +[Container] +Image=localhost/imagename +WorkingDir=%h diff --git a/test/e2e/quadlet_test.go b/test/e2e/quadlet_test.go index 858a394041..176a5ecc93 100644 --- a/test/e2e/quadlet_test.go +++ b/test/e2e/quadlet_test.go @@ -536,51 +536,52 @@ var _ = Describe("quadlet system generator", func() { Entry("basepodman.container", "basepodman.container"), Entry("capabilities.container", "capabilities.container"), Entry("capabilities2.container", "capabilities2.container"), - Entry("disableselinux.container", "disableselinux.container"), - Entry("nestedselinux.container", "nestedselinux.container"), Entry("devices.container", "devices.container"), + Entry("disableselinux.container", "disableselinux.container"), + Entry("env-file.container", "env-file.container"), + Entry("env-host-false.container", "env-host-false.container"), + Entry("env-host.container", "env-host.container"), Entry("env.container", "env.container"), Entry("escapes.container", "escapes.container"), Entry("exec.container", "exec.container"), + Entry("health.container", "health.container"), + Entry("hostname.container", "hostname.container"), Entry("image.container", "image.container"), Entry("install.container", "install.container"), Entry("ip.container", "ip.container"), Entry("label.container", "label.container"), + Entry("logdriver.container", "logdriver.container"), + Entry("mount.container", "mount.container"), Entry("name.container", "name.container"), + Entry("nestedselinux.container", "nestedselinux.container"), Entry("network.container", "network.container"), Entry("network.quadlet.container", "network.quadlet.container"), Entry("noimage.container", "noimage.container"), Entry("notify.container", "notify.container"), Entry("oneshot.container", "oneshot.container"), - Entry("rootfs.container", "rootfs.container"), - Entry("selinux.container", "selinux.container"), Entry("other-sections.container", "other-sections.container"), Entry("podmanargs.container", "podmanargs.container"), Entry("ports.container", "ports.container"), Entry("ports_ipv6.container", "ports_ipv6.container"), + Entry("pull.container", "pull.container"), Entry("readonly-notmpfs.container", "readonly-notmpfs.container"), - Entry("readwrite.container", "readwrite.container"), Entry("readwrite-notmpfs.container", "readwrite-notmpfs.container"), - Entry("seccomp.container", "seccomp.container"), - Entry("shortname.container", "shortname.container"), - Entry("sysctl.container", "sysctl.container"), - Entry("timezone.container", "timezone.container"), - Entry("user.container", "user.container"), - Entry("remap-manual.container", "remap-manual.container"), + Entry("readwrite.container", "readwrite.container"), Entry("remap-auto.container", "remap-auto.container"), Entry("remap-auto2.container", "remap-auto2.container"), Entry("remap-keep-id.container", "remap-keep-id.container"), Entry("remap-keep-id2.container", "remap-keep-id2.container"), - Entry("volume.container", "volume.container"), - Entry("env-file.container", "env-file.container"), - Entry("env-host.container", "env-host.container"), - Entry("env-host-false.container", "env-host-false.container"), + Entry("remap-manual.container", "remap-manual.container"), + Entry("rootfs.container", "rootfs.container"), + Entry("seccomp.container", "seccomp.container"), Entry("secrets.container", "secrets.container"), - Entry("logdriver.container", "logdriver.container"), - Entry("mount.container", "mount.container"), - Entry("health.container", "health.container"), - Entry("hostname.container", "hostname.container"), - Entry("pull.container", "pull.container"), + Entry("selinux.container", "selinux.container"), + Entry("shortname.container", "shortname.container"), + Entry("sysctl.container", "sysctl.container"), + Entry("timezone.container", "timezone.container"), + Entry("user.container", "user.container"), + Entry("volume.container", "volume.container"), + Entry("workingdir.container", "workingdir.container"), Entry("basic.volume", "basic.volume"), Entry("label.volume", "label.volume"), From 16092930c7600c1c0d7ae035564a626f12c19ea5 Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Mon, 12 Jun 2023 08:07:42 -0400 Subject: [PATCH 2/2] Update docs/source/markdown/podman-systemd.unit.5.md Co-authored-by: Valentin Rothberg Signed-off-by: Daniel J Walsh --- docs/source/markdown/podman-systemd.unit.5.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/source/markdown/podman-systemd.unit.5.md b/docs/source/markdown/podman-systemd.unit.5.md index 39d1c62601..d637334f0c 100644 --- a/docs/source/markdown/podman-systemd.unit.5.md +++ b/docs/source/markdown/podman-systemd.unit.5.md @@ -492,7 +492,7 @@ created by using a `$name.volume` Quadlet file. This key can be listed multiple times. -### `WorkingDir=` (default to images working dir) +### `WorkingDir=` Working directory inside the container.