Report errors when trying to pause rootless containers

If you are running a rootless container on cgroupV1
you can not pause the container.  We need to report the proper error
if this happens.

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>

libpod/container_internal.go

@@ -14,6 +14,7 @@ import (
 
 	"github.com/containers/libpod/libpod/define"
 	"github.com/containers/libpod/libpod/events"
+	"github.com/containers/libpod/pkg/cgroups"
 	"github.com/containers/libpod/pkg/ctime"
 	"github.com/containers/libpod/pkg/hooks"
 	"github.com/containers/libpod/pkg/hooks/exec"
@@ -1132,6 +1133,16 @@ func (c *Container) pause() error {
 		return errors.Wrapf(define.ErrNoCgroups, "cannot pause without using CGroups")
 	}
 
+	if rootless.IsRootless() {
+		cgroupv2, err := cgroups.IsCgroup2UnifiedMode()
+		if err != nil {
+			return errors.Wrap(err, "failed to determine cgroupversion")
+		}
+		if !cgroupv2 {
+			return errors.Wrap(define.ErrNoCgroups, "can not pause containers on rootless containers with cgroup V1")
+		}
+	}
+
 	if err := c.ociRuntime.pauseContainer(c); err != nil {
 		return err
 	}

libpod/pod_api.go

@@ -5,6 +5,8 @@ import (
 
 	"github.com/containers/libpod/libpod/define"
 	"github.com/containers/libpod/libpod/events"
+	"github.com/containers/libpod/pkg/cgroups"
+	"github.com/containers/libpod/pkg/rootless"
 	"github.com/pkg/errors"
 	"github.com/sirupsen/logrus"
 )
@@ -163,6 +165,16 @@ func (p *Pod) Pause() (map[string]error, error) {
 		return nil, define.ErrPodRemoved
 	}
 
+	if rootless.IsRootless() {
+		cgroupv2, err := cgroups.IsCgroup2UnifiedMode()
+		if err != nil {
+			return nil, errors.Wrap(err, "failed to determine cgroupversion")
+		}
+		if !cgroupv2 {
+			return nil, errors.Wrap(define.ErrNoCgroups, "can not pause pods containing rootless containers with cgroup V1")
+		}
+	}
+
 	allCtrs, err := p.runtime.state.PodContainers(p)
 	if err != nil {
 		return nil, err

pkg/varlinkapi/containers.go

@@ -319,13 +319,15 @@ func (i *LibpodAPI) ExportContainer(call iopodman.VarlinkCall, name, outPath str
 
 // GetContainerStats ...
 func (i *LibpodAPI) GetContainerStats(call iopodman.VarlinkCall, name string) error {
+	if rootless.IsRootless() {
 		cgroupv2, err := cgroups.IsCgroup2UnifiedMode()
 		if err != nil {
 			return call.ReplyErrorOccurred(err.Error())
 		}
-	if rootless.IsRootless() && !cgroupv2 {
+		if !cgroupv2 {
 			return call.ReplyErrRequiresCgroupsV2ForRootless("rootless containers cannot report container stats")
 		}
+	}
 	ctr, err := i.Runtime.LookupContainer(name)
 	if err != nil {
 		return call.ReplyContainerNotFound(name, err.Error())

pkg/varlinkapi/pods.go

@@ -5,12 +5,12 @@ package varlinkapi
 import (
 	"encoding/json"
 	"fmt"
-	"github.com/containers/libpod/pkg/adapter/shortcuts"
 	"syscall"
 
 	"github.com/containers/libpod/cmd/podman/shared"
 	"github.com/containers/libpod/cmd/podman/varlink"
 	"github.com/containers/libpod/libpod"
+	"github.com/containers/libpod/pkg/adapter/shortcuts"
 )
 
 // CreatePod ...