opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-07-03 01:08:02 +08:00
Code Issues Packages Projects Releases Wiki Activity

rootless: make sure we only use a single pause process

Browse Source 
Currently --tmpdir changes the location of the pause.pid file. this
causes issues because the c code in pkg/rootless does not know about
that. I tried to fix this[1] by fixing the c code to not use the
shortcut. While this fix worked it will result in many pause processes
leaking in the integrration tests.

Commit ab88632 added this behavior but following the disccusion it was
never the intention that we end up having more than one pause process.
The issues that was trying to fix was caused by somthing else AFAICT,
the main problem seems to be that the pause.pid file parent directory
may not be created when we try to create the pid file so it failed with
ENOENT. This patch fixes it by creating this directory always and revert
the change to no longer depend on the tmpdir value.

With this commit we now always use XDG_RUNTIME_DIR/libpod/tmp/pause.pid
for all podman processes. This allows the c shortcut to work reliably
and should therefore improve perfomance over my other approach.

A system test is added to ensure we see the right behavior and that
podman system migrate actually stops the pause process. Thanks to Ed
Santiago for the improved test to make it work for both `catatonit` and
`podman pause`.

This should fix the issues with namespace missmatches that we can see in
CI as flakes.

[1] https://github.com/containers/podman/pull/18057

Fixes #18057

Signed-off-by: Paul Holzinger <pholzing@redhat.com>
This commit is contained in:
Paul Holzinger
2023-04-06 14:41:10 +02:00
parent 4857c65d3e
commit bab95de9a2
6 changed files with 93 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
libpod/runtime.go
View File

@ -579,10 +579,17 @@ func makeRuntime(runtime *Runtime) (retErr error) {
}
unLockFunc()
unLockFunc = nil
pausePid, err := util.GetRootlessPauseProcessPidPathGivenDir(runtime.config.Engine.TmpDir)
pausePid, err := util.GetRootlessPauseProcessPidPath()
if err != nil {
return fmt.Errorf("could not get pause process pid file path: %w", err)
}
// create the path in case it does not already exists
// https://github.com/containers/podman/issues/8539
if err := os.MkdirAll(filepath.Dir(pausePid), 0o700); err != nil {
return fmt.Errorf("could not create pause process pid file directory: %w", err)
}
became, ret, err := rootless.BecomeRootInUserNS(pausePid)
if err != nil {
return err