Merge pull request #6951 from mheon/check_full_command

When determining systemd mode, use full command
2025-06-20 00:51:16 +08:00 · 2020-07-14 21:09:00 +02:00
parent a9a751feef 05988fc74f
commit c078e936bf
6 changed files with 104 additions and 65 deletions
--- a/libpod/container_inspect.go
+++ b/libpod/container_inspect.go
@ -289,6 +289,7 @@ func (c *Container) generateInspectContainerConfig(spec *spec.Spec) *define.Insp

 	ctrConfig.OpenStdin = c.config.Stdin
 	ctrConfig.Image = c.config.RootfsImageName
+	ctrConfig.SystemdMode = c.config.Systemd

 	// Leave empty is not explicitly overwritten by user
 	if len(c.config.Command) != 0 {
--- a/libpod/define/container_inspect.go
+++ b/libpod/define/container_inspect.go
@ -57,6 +57,10 @@ type InspectContainerConfig struct {
 	// Timezone is the timezone inside the container.
 	// Local means it has the same timezone as the host machine
 	Timezone string `json:"Timezone,omitempty"`
+	// SystemdMode is whether the container is running in systemd mode. In
+	// systemd mode, the container configuration is customized to optimize
+	// running systemd in the container.
+	SystemdMode bool `json:"SystemdMode,omitempty"`
 }

 // InspectRestartPolicy holds information about the container's restart policy.
@ -631,3 +635,56 @@ type InspectContainerData struct {
 	Config          *InspectContainerConfig     `json:"Config"`
 	HostConfig      *InspectContainerHostConfig `json:"HostConfig"`
 }
+
+// InspectExecSession contains information about a given exec session.
+type InspectExecSession struct {
+	// CanRemove is legacy and used purely for compatibility reasons.
+	// Will always be set to true, unless the exec session is running.
+	CanRemove bool `json:"CanRemove"`
+	// ContainerID is the ID of the container this exec session is attached
+	// to.
+	ContainerID string `json:"ContainerID"`
+	// DetachKeys are the detach keys used by the exec session.
+	// If set to "" the default keys are being used.
+	// Will show "<none>" if no detach keys are set.
+	DetachKeys string `json:"DetachKeys"`
+	// ExitCode is the exit code of the exec session. Will be set to 0 if
+	// the exec session has not yet exited.
+	ExitCode int `json:"ExitCode"`
+	// ID is the ID of the exec session.
+	ID string `json:"ID"`
+	// OpenStderr is whether the container's STDERR stream will be attached.
+	// Always set to true if the exec session created a TTY.
+	OpenStderr bool `json:"OpenStderr"`
+	// OpenStdin is whether the container's STDIN stream will be attached
+	// to.
+	OpenStdin bool `json:"OpenStdin"`
+	// OpenStdout is whether the container's STDOUT stream will be attached.
+	// Always set to true if the exec session created a TTY.
+	OpenStdout bool `json:"OpenStdout"`
+	// Running is whether the exec session is running.
+	Running bool `json:"Running"`
+	// Pid is the PID of the exec session's process.
+	// Will be set to 0 if the exec session is not running.
+	Pid int `json:"Pid"`
+	// ProcessConfig contains information about the exec session's process.
+	ProcessConfig *InspectExecProcess `json:"ProcessConfig"`
+}
+
+// InspectExecProcess contains information about the process in a given exec
+// session.
+type InspectExecProcess struct {
+	// Arguments are the arguments to the entrypoint command of the exec
+	// session.
+	Arguments []string `json:"arguments"`
+	// Entrypoint is the entrypoint for the exec session (the command that
+	// will be executed in the container).
+	Entrypoint string `json:"entrypoint"`
+	// Privileged is whether the exec session will be started with elevated
+	// privileges.
+	Privileged bool `json:"privileged"`
+	// Tty is whether the exec session created a terminal.
+	Tty bool `json:"tty"`
+	// User is the user the exec session was started as.
+	User string `json:"user"`
+}
--- a/libpod/define/ctr_inspect.go
+++ b/libpod/define/ctr_inspect.go
@ -1,54 +0,0 @@
-package define
-
-// InspectExecSession contains information about a given exec session.
-type InspectExecSession struct {
-	// CanRemove is legacy and used purely for compatibility reasons.
-	// Will always be set to true, unless the exec session is running.
-	CanRemove bool `json:"CanRemove"`
-	// ContainerID is the ID of the container this exec session is attached
-	// to.
-	ContainerID string `json:"ContainerID"`
-	// DetachKeys are the detach keys used by the exec session.
-	// If set to "" the default keys are being used.
-	// Will show "<none>" if no detach keys are set.
-	DetachKeys string `json:"DetachKeys"`
-	// ExitCode is the exit code of the exec session. Will be set to 0 if
-	// the exec session has not yet exited.
-	ExitCode int `json:"ExitCode"`
-	// ID is the ID of the exec session.
-	ID string `json:"ID"`
-	// OpenStderr is whether the container's STDERR stream will be attached.
-	// Always set to true if the exec session created a TTY.
-	OpenStderr bool `json:"OpenStderr"`
-	// OpenStdin is whether the container's STDIN stream will be attached
-	// to.
-	OpenStdin bool `json:"OpenStdin"`
-	// OpenStdout is whether the container's STDOUT stream will be attached.
-	// Always set to true if the exec session created a TTY.
-	OpenStdout bool `json:"OpenStdout"`
-	// Running is whether the exec session is running.
-	Running bool `json:"Running"`
-	// Pid is the PID of the exec session's process.
-	// Will be set to 0 if the exec session is not running.
-	Pid int `json:"Pid"`
-	// ProcessConfig contains information about the exec session's process.
-	ProcessConfig *InspectExecProcess `json:"ProcessConfig"`
-}
-
-// InspectExecProcess contains information about the process in a given exec
-// session.
-type InspectExecProcess struct {
-	// Arguments are the arguments to the entrypoint command of the exec
-	// session.
-	Arguments []string `json:"arguments"`
-	// Entrypoint is the entrypoint for the exec session (the command that
-	// will be executed in the container).
-	Entrypoint string `json:"entrypoint"`
-	// Privileged is whether the exec session will be started with elevated
-	// privileges.
-	Privileged bool `json:"privileged"`
-	// Tty is whether the exec session created a terminal.
-	Tty bool `json:"tty"`
-	// User is the user the exec session was started as.
-	User string `json:"user"`
-}
--- a/pkg/specgen/generate/container_create.go
+++ b/pkg/specgen/generate/container_create.go
@ -106,11 +106,12 @@ func MakeContainer(ctx context.Context, rt *libpod.Runtime, s *specgen.SpecGener
 		return nil, err
 	}

-	if s.PreserveFDs > 0 {
-		options = append(options, libpod.WithPreserveFDs(s.PreserveFDs))
+	command, err := makeCommand(ctx, s, newImage, rtc)
+	if err != nil {
+		return nil, err
 	}

-	opts, err := createContainerOptions(ctx, rt, s, pod, finalVolumes, newImage)
+	opts, err := createContainerOptions(ctx, rt, s, pod, finalVolumes, newImage, command)
 	if err != nil {
 		return nil, err
 	}
@ -122,17 +123,21 @@ func MakeContainer(ctx context.Context, rt *libpod.Runtime, s *specgen.SpecGener
 	}
 	options = append(options, libpod.WithExitCommand(exitCommandArgs))

-	runtimeSpec, err := SpecGenToOCI(ctx, s, rt, rtc, newImage, finalMounts, pod)
+	runtimeSpec, err := SpecGenToOCI(ctx, s, rt, rtc, newImage, finalMounts, pod, command)
 	if err != nil {
 		return nil, err
 	}
 	return rt.NewContainer(ctx, runtimeSpec, options...)
 }

-func createContainerOptions(ctx context.Context, rt *libpod.Runtime, s *specgen.SpecGenerator, pod *libpod.Pod, volumes []*specgen.NamedVolume, img *image.Image) ([]libpod.CtrCreateOption, error) {
+func createContainerOptions(ctx context.Context, rt *libpod.Runtime, s *specgen.SpecGenerator, pod *libpod.Pod, volumes []*specgen.NamedVolume, img *image.Image, command []string) ([]libpod.CtrCreateOption, error) {
 	var options []libpod.CtrCreateOption
 	var err error

+	if s.PreserveFDs > 0 {
+		options = append(options, libpod.WithPreserveFDs(s.PreserveFDs))
+	}
+
 	if s.Stdin {
 		options = append(options, libpod.WithStdin())
 	}
@ -148,7 +153,6 @@ func createContainerOptions(ctx context.Context, rt *libpod.Runtime, s *specgen.
 	case "false":
 		break
 	case "", "true":
-		command := s.Command
 		if len(command) == 0 {
 			command, err = img.Cmd(ctx)
 			if err != nil {
--- a/pkg/specgen/generate/oci.go
+++ b/pkg/specgen/generate/oci.go
@ -126,7 +126,7 @@ func makeCommand(ctx context.Context, s *specgen.SpecGenerator, img *image.Image
 	return finalCommand, nil
 }

-func SpecGenToOCI(ctx context.Context, s *specgen.SpecGenerator, rt *libpod.Runtime, rtc *config.Config, newImage *image.Image, mounts []spec.Mount, pod *libpod.Pod) (*spec.Spec, error) {
+func SpecGenToOCI(ctx context.Context, s *specgen.SpecGenerator, rt *libpod.Runtime, rtc *config.Config, newImage *image.Image, mounts []spec.Mount, pod *libpod.Pod, finalCmd []string) (*spec.Spec, error) {
 	var (
 		inUserNS bool
 	)
@ -252,10 +252,6 @@ func SpecGenToOCI(ctx context.Context, s *specgen.SpecGenerator, rt *libpod.Runt
 	}
 	g.SetProcessCwd(s.WorkDir)

-	finalCmd, err := makeCommand(ctx, s, newImage, rtc)
-	if err != nil {
-		return nil, err
-	}
 	g.SetProcessArgs(finalCmd)

 	g.SetProcessTerminal(s.Terminal)
--- a/test/e2e/systemd_test.go
+++ b/test/e2e/systemd_test.go
@ -112,5 +112,40 @@ WantedBy=multi-user.target
 		systemctl.WaitWithDefaultTimeout()
 		Expect(systemctl.ExitCode()).To(Equal(0))
 		Expect(strings.Contains(systemctl.OutputToString(), "State:")).To(BeTrue())
+
+		result := podmanTest.Podman([]string{"inspect", ctrName})
+		result.WaitWithDefaultTimeout()
+		Expect(result.ExitCode()).To(Equal(0))
+		conData := result.InspectContainerToJSON()
+		Expect(len(conData)).To(Equal(1))
+		Expect(conData[0].Config.SystemdMode).To(BeTrue())
+	})
+
+	It("podman create container with systemd entrypoint triggers systemd mode", func() {
+		ctrName := "testCtr"
+		run := podmanTest.Podman([]string{"create", "--name", ctrName, "--entrypoint", "/sbin/init", ubi_init})
+		run.WaitWithDefaultTimeout()
+		Expect(run.ExitCode()).To(Equal(0))
+
+		result := podmanTest.Podman([]string{"inspect", ctrName})
+		result.WaitWithDefaultTimeout()
+		Expect(result.ExitCode()).To(Equal(0))
+		conData := result.InspectContainerToJSON()
+		Expect(len(conData)).To(Equal(1))
+		Expect(conData[0].Config.SystemdMode).To(BeTrue())
+	})
+
+	It("podman create container with systemd=always triggers systemd mode", func() {
+		ctrName := "testCtr"
+		run := podmanTest.Podman([]string{"create", "--name", ctrName, "--systemd", "always", ALPINE})
+		run.WaitWithDefaultTimeout()
+		Expect(run.ExitCode()).To(Equal(0))
+
+		result := podmanTest.Podman([]string{"inspect", ctrName})
+		result.WaitWithDefaultTimeout()
+		Expect(result.ExitCode()).To(Equal(0))
+		conData := result.InspectContainerToJSON()
+		Expect(len(conData)).To(Equal(1))
+		Expect(conData[0].Config.SystemdMode).To(BeTrue())
 	})
 })