mirror of
https://github.com/containers/podman.git
synced 2025-07-03 01:08:02 +08:00
pkg/util: use code from c/storage
[NO NEW TESTS NEEDED] no new functionalities are added Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
This commit is contained in:
Giuseppe Scrivano
@ -150,7 +150,7 @@ func resolveEventSock() ([]string, error) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func eventSockDir() (string, error) {
|
func eventSockDir() (string, error) {
|
||||||
xdg, err := util.GetRuntimeDir()
|
xdg, err := util.GetRootlessRuntimeDir()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return "", err
|
return "", err
|
||||||
}
|
}
|
||||||
|
|||||||
@ -134,7 +134,7 @@ func setXdgDirs() error {
|
|||||||
|
|
||||||
// Set up XDG_RUNTIME_DIR
|
// Set up XDG_RUNTIME_DIR
|
||||||
if _, found := os.LookupEnv("XDG_RUNTIME_DIR"); !found {
|
if _, found := os.LookupEnv("XDG_RUNTIME_DIR"); !found {
|
||||||
dir, err := util.GetRuntimeDir()
|
dir, err := util.GetRootlessRuntimeDir()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|||||||
@ -99,7 +99,7 @@ func GetContext() context.Context {
|
|||||||
|
|
||||||
func DefaultAPIAddress() string {
|
func DefaultAPIAddress() string {
|
||||||
if rootless.IsRootless() {
|
if rootless.IsRootless() {
|
||||||
xdg, err := util.GetRuntimeDir()
|
xdg, err := util.GetRootlessRuntimeDir()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logrus.Warnf("Failed to get rootless runtime dir for DefaultAPIAddress: %s", err)
|
logrus.Warnf("Failed to get rootless runtime dir for DefaultAPIAddress: %s", err)
|
||||||
return DefaultRootAPIAddress
|
return DefaultRootAPIAddress
|
||||||
|
|||||||
@ -130,7 +130,7 @@ func resolveAPIURI(uri []string) (string, error) {
|
|||||||
logrus.Info("Using systemd socket activation to determine API endpoint")
|
logrus.Info("Using systemd socket activation to determine API endpoint")
|
||||||
return "", nil
|
return "", nil
|
||||||
case rootless.IsRootless():
|
case rootless.IsRootless():
|
||||||
xdg, err := util.GetRuntimeDir()
|
xdg, err := util.GetRootlessRuntimeDir()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return "", err
|
return "", err
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,6 +1,7 @@
|
|||||||
# /tmp/podman-run-* directory can contain content for Podman containers that have run
|
# /tmp/podman-run-* directory can contain content for Podman containers that have run
|
||||||
# for many days. This following line prevents systemd from removing this content.
|
# for many days. This following line prevents systemd from removing this content.
|
||||||
x /tmp/podman-run-*
|
x /tmp/podman-run-*
|
||||||
|
x /tmp/storage-run-*
|
||||||
x /tmp/containers-user-*
|
x /tmp/containers-user-*
|
||||||
x /tmp/run-*/libpod
|
x /tmp/run-*/libpod
|
||||||
D! /var/lib/containers/storage/tmp 0700 root root
|
D! /var/lib/containers/storage/tmp 0700 root root
|
||||||
|
|||||||
@ -328,7 +328,7 @@ func (c *Container) execPS(psArgs []string) ([]string, bool, error) {
|
|||||||
cmd.Stdout = wPipe
|
cmd.Stdout = wPipe
|
||||||
cmd.Stderr = &errBuf
|
cmd.Stderr = &errBuf
|
||||||
// nil means use current env so explicitly unset all, to not leak any sensitive env vars
|
// nil means use current env so explicitly unset all, to not leak any sensitive env vars
|
||||||
cmd.Env = []string{}
|
cmd.Env = []string{fmt.Sprintf("HOME=%s", os.Getenv("HOME"))}
|
||||||
|
|
||||||
retryContainerExec := true
|
retryContainerExec := true
|
||||||
err = cmd.Run()
|
err = cmd.Run()
|
||||||
|
|||||||
@ -82,7 +82,7 @@ func (r *RootlessNetNS) Do(toRun func() error) error {
|
|||||||
return fmt.Errorf("cannot create a new mount namespace: %w", err)
|
return fmt.Errorf("cannot create a new mount namespace: %w", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
xdgRuntimeDir, err := util.GetRuntimeDir()
|
xdgRuntimeDir, err := util.GetRootlessRuntimeDir()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return fmt.Errorf("could not get runtime directory: %w", err)
|
return fmt.Errorf("could not get runtime directory: %w", err)
|
||||||
}
|
}
|
||||||
|
|||||||
@ -209,7 +209,7 @@ func (r *ConmonOCIRuntime) CreateContainer(ctr *Container, restoreOptions *Conta
|
|||||||
// status, but will instead only check for the existence of the conmon exit file
|
// status, but will instead only check for the existence of the conmon exit file
|
||||||
// and update state to stopped if it exists.
|
// and update state to stopped if it exists.
|
||||||
func (r *ConmonOCIRuntime) UpdateContainerStatus(ctr *Container) error {
|
func (r *ConmonOCIRuntime) UpdateContainerStatus(ctr *Container) error {
|
||||||
runtimeDir, err := util.GetRuntimeDir()
|
runtimeDir, err := util.GetRootlessRuntimeDir()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
@ -290,7 +290,7 @@ func (r *ConmonOCIRuntime) UpdateContainerStatus(ctr *Container) error {
|
|||||||
// Sets time the container was started, but does not save it.
|
// Sets time the container was started, but does not save it.
|
||||||
func (r *ConmonOCIRuntime) StartContainer(ctr *Container) error {
|
func (r *ConmonOCIRuntime) StartContainer(ctr *Container) error {
|
||||||
// TODO: streams should probably *not* be our STDIN/OUT/ERR - redirect to buffers?
|
// TODO: streams should probably *not* be our STDIN/OUT/ERR - redirect to buffers?
|
||||||
runtimeDir, err := util.GetRuntimeDir()
|
runtimeDir, err := util.GetRootlessRuntimeDir()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
@ -309,7 +309,7 @@ func (r *ConmonOCIRuntime) StartContainer(ctr *Container) error {
|
|||||||
|
|
||||||
// UpdateContainer updates the given container's cgroup configuration
|
// UpdateContainer updates the given container's cgroup configuration
|
||||||
func (r *ConmonOCIRuntime) UpdateContainer(ctr *Container, resources *spec.LinuxResources) error {
|
func (r *ConmonOCIRuntime) UpdateContainer(ctr *Container, resources *spec.LinuxResources) error {
|
||||||
runtimeDir, err := util.GetRuntimeDir()
|
runtimeDir, err := util.GetRootlessRuntimeDir()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
@ -368,7 +368,7 @@ func (r *ConmonOCIRuntime) KillContainer(ctr *Container, signal uint, all bool)
|
|||||||
// *bytes.buffer and returned; otherwise, it is set to os.Stderr.
|
// *bytes.buffer and returned; otherwise, it is set to os.Stderr.
|
||||||
func (r *ConmonOCIRuntime) killContainer(ctr *Container, signal uint, all, captureStderr bool) (*bytes.Buffer, error) {
|
func (r *ConmonOCIRuntime) killContainer(ctr *Container, signal uint, all, captureStderr bool) (*bytes.Buffer, error) {
|
||||||
logrus.Debugf("Sending signal %d to container %s", signal, ctr.ID())
|
logrus.Debugf("Sending signal %d to container %s", signal, ctr.ID())
|
||||||
runtimeDir, err := util.GetRuntimeDir()
|
runtimeDir, err := util.GetRootlessRuntimeDir()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
@ -504,7 +504,7 @@ func (r *ConmonOCIRuntime) StopContainer(ctr *Container, timeout uint, all bool)
|
|||||||
|
|
||||||
// DeleteContainer deletes a container from the OCI runtime.
|
// DeleteContainer deletes a container from the OCI runtime.
|
||||||
func (r *ConmonOCIRuntime) DeleteContainer(ctr *Container) error {
|
func (r *ConmonOCIRuntime) DeleteContainer(ctr *Container) error {
|
||||||
runtimeDir, err := util.GetRuntimeDir()
|
runtimeDir, err := util.GetRootlessRuntimeDir()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
@ -514,7 +514,7 @@ func (r *ConmonOCIRuntime) DeleteContainer(ctr *Container) error {
|
|||||||
|
|
||||||
// PauseContainer pauses the given container.
|
// PauseContainer pauses the given container.
|
||||||
func (r *ConmonOCIRuntime) PauseContainer(ctr *Container) error {
|
func (r *ConmonOCIRuntime) PauseContainer(ctr *Container) error {
|
||||||
runtimeDir, err := util.GetRuntimeDir()
|
runtimeDir, err := util.GetRootlessRuntimeDir()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
@ -524,7 +524,7 @@ func (r *ConmonOCIRuntime) PauseContainer(ctr *Container) error {
|
|||||||
|
|
||||||
// UnpauseContainer unpauses the given container.
|
// UnpauseContainer unpauses the given container.
|
||||||
func (r *ConmonOCIRuntime) UnpauseContainer(ctr *Container) error {
|
func (r *ConmonOCIRuntime) UnpauseContainer(ctr *Container) error {
|
||||||
runtimeDir, err := util.GetRuntimeDir()
|
runtimeDir, err := util.GetRootlessRuntimeDir()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
@ -851,7 +851,7 @@ func (r *ConmonOCIRuntime) CheckpointContainer(ctr *Container, options Container
|
|||||||
args = append(args, ctr.ID())
|
args = append(args, ctr.ID())
|
||||||
logrus.Debugf("the args to checkpoint: %s %s", r.path, strings.Join(args, " "))
|
logrus.Debugf("the args to checkpoint: %s %s", r.path, strings.Join(args, " "))
|
||||||
|
|
||||||
runtimeDir, err := util.GetRuntimeDir()
|
runtimeDir, err := util.GetRootlessRuntimeDir()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return 0, err
|
return 0, err
|
||||||
}
|
}
|
||||||
@ -1324,7 +1324,7 @@ func (r *ConmonOCIRuntime) configureConmonEnv() ([]string, error) {
|
|||||||
}
|
}
|
||||||
res = append(res, v)
|
res = append(res, v)
|
||||||
}
|
}
|
||||||
runtimeDir, err := util.GetRuntimeDir()
|
runtimeDir, err := util.GetRootlessRuntimeDir()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|||||||
@ -202,7 +202,7 @@ func (r *Runtime) reset(ctx context.Context) error {
|
|||||||
prevError = err
|
prevError = err
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
runtimeDir, err := util.GetRuntimeDir()
|
runtimeDir, err := util.GetRootlessRuntimeDir()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|||||||
@ -134,7 +134,7 @@ func SetXdgDirs() error {
|
|||||||
|
|
||||||
if runtimeDir == "" {
|
if runtimeDir == "" {
|
||||||
var err error
|
var err error
|
||||||
runtimeDir, err = util.GetRuntimeDir()
|
runtimeDir, err = util.GetRootlessRuntimeDir()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|||||||
@ -36,7 +36,7 @@ func (ic *ContainerEngine) Info(ctx context.Context) (*define.Info, error) {
|
|||||||
// service may be run with another URI.
|
// service may be run with another URI.
|
||||||
if ic.Libpod.RemoteURI() == "" {
|
if ic.Libpod.RemoteURI() == "" {
|
||||||
xdg := defaultRunPath
|
xdg := defaultRunPath
|
||||||
if path, err := util.GetRuntimeDir(); err != nil {
|
if path, err := util.GetRootlessRuntimeDir(); err != nil {
|
||||||
// Info is as good as we can guess...
|
// Info is as good as we can guess...
|
||||||
return info, err
|
return info, err
|
||||||
} else if path != "" {
|
} else if path != "" {
|
||||||
|
|||||||
@ -9,5 +9,5 @@ func getRuntimeDir() (string, error) {
|
|||||||
if !rootless.IsRootless() {
|
if !rootless.IsRootless() {
|
||||||
return "/run", nil
|
return "/run", nil
|
||||||
}
|
}
|
||||||
return util.GetRuntimeDir()
|
return util.GetRootlessRuntimeDir()
|
||||||
}
|
}
|
||||||
|
|||||||
@ -13,7 +13,6 @@ import (
|
|||||||
"sort"
|
"sort"
|
||||||
"strconv"
|
"strconv"
|
||||||
"strings"
|
"strings"
|
||||||
"sync"
|
|
||||||
"syscall"
|
"syscall"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
@ -920,13 +919,6 @@ func ParseIDMapping(mode namespaces.UsernsMode, uidMapSlice, gidMapSlice []strin
|
|||||||
return &options, nil
|
return &options, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
var (
|
|
||||||
rootlessConfigHomeDirOnce sync.Once
|
|
||||||
rootlessConfigHomeDir string
|
|
||||||
rootlessRuntimeDirOnce sync.Once
|
|
||||||
rootlessRuntimeDir string
|
|
||||||
)
|
|
||||||
|
|
||||||
type tomlOptionsConfig struct {
|
type tomlOptionsConfig struct {
|
||||||
MountProgram string `toml:"mount_program"`
|
MountProgram string `toml:"mount_program"`
|
||||||
}
|
}
|
||||||
|
|||||||
@ -7,109 +7,29 @@ package util
|
|||||||
// should work to take darwin from this
|
// should work to take darwin from this
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"errors"
|
|
||||||
"fmt"
|
|
||||||
"os"
|
|
||||||
"path/filepath"
|
"path/filepath"
|
||||||
"strconv"
|
|
||||||
"syscall"
|
|
||||||
|
|
||||||
"github.com/containers/podman/v4/pkg/rootless"
|
"github.com/containers/podman/v4/pkg/rootless"
|
||||||
"github.com/sirupsen/logrus"
|
"github.com/containers/storage/pkg/homedir"
|
||||||
)
|
)
|
||||||
|
|
||||||
// GetRuntimeDir returns the runtime directory
|
// GetRootlessRuntimeDir returns the runtime directory when running as non root
|
||||||
func GetRuntimeDir() (string, error) {
|
func GetRootlessRuntimeDir() (string, error) {
|
||||||
var rootlessRuntimeDirError error
|
|
||||||
|
|
||||||
if !rootless.IsRootless() {
|
if !rootless.IsRootless() {
|
||||||
return "", nil
|
return "", nil
|
||||||
}
|
}
|
||||||
|
return homedir.GetRuntimeDir()
|
||||||
rootlessRuntimeDirOnce.Do(func() {
|
|
||||||
runtimeDir := os.Getenv("XDG_RUNTIME_DIR")
|
|
||||||
|
|
||||||
if runtimeDir != "" {
|
|
||||||
rootlessRuntimeDir, rootlessRuntimeDirError = filepath.EvalSymlinks(runtimeDir)
|
|
||||||
return
|
|
||||||
}
|
|
||||||
|
|
||||||
uid := strconv.Itoa(rootless.GetRootlessUID())
|
|
||||||
if runtimeDir == "" {
|
|
||||||
tmpDir := filepath.Join("/run", "user", uid)
|
|
||||||
if err := os.MkdirAll(tmpDir, 0700); err != nil {
|
|
||||||
logrus.Debug(err)
|
|
||||||
}
|
|
||||||
st, err := os.Stat(tmpDir)
|
|
||||||
if err == nil && int(st.Sys().(*syscall.Stat_t).Uid) == os.Geteuid() && (st.Mode().Perm()&0700 == 0700) {
|
|
||||||
runtimeDir = tmpDir
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if runtimeDir == "" {
|
|
||||||
tmpDir := filepath.Join(os.TempDir(), fmt.Sprintf("podman-run-%s", uid))
|
|
||||||
if err := os.MkdirAll(tmpDir, 0700); err != nil {
|
|
||||||
logrus.Debug(err)
|
|
||||||
}
|
|
||||||
st, err := os.Stat(tmpDir)
|
|
||||||
if err == nil && int(st.Sys().(*syscall.Stat_t).Uid) == os.Geteuid() && (st.Mode().Perm()&0700 == 0700) {
|
|
||||||
runtimeDir = tmpDir
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if runtimeDir == "" {
|
|
||||||
home := os.Getenv("HOME")
|
|
||||||
if home == "" {
|
|
||||||
rootlessRuntimeDirError = errors.New("neither XDG_RUNTIME_DIR nor HOME was set non-empty")
|
|
||||||
return
|
|
||||||
}
|
|
||||||
resolvedHome, err := filepath.EvalSymlinks(home)
|
|
||||||
if err != nil {
|
|
||||||
rootlessRuntimeDirError = fmt.Errorf("cannot resolve %s: %w", home, err)
|
|
||||||
return
|
|
||||||
}
|
|
||||||
runtimeDir = filepath.Join(resolvedHome, "rundir")
|
|
||||||
}
|
|
||||||
rootlessRuntimeDir = runtimeDir
|
|
||||||
})
|
|
||||||
|
|
||||||
if rootlessRuntimeDirError != nil {
|
|
||||||
return "", rootlessRuntimeDirError
|
|
||||||
}
|
|
||||||
return rootlessRuntimeDir, nil
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// GetRootlessConfigHomeDir returns the config home directory when running as non root
|
// GetRootlessConfigHomeDir returns the config home directory when running as non root
|
||||||
func GetRootlessConfigHomeDir() (string, error) {
|
func GetRootlessConfigHomeDir() (string, error) {
|
||||||
var rootlessConfigHomeDirError error
|
return homedir.GetConfigHome()
|
||||||
|
|
||||||
rootlessConfigHomeDirOnce.Do(func() {
|
|
||||||
cfgHomeDir := os.Getenv("XDG_CONFIG_HOME")
|
|
||||||
if cfgHomeDir == "" {
|
|
||||||
home := os.Getenv("HOME")
|
|
||||||
resolvedHome, err := filepath.EvalSymlinks(home)
|
|
||||||
if err != nil {
|
|
||||||
rootlessConfigHomeDirError = fmt.Errorf("cannot resolve %s: %w", home, err)
|
|
||||||
return
|
|
||||||
}
|
|
||||||
tmpDir := filepath.Join(resolvedHome, ".config")
|
|
||||||
st, err := os.Stat(tmpDir)
|
|
||||||
if err == nil && int(st.Sys().(*syscall.Stat_t).Uid) == os.Geteuid() && st.Mode().Perm() >= 0700 {
|
|
||||||
cfgHomeDir = tmpDir
|
|
||||||
}
|
|
||||||
}
|
|
||||||
rootlessConfigHomeDir = cfgHomeDir
|
|
||||||
})
|
|
||||||
|
|
||||||
if rootlessConfigHomeDirError != nil {
|
|
||||||
return "", rootlessConfigHomeDirError
|
|
||||||
}
|
|
||||||
|
|
||||||
return rootlessConfigHomeDir, nil
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// GetRootlessPauseProcessPidPath returns the path to the file that holds the pid for
|
// GetRootlessPauseProcessPidPath returns the path to the file that holds the pid for
|
||||||
// the pause process.
|
// the pause process.
|
||||||
func GetRootlessPauseProcessPidPath() (string, error) {
|
func GetRootlessPauseProcessPidPath() (string, error) {
|
||||||
runtimeDir, err := GetRuntimeDir()
|
runtimeDir, err := GetRootlessRuntimeDir()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return "", err
|
return "", err
|
||||||
}
|
}
|
||||||
|
|||||||
@ -30,8 +30,8 @@ func GetRootlessPauseProcessPidPath() (string, error) {
|
|||||||
return "", fmt.Errorf("GetRootlessPauseProcessPidPath: %w", errNotImplemented)
|
return "", fmt.Errorf("GetRootlessPauseProcessPidPath: %w", errNotImplemented)
|
||||||
}
|
}
|
||||||
|
|
||||||
// GetRuntimeDir returns the runtime directory
|
// GetRootlessRuntimeDir returns the runtime directory
|
||||||
func GetRuntimeDir() (string, error) {
|
func GetRootlessRuntimeDir() (string, error) {
|
||||||
data, err := homedir.GetDataHome()
|
data, err := homedir.GetDataHome()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return "", err
|
return "", err
|
||||||
|
|||||||
Reference in New Issue
Block a user