opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-06-25 12:20:42 +08:00
Code Issues Packages Projects Releases Wiki Activity

cmd: clarify meaning of ParentNSRequired

Browse Source 
there are no commands that are not supported by rootless mode, but
some commands require to run in the user namespace.

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
This commit is contained in:
Giuseppe Scrivano
2023-03-02 22:14:16 +01:00
parent ce67bbffa9
commit da04469f06
2 changed files with 1 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
cmd/podman/main.go
View File

@ -81,13 +81,6 @@ func parseCommands() *cobra.Command {
return fmt.Errorf("cannot run command %q in rootless mode, must execute `podman unshare` first", cmd.CommandPath())
}
}
} else {
_, found = c.Command.Annotations[registry.ParentNSRequired]
if rootless.IsRootless() && found && c.Command.Name() != "scp" {
c.Command.RunE = func(cmd *cobra.Command, args []string) error {
return fmt.Errorf("cannot run command %q in rootless mode", cmd.CommandPath())
}
}
}
addCommand(c)
}

2
cmd/podman/registry/config.go
View File

@ -17,7 +17,7 @@ const (
// NoMoveProcess used as cobra.Annotation when command doesn't need Podman to be moved to a separate cgroup
NoMoveProcess = "NoMoveProcess"
// ParentNSRequired used as cobra.Annotation when command requires root access
// ParentNSRequired used as cobra.Annotation when a command should not be run in the podman rootless user namespace, also requires updates in `pkg/rootless/rootless_linux.c` in function `can_use_shortcut()` to exclude the command name there.
ParentNSRequired = "ParentNSRequired"
// UnshareNSRequired used as cobra.Annotation when command requires modified user namespace