fix noMoveProcess in SetupRootless

Based on the description in commit 63ef557 this was added so that the migrate command does not move the pause process into a separate cgroup. It should however not disable the rejoining of the userns when the pause process join failed. BEcause of this we end up calling migrate without a userns and that then can fail if there are actual contianer it tries to cleanup. Fixes: 63ef5576ed ("command: migrate doesn't move process to cgroup") Signed-off-by: Paul Holzinger <pholzing@redhat.com>
2025-11-28 09:09:44 +08:00 · 2025-11-25 12:47:19 +01:00
parent c3f3dd36c4
commit ed9d298fb4
1 changed files with 1 additions and 4 deletions
--- a/pkg/domain/infra/abi/system_linux.go
+++ b/pkg/domain/infra/abi/system_linux.go
@@ -76,9 +76,6 @@ func (ic *ContainerEngine) SetupRootless(_ context.Context, noMoveProcess bool,
 	if became {
 		os.Exit(ret)
 	}
-	if noMoveProcess {
-		return nil
-	}

 	// if there is no pid file, try to join existing containers, and create a pause process.
 	ctrs, err := ic.Libpod.GetRunningContainers()
@@ -95,7 +92,7 @@ func (ic *ContainerEngine) SetupRootless(_ context.Context, noMoveProcess bool,
 		became, ret, err = rootless.TryJoinFromFilePaths(pausePidPath, paths)
 	} else {
 		became, ret, err = rootless.BecomeRootInUserNS(pausePidPath)
-		if err == nil {
+		if err == nil && !noMoveProcess {
 			systemd.MovePauseProcessToScope(pausePidPath)
 		}
 	}