diff --git a/libpod/container_internal_common.go b/libpod/container_internal_common.go index 29b8e0c685..fbca60027c 100644 --- a/libpod/container_internal_common.go +++ b/libpod/container_internal_common.go @@ -2745,7 +2745,7 @@ func (c *Container) fixVolumePermissions(v *ContainerNamedVolume) error { // Volumes owned by a volume driver are not chowned - we don't want to // mess with a mount not managed by us. - if vol.state.NeedsChown && !vol.UsesVolumeDriver() { + if vol.state.NeedsChown && (!vol.UsesVolumeDriver() && vol.config.Driver != "image") { vol.state.NeedsChown = false uid := int(c.config.Spec.Process.User.UID) diff --git a/libpod/runtime_volume_common.go b/libpod/runtime_volume_common.go index 81fb00f32d..ae57b17ef6 100644 --- a/libpod/runtime_volume_common.go +++ b/libpod/runtime_volume_common.go @@ -120,7 +120,9 @@ func (r *Runtime) newVolume(ctx context.Context, noCreatePluginVolume bool, opti volume.config.StorageImageID = image.ID() // Create a backing container in c/storage. - storageConfig := storage.ContainerOptions{} + storageConfig := storage.ContainerOptions{ + LabelOpts: []string{"filetype:container_file_t", "level:s0"}, + } if len(volume.config.MountLabel) > 0 { context, err := selinux.NewContext(volume.config.MountLabel) if err != nil { diff --git a/libpod/sqlite_state_internal.go b/libpod/sqlite_state_internal.go index 19c3d46c6a..1f62d346bd 100644 --- a/libpod/sqlite_state_internal.go +++ b/libpod/sqlite_state_internal.go @@ -295,6 +295,21 @@ func finalizeVolumeSqlite(vol *Volume) error { } vol.lock = lock + // Retrieve volume driver + if vol.UsesVolumeDriver() { + plugin, err := vol.runtime.getVolumePlugin(vol.config) + if err != nil { + // We want to fail gracefully here, to ensure that we + // can still remove volumes even if their plugin is + // missing. Otherwise, we end up with volumes that + // cannot even be retrieved from the database and will + // cause things like `volume ls` to fail. + logrus.Errorf("Volume %s uses volume plugin %s, but it cannot be accessed - some functionality may not be available: %v", vol.Name(), vol.config.Driver, err) + } else { + vol.plugin = plugin + } + } + vol.valid = true return nil @@ -513,7 +528,7 @@ func (s *SQLiteState) networkModify(ctr *Container, network string, opts types.P _, ok := newCfg.Networks[network] if new && ok { - return fmt.Errorf("container %s is already connected to network %s: %w", ctr.ID(), network, define.ErrNoSuchNetwork) + return fmt.Errorf("container %s is already connected to network %s: %w", ctr.ID(), network, define.ErrNetworkConnected) } if !ok && (!new || disconnect) { return fmt.Errorf("container %s is not connected to network %s: %w", ctr.ID(), network, define.ErrNoSuchNetwork) diff --git a/libpod/volume.go b/libpod/volume.go index 537d53bf38..b2cd5c0438 100644 --- a/libpod/volume.go +++ b/libpod/volume.go @@ -136,7 +136,7 @@ func (v *Volume) Labels() map[string]string { // MountPoint returns the volume's mountpoint on the host func (v *Volume) MountPoint() (string, error) { // For the sake of performance, avoid locking unless we have to. - if v.UsesVolumeDriver() { + if v.UsesVolumeDriver() || v.config.Driver == define.VolumeDriverImage { v.lock.Lock() defer v.lock.Unlock() diff --git a/test/e2e/run_transient_test.go b/test/e2e/run_transient_test.go index 34166dcc20..863963c4cd 100644 --- a/test/e2e/run_transient_test.go +++ b/test/e2e/run_transient_test.go @@ -54,8 +54,14 @@ var _ = Describe("Podman run with volumes", func() { Expect(filepath.Join(containerStorageDir, "volatile-containers.json")).Should(Not(BeAnExistingFile())) Expect(filepath.Join(runContainerStorageDir, "containers.json")).Should(Not(BeAnExistingFile())) Expect(filepath.Join(runContainerStorageDir, "volatile-containers.json")).Should(Not(BeAnExistingFile())) - Expect(filepath.Join(dbDir, "bolt_state.db")).Should(BeARegularFile()) - Expect(filepath.Join(runDBDir, "bolt_state.db")).Should(Not(BeAnExistingFile())) + + if podmanTest.DatabaseBackend == "sqlite" { + Expect(filepath.Join(containerStorageDir, "db.sql")).Should(BeARegularFile()) + Expect(filepath.Join(runContainerStorageDir, "db.sql")).Should(Not(BeAnExistingFile())) + } else { + Expect(filepath.Join(dbDir, "bolt_state.db")).Should(BeARegularFile()) + Expect(filepath.Join(runDBDir, "bolt_state.db")).Should(Not(BeAnExistingFile())) + } }) It("podman run --rm with no transient-store", func() { @@ -68,8 +74,14 @@ var _ = Describe("Podman run with volumes", func() { Expect(filepath.Join(containerStorageDir, "volatile-containers.json")).Should(BeARegularFile()) Expect(filepath.Join(runContainerStorageDir, "containers.json")).Should(Not(BeAnExistingFile())) Expect(filepath.Join(runContainerStorageDir, "volatile-containers.json")).Should(Not(BeAnExistingFile())) - Expect(filepath.Join(dbDir, "bolt_state.db")).Should(BeARegularFile()) - Expect(filepath.Join(runDBDir, "bolt_state.db")).Should(Not(BeAnExistingFile())) + + if podmanTest.DatabaseBackend == "sqlite" { + Expect(filepath.Join(containerStorageDir, "db.sql")).Should(BeARegularFile()) + Expect(filepath.Join(runContainerStorageDir, "db.sql")).Should(Not(BeAnExistingFile())) + } else { + Expect(filepath.Join(dbDir, "bolt_state.db")).Should(BeARegularFile()) + Expect(filepath.Join(runDBDir, "bolt_state.db")).Should(Not(BeAnExistingFile())) + } }) It("podman run --transient-store", func() { @@ -83,8 +95,14 @@ var _ = Describe("Podman run with volumes", func() { Expect(filepath.Join(containerStorageDir, "volatile-containers.json")).Should(Not(BeAnExistingFile())) Expect(filepath.Join(runContainerStorageDir, "containers.json")).Should(Not(BeAnExistingFile())) Expect(filepath.Join(runContainerStorageDir, "volatile-containers.json")).Should(BeARegularFile()) - Expect(filepath.Join(dbDir, "bolt_state.db")).Should(Not(BeAnExistingFile())) - Expect(filepath.Join(runDBDir, "bolt_state.db")).Should(BeARegularFile()) + + if podmanTest.DatabaseBackend == "sqlite" { + Expect(filepath.Join(containerStorageDir, "db.sql")).Should(Not(BeAnExistingFile())) + Expect(filepath.Join(runContainerStorageDir, "db.sql")).Should(BeARegularFile()) + } else { + Expect(filepath.Join(dbDir, "bolt_state.db")).Should(Not(BeAnExistingFile())) + Expect(filepath.Join(runDBDir, "bolt_state.db")).Should(BeARegularFile()) + } }) })