cli: support --systemd=always

it enforces the systemd mode also when the command name doesn't match /usr/sbin/init or systemd. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
2019-10-07 14:02:54 +02:00 · 2019-10-07 14:02:54 +02:00 · 5963077e93
parent 3ba3e1c751
commit 5963077e93
9 changed files with 33 additions and 19 deletions
--- a/API.md
+++ b/API.md
@ -1591,7 +1591,7 @@ subgidname [?string](#?string)

 sysctl [?[]string](#?[]string)

-systemd [?bool](#?bool)
+systemd [?string](#?string)

 tmpfs [?[]string](#?[]string)

--- a/cmd/podman/cliconfig/defaults.go
+++ b/cmd/podman/cliconfig/defaults.go
@ -1,10 +1,5 @@
 package cliconfig

-const (
-	// DefaultSystemD value
-	DefaultSystemD bool = true
-)
-
 var (
 	// DefaultHealthCheckInterval default value
 	DefaultHealthCheckInterval = "30s"
--- a/cmd/podman/common.go
+++ b/cmd/podman/common.go
@ -455,9 +455,9 @@ func getCreateFlags(c *cliconfig.PodmanCommand) {
 		"sysctl", []string{},
 		"Sysctl options (default [])",
 	)
-	createFlags.Bool(
-		"systemd", cliconfig.DefaultSystemD,
-		"Run container in systemd mode if the command executable is systemd or init",
+	createFlags.String(
+		"systemd", "true",
+		`Run container in systemd mode ("true"|"false"|"always" (default "true")`,
 	)
 	createFlags.StringArray(
 		"tmpfs", []string{},
--- a/cmd/podman/shared/create.go
+++ b/cmd/podman/shared/create.go
@ -662,9 +662,17 @@ func ParseCreateOpts(ctx context.Context, c *GenericCLIResults, runtime *libpod.
 		return nil, errors.Errorf("invalid image-volume type %q. Pick one of bind, tmpfs, or ignore", c.String("image-volume"))
 	}

-	var systemd bool
-	if command != nil && c.Bool("systemd") && (command[0] == "/usr/sbin/init" || (filepath.Base(command[0]) == "systemd")) {
-		systemd = true
+	systemd := c.String("systemd") == "always"
+	if !systemd && command != nil {
+		x, err := strconv.ParseBool(c.String("systemd"))
+		if err != nil {
+			return nil, errors.Wrapf(err, "cannot parse bool %s", c.String("systemd"))
+		}
+		if x && (command[0] == "/usr/sbin/init" || (filepath.Base(command[0]) == "systemd")) {
+			systemd = true
+		}
+	}
+	if systemd {
 		if signalString == "" {
 			stopSignal, err = signal.ParseSignal("RTMIN+3")
 			if err != nil {
--- a/cmd/podman/shared/intermediate.go
+++ b/cmd/podman/shared/intermediate.go
@ -449,7 +449,7 @@ func NewIntermediateLayer(c *cliconfig.PodmanCommand, remote bool) GenericCLIRes
 	m["subgidname"] = newCRString(c, "subgidname")
 	m["subuidname"] = newCRString(c, "subuidname")
 	m["sysctl"] = newCRStringSlice(c, "sysctl")
-	m["systemd"] = newCRBool(c, "systemd")
+	m["systemd"] = newCRString(c, "systemd")
 	m["tmpfs"] = newCRStringArray(c, "tmpfs")
 	m["tty"] = newCRBool(c, "tty")
 	m["uidmap"] = newCRStringSlice(c, "uidmap")
--- a/cmd/podman/shared/intermediate_varlink.go
+++ b/cmd/podman/shared/intermediate_varlink.go
@ -152,7 +152,7 @@ func (g GenericCLIResults) MakeVarlink() iopodman.Create {
 		Subuidname:             StringToPtr(g.Find("subuidname")),
 		Subgidname:             StringToPtr(g.Find("subgidname")),
 		Sysctl:                 StringSliceToPtr(g.Find("sysctl")),
-		Systemd:                BoolToPtr(g.Find("systemd")),
+		Systemd:                StringToPtr(g.Find("systemd")),
 		Tmpfs:                  StringSliceToPtr(g.Find("tmpfs")),
 		Tty:                    BoolToPtr(g.Find("tty")),
 		Uidmap:                 StringSliceToPtr(g.Find("uidmap")),
@ -321,6 +321,7 @@ func VarlinkCreateToGeneric(opts iopodman.Create) GenericCLIResults {

 	var memSwapDefault int64 = -1
 	netModeDefault := "bridge"
+	systemdDefault := "true"
 	if rootless.IsRootless() {
 		netModeDefault = "slirp4netns"
 	}
@ -409,7 +410,7 @@ func VarlinkCreateToGeneric(opts iopodman.Create) GenericCLIResults {
 	m["subgidname"] = stringFromVarlink(opts.Subgidname, "subgidname", nil)
 	m["subuidname"] = stringFromVarlink(opts.Subuidname, "subuidname", nil)
 	m["sysctl"] = stringSliceFromVarlink(opts.Sysctl, "sysctl", nil)
-	m["systemd"] = boolFromVarlink(opts.Systemd, "systemd", cliconfig.DefaultSystemD)
+	m["systemd"] = stringFromVarlink(opts.Systemd, "systemd", &systemdDefault)
 	m["tmpfs"] = stringSliceFromVarlink(opts.Tmpfs, "tmpfs", nil)
 	m["tty"] = boolFromVarlink(opts.Tty, "tty", false)
 	m["uidmap"] = stringSliceFromVarlink(opts.Uidmap, "uidmap", nil)
--- a/cmd/podman/varlink/io.podman.varlink
+++ b/cmd/podman/varlink/io.podman.varlink
@ -363,7 +363,7 @@ type Create (
    subuidname: ?string,
    subgidname: ?string,
    sysctl: ?[]string,
-    systemd: ?bool,
+    systemd: ?string,
    tmpfs: ?[]string,
    tty: ?bool,
    uidmap: ?[]string,
--- a/docs/podman-create.1.md
+++ b/docs/podman-create.1.md
@ -709,11 +709,16 @@ Network Namespace - current sysctls allowed:
    Sysctls beginning with net.*

 Note: if you use the --network=host option these sysctls will not be allowed.
-x
-**--systemd**=*true|false*
+
+**--systemd**=*true|false|always*

 Run container in systemd mode. The default is *true*.

+The value *always* enforces the systemd mode is enforced without
+looking at the executable name.  Otherwise, if set to true and the
+command you are running inside the container is systemd or
+/usr/sbin/init.
+
 If the command you are running inside of the container is systemd or
 /usr/sbin/init, Podman will setup tmpfs mount points in the following
 directories:
--- a/docs/podman-run.1.md
+++ b/docs/podman-run.1.md
@ -747,10 +747,15 @@ Network Namespace - current sysctls allowed:

 Note: if you use the `--network=host` option these sysctls will not be allowed.

-**--systemd**=*true|false*
+**--systemd**=*true|false|always*

 Run container in systemd mode. The default is *true*.

+The value *always* enforces the systemd mode is enforced without
+looking at the executable name.  Otherwise, if set to true and the
+command you are running inside the container is systemd or
+/usr/sbin/init.
+
 If the command you are running inside of the container is systemd or
 /usr/sbin/init, Podman will setup tmpfs mount points in the following
 directories: