Those are the cases where the value being converted is already of that
type (checked to be that way for all os/arch combinations).
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
use the new overlay data-only feature to mount the composefs data
directory so there is no need for upper layers to create whiteouts to
hide payload files.
The feature was added to Linux 6.5.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
gofumpt is a superset of gofmt, enabling some more code formatting
rules.
This commit is brought to you by
gofumpt -w .
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
When we convert the work directory's location to a relative path for
passing to mount-in-a-subprocess, don't change the value that we'll
subsequently use when removing the "work/incompat/volatile" subdirectory
while still in the parent process.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Add missing punctuation to a couple of error messages, and include which
mount options we tried to use when we complain about mount() failing.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
We now use the golang error wrapping format specifier `%w` instead of the
deprecated github.com/pkg/errors package.
Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
use idmapped mounts for the overlay lower layers when the kernel
supports them.
For each lower directory with ID=0...N-1, it creates a idmapped mount
at $GRAPHROOT/overlay/$LAYER/mapped/$ID. The final overlay mount will
use these idmapped mounts instead of the original source directory.
The upperdir is not idmapped, so files are created with the same
IDs used by the user namespace.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
make sure "userxattr" is specified, otherwise the "user.overlay."
xattrs are not treated specially and copied up as for the root case.
Closes: https://github.com/containers/storage/issues/947
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
if lgetxattr(..., "user.overlay.metacopy") fails with EOPNOTSUPP, it
means metacopy is not supported for the current user.
Prefer this runtime check instead of testing unshare.IsRootless(), so
that metacopy support will be detected in case it will be enabled in a
user namespace in future.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
unprivileged users cannot use the trusted.* xattrs. Since for
rootless we always mount overlay with userxattr, we can just check if
running in rootless mode and use user.* instead of trusted.*.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Distributions are shipping metacopy option along with kernels that do
not support it. We should warn on this situation rather then fail.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Fuse-overlay now has an option fsync=0, which kernel overlay does
not support, when I changed from fuse-overlay, to regular with
the fsync=0 flag set, I had a hard time diagnosing what was going
wrong. This information would have helped.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
In the overlay driver, check if metacopy is enabled, and report it along
with other status information.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
If in storage.conf I set the mount options to:
mountopt = "nodev,metacopy=on,redirect_dir=on"
This will turn on redirect_dir but the useNaiveDiff does not currently check
this option. This will cause container images on commit to not be saved
correctly.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Grab Lei Jitang <leijitang@huawei.com> patches from
github.com/Moby/Moby/49c3a7c4bac2877265ef8c4eaf210159560f08b4
When use overlay2 as the graphdriver and the kernel enable
`CONFIG_OVERLAY_FS_REDIRECT_DIR=y`, rename a dir in lower layer
will has a xattr to redirct its dir to source dir. This make the
image layer unportable. This patch fallback to use naive diff driver
when kernel enable CONFIG_OVERLAY_FS_REDIRECT_DIR
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Kir Kolyshkin