drop the rootless argument from DefaultStoreOptions and
UpdateStoreOptions since this can be retrieved internally through the
unshare package.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
We previously started "pulling up" images when we changed their names,
and started denying the presence of images in read-only stores which
shared their ID with an image in the read-write store, so that it would
be possible to "remove" names from an image in read-only storage. We
forgot about the Flags field, so start pulling that up, too.
Do all of the above when we're asked to create an image, since denying
the presence of images with the same ID in read-only stores would
prevent us from finding the image by any of the names that it "had" just
a moment before we created the new record.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Replace the newer nameLooksLikeID() function with calls to
stringid.Validate(), which does the same thing.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
This looks in the container store for existing data dirs with ids not in
the container files and removes them. It also adds an (optional) driver
method to list available layers, then uses this and compares it to the
layers json file and removes layers that are not references.
Losing track of containers and layers can potentially happen in the
case of some kind of unclean shutdown, but mainly it happens at reboot
when using transient storage mode. Such users are recommended to run
a garbage collect at boot.
Signed-off-by: Alexander Larsson <alexl@redhat.com>
Use constants for the names of flags that we set in Flags maps that we
store in layer/image/container records, to make it easier to avoid
possible breakages due to typos in the future.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
... by actually using it, removing some duplication, and
perhaps micro-optimizing some memory allocations.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Adds AddNames and RemoveNames so operations which are invoked in parallel
manner can use it without destroying names from storage.
For instance
We are deleting names which were already written in store.
This creates faulty behavior when builds are invoked in parallel manner, as
this removes names for other builds.
To fix this behavior we must append to already written names and
override if needed. But this should be optional and not break public API
Following patch will be used by parallel operations at podman or buildah end, directly or indirectly.
Signed-off-by: Aditya R <arajan@redhat.com>
Currently when we build podman bindings we are pulling in the entire
storage libraries, even though we only need a few structures and
functions.
Testing with the following program
```
package main
import (
"fmt"
"github.com/containers/storage/types"
)
func main() {
fmt.Println(types.GetRootlessRuntimeDir(0))
}
```
Removing types above gives me compile size of the the program
du -s t.old t.new
9640 t.before
3232 t.after
Currently these functions are being vendored into
containers/common/pkg/config, which leads to large size in podman-remote
and podman bindings.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Use the variable name that matches the one used in the config file, and
add environment expansion for the rootless storage location.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Currently we ignore STORAGE_DRIVER enviroment variable in
rootless mode, always forcing it to be Overlay if fuse-overlay
is installed of vfs.
This patch will respect both the STORAGE_DRIVER and STORAGE_OPT
environment variable if set in rootless mode.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Revert 8bdc527f24
I merged a patch that was a mistake that returned
rootless storage opts early. User had a broken
storage.conf that caused me to get confused.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Attempting to override the location of the storage.conf file, using
the SetDefaultConfigFilePath for testing is failing in Podman.
This patch will use the replace configuration file.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Currently rootless containers are ignoring the rootless_storage_path entry
from the storage.conf file.
This will use the path is specified.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
It is too risky to add all system options.
This is supposed to work for HPC customers, so we can just
grab this setting if set in system wide settings.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Interface added to mount image rootfs without any container.
image can be mounted only in ReadOnly mode.
Signed-off-by: Kunal Kushwaha <kunal.kushwaha@gmail.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
when running as rootless, do not write the default storage.conf file.
Follow the same pattern used for libpod.conf.
Closes: https://github.com/containers/libpod/issues/5500
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
move the assignment of rootless_storage_path out of `else` block to make the config work even the graphroot is empty.
fix the path match error
Signed-off-by: Qi Wang <qiwan@redhat.com>
This allows rootless admins to setup alternative
paths to content in the homedir.
Rootless users on NFS homedirs will not be allowed to run
podman, if an admin wants to setup alternative directory say
in /var/tmp on local storage, they could configure the storage.conf
file and then all users would automatically get storage in /var/tmp.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Signed-off-by: Qi Wang <qiwan@redhat.com>
Currently we are throwing lots of files/directories into the
top level of /run/user/UID/ And this makes it difficult to cleanup.
Switching to using /run/user/UID/containers, makes it easier and cleaner.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
the previous error condition was causing an early failure when the
configuration file existed. It prevented some additional checks and
to correctly set the RunRoot and GraphRoot to their default values
when they are not overriden in the configuration file.
We have not noticed it earlier as Podman would still use the
configuration from the DB in this case, so the issue is visible with
Podman only when the RunRoot is not specified in the configuration
file and in the libpod DB as well.
Closes: https://github.com/containers/libpod/issues/3274
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
If the root user created a new user namespace, it still has to use the
system configuration and storage.
Previously if root created a user namespace when missing
CAP_SYS_ADMIN, we would use the configuration file under
/root/.config/containers instead of /etc/containers.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
We have not been checking the permissions on the rootless directory
this causes issues in tools trying to access the login directory
if XDG_RUNTIME_DIR is not set correctly.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
In an effort to remove cross vendoring, trying to fix buildah from importing
from libpod. I beleive these libraries make more sense in containers/storage
then in libpod.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Config is now runconfig.Config
* HostConfig is now runconfig.HostConfig
* MergeConfig is now runconfig.Merge
* CompareConfig is now runconfig.Compare
* ParseRun is now runconfig.Parse
* ContainerConfigFromJob is now runconfig.ContainerConfigFromJob
* ContainerHostConfigFromJob is now runconfig.ContainerHostConfigFromJob
This facilitates refactoring commands.go and shrinks the core.
Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)
This makes all users of Put() have a corresponding call
to Get() which means we will be able to track whether
any particular ID is in use and if not unmount it.
Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com> (github: alexlarsson)
Giuseppe Scrivano