Note that such images can now be stored but they cannot be
pushed yet. Supporting both use cases would be ideal for
source-container images that are known to have a large number
of layers, likely exceeding the current limit of 127 layers.
This limit is inherited from Docker to proactively restrict the
amount and size of arguments passed when mounting. All (lower)
layers must be specified at mount-time but we only have one page
to pass them.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
when a mountProgram is used, attempt to unmount the file system using
fusermount or fusermount3.
If the FUSE writeback cache is used (fuse-overlayfs uses it by default
since version 0.5), some changes might not be flushed from the kernel
to the FUSE file system.
Using umount we could lose these changes as the file system is
terminated before these changes are visible to the FUSE file system.
Going through fusermount|fusermount3 instead makes sure FUSE flushes
all the pending requests before the file system is unmounted.
If the fusermount attempts fail, make sure the file system is flushed
before being unmounted.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
if a mountProgram is specified, check that the file system is already
mounted using the FUSE magic number instead of overlay. It enables
using fuse-overlayfs on top of overlay.
Closes: https://github.com/containers/storage/issues/447
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
it was an attempt to use OSTree to deduplicate files, at the time we
already had a dependency on OSTree for system containers in
containers/image. Since the feature never really took off, let's just
drop it.
Closes: https://github.com/containers/storage/issues/419
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
If we are just mounting the parent directory, we should do it read
only. We should not use the upper and work directory.
If there is only one lower directory we should return that path. No
reason to mount the lower directory at all.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Vivek Goyal says that we should not be touching the internal WorkDir/work directory.
This is internal to the kernel and should not be modified. I believe this was done
to make sure that the "/" of the container is writable by the root user of the user
namespace that is running the container. Changing the ownership of the diffDir
should give us the same behavior and is safe to do.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Modified patch of Kevin Pelzel.
Also changed ApplyDiff to take new ApplyDiffOpts Struct.
Signed-off-by: Kevin Pelzel <kevinpelzel22@gmail.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
This should cause the kernel to clear any leaked mount points into other
containers.
Also create the merged directory every time you attempt to create it.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Use the feature cache to track whether or not overlay is supported,
whether or not metacopy is on (for a specific set of mount options), and
whether or not we can use native diff (again, for a specific set of
mount options).
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Add a few helper functions for caching and checking whether or not
particular features are enabled/supported. Most calls to them happen
before the Driver is allocated, so they're functions that take a runhome
directly rather than methods of the Driver.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Instead of passing the driver-specific directory and assorted fields
from a Config struct to lower-level drivers when we initialize them,
pass them the directory and the Config struct.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
prefer the custom idmapping specified for the layer instead of using
the global one configured for the driver.
Closes: https://github.com/containers/libpod/issues/2960
Signed-off-by: Giuseppe Scrivano <giuseppe@scrivano.org>
Noticed that the link directory may be lost also with the symlinks,
so this fix creates it if not found and then restores all the links.
Also fix up logic to check wether a dir is found or not instead of
a regular file.
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
These interfaces can be used to setup a graphdriver mountpoint
of the source directory for use within a container.
The RemoveTemp interface umounts the mountpoint and then removes
all of the modified data in the graphdriver for this source directory.
The primary use case of these interfaces is for container engines that
want to mount a directory from the host system into the container. The
source dirctory then can be modified without actually changing the
directory on the host.
Containers will use these interfaces for sharing packaing cache directories
like /var/cache/dnf, to help speed up container builds.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
The multiple-lowers test in the overlay driver succeeded even when we
didn't pass in an upper or work directory, because it can be used for
read-only cases even then, but the single-lower test definitely needs us
to provide upper and work directories, so do that.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
If the synlinks under /var/lib/containers/storage/overlay/l are lost
during a sudden reboot, we go through all the layers under the overlay
directory and create symlinks point to their respective diff directories
with the same name as they were created before. We get this name from
the "link" file under each layer dir.
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
When we removed all traces of override_kernel_check, we created a
situation where older configuration files would suddenly start causing
us to emit an error at startup. Soften that to a warning, for now at
least.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Make layers based on template layers actually be children of the
template layer, so that we don't need to copy the diff to create them.
Upper layers should be making sure that we don't remove the template
layer before we attempt to remove the new layer.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Add a CreateFromTemplate() method to graph drivers, and use it instead
of a driver-oblivious diff/put method when we want to create a copy of
an image's top layer that has the same parent and which differs from the
original only in its ID maps.
This lets drivers that can quickly make an independent layer based on
another layer do something smarter than we were doing with the
driver-oblivious method. For some drivers, a native method is
dramatically faster.
Note that the driver needs to be able to do this while still exposing
just one notional layer (i.e., one link in the chain of layers for a
given container) to the higher levels of the APIs, so if the new layer
is actually a child of the template layer, that needs to remain a detail
that's private to the driver.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
In the overlay driver, check if metacopy is enabled, and report it along
with other status information.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
The logic that depended on override_kernel_check was changed to test for
the feature at runtime, so we don't need to be suggesting to people that
they need to set this option, or that the option is even a thing.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
If we set metacopyup flag in storage.conf, we need to use
this field, when creating the intermediate storage layer.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
when detecting if the overlay driver can be used a temporary file is
created. if the system is ENOSPC, that fails but the error message
response was misleading. this patch makes the error message in that
case more obvious.
Signed-off-by: baude <bbaude@redhat.com>
We want to allow tools like podman/buildah to override default storage
container mount options on a container by container basis.
For example if the default mount options for containers/storage include
nodev or nosuid, we want to allow podman to turn these off if the user
specifies --privileged.
We also might want to turn off certain user namespace flags that will cause
buildah and podman build to work slower when creating container images.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
an unprivileged user doesn't have the permission to use mknod (except
in file systems owned by the user itself, e.g. tmpfs), so the unpack
would always fail with EPERM. Use the AUFS whiteout format that
doesn't require CAP_MKNOD.
Closes: https://github.com/containers/buildah/issues/1160
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Overlay diff relies on the kernel's Overlay driver, if a user
specifies an alternative driver then we need to default back to the
naivediff.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
If in storage.conf I set the mount options to:
mountopt = "nodev,metacopy=on,redirect_dir=on"
This will turn on redirect_dir but the useNaiveDiff does not currently check
this option. This will cause container images on commit to not be saved
correctly.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
This patch adds a MountOpts field to the drivers so we can simplify
the interface to Get and allow additional options to be passed in the future.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
We need to translate the mount options into flags or
data, so this PR makes the parse code public so we can
use it in containers/storage.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
I believe we should be running container images mounted with nodev by default.
This would eliminate the disk of a device sneaking into the container without
being on the approved list. This would give us the same or potentially additional
security over the device cgroup.
It would be nice if this could be passed in on an image by image basis. So users
could also specify if they want nosuid images.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Valentin Rothberg