When creating a container, don't worry about whether or not the base
image's top layer has the right ID mappings in cases where the base
image doesn't have a top layer.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Fix the sections and their titles in the manpage for containers-storage.conf.
Section titles are all capitalized and don't end with a period.
Signed-off-by: Silvano Cirujano Cuesta <silvano.cirujano-cuesta@siemens.com>
Add to the main manpage the reference to the fact that OSTree will be
used for file deduplication on readonly layers if:
* ostree_repo configured,
* containters-storage build with support for OSTree
That information was missing throughout all the documentation.
Signed-off-by: Silvano Cirujano Cuesta <silvano.cirujano-cuesta@siemens.com>
prefer the custom idmapping specified for the layer instead of using
the global one configured for the driver.
Closes: https://github.com/containers/libpod/issues/2960
Signed-off-by: Giuseppe Scrivano <giuseppe@scrivano.org>
Noticed that the link directory may be lost also with the symlinks,
so this fix creates it if not found and then restores all the links.
Also fix up logic to check wether a dir is found or not instead of
a regular file.
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
These interfaces can be used to setup a graphdriver mountpoint
of the source directory for use within a container.
The RemoveTemp interface umounts the mountpoint and then removes
all of the modified data in the graphdriver for this source directory.
The primary use case of these interfaces is for container engines that
want to mount a directory from the host system into the container. The
source dirctory then can be modified without actually changing the
directory on the host.
Containers will use these interfaces for sharing packaing cache directories
like /var/cache/dnf, to help speed up container builds.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
The manpage of the configuration goes to section 5 instead of 1, like
most of the other manpages. Therefore the existing code wasn't handling
the manpage for 'containers-storage.conf' not appropriately.
Signed-off-by: Silvano Cirujano Cuesta <silvano.cirujano-cuesta@siemens.com>
Manpage for storage.conf is being built as 'container-storage.conf.5'
(notice the missing 's' after 'container'), but it should be
'containers-storage.conf.5' for consistency with the whole project
naming.
Signed-off-by: Silvano Cirujano Cuesta <silvano.cirujano-cuesta@siemens.com>
The multiple-lowers test in the overlay driver succeeded even when we
didn't pass in an upper or work directory, because it can be used for
read-only cases even then, but the single-lower test definitely needs us
to provide upper and work directories, so do that.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
If the synlinks under /var/lib/containers/storage/overlay/l are lost
during a sudden reboot, we go through all the layers under the overlay
directory and create symlinks point to their respective diff directories
with the same name as they were created before. We get this name from
the "link" file under each layer dir.
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
If the root user created a new user namespace, it still has to use the
system configuration and storage.
Previously if root created a user namespace when missing
CAP_SYS_ADMIN, we would use the configuration file under
/root/.config/containers instead of /etc/containers.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
When you build an image with a parent layer in read-only stores
and the new image in read/write stores, the first time you try
to create a container based on the image, it fails, since it
cannot find the image in the same store.
This patch looks not only in the same store, but all of the stores
available.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
We have not been checking the permissions on the rootless directory
this causes issues in tools trying to access the login directory
if XDG_RUNTIME_DIR is not set correctly.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
This commit fix a possible integer overflow during U/GID map parsing.
Casting a 32bit unsigned integer to the resulting IDMap will now be
guarded by a simple overflow check. This check does apply only to 32bit
target architectures.
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
We have a bug report where a user specified a symbolic link to storage
driver. The issue is the physical device is not predictable but the link
is, so evaluating sym links makes the symlink path supportable.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Daniel J Walsh