drop the rootless argument from DefaultStoreOptions and
UpdateStoreOptions since this can be retrieved internally through the
unshare package.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Fetch prior drivers if any using `ReadDir` and looking for traces of
`%s-images` dirs if present already on the system where `%s` is the
prior driver.
Signed-off-by: Aditya R <arajan@redhat.com>
gofumpt is a superset of gofmt, enabling some more code formatting
rules.
This commit is brought to you by
gofumpt -w .
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
Remap-User/Group setting is always override by
Remap-UIDs/GIDs setting and ignored.
This commit enables Remap-User/Group setting.
Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
There is no need for `vfs` to be the default storage driver since kernel
>= 5.13 supports `overlay` natively however there is use-case for users
who don't had any configs and they started using `vfs` in a default
manner following check is a hack to keep `buildah` and `podman` working
for such users.
See: https://github.com/containers/storage/pull/1571 for prior
discussions.
Signed-off-by: Aditya R <arajan@redhat.com>
if there are no configuration files present, attempt to use overlay
for rootless if fuse-overlayfs is installed or if the kernel is >= 5.13.
Closes: https://github.com/containers/storage/issues/1570
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Allow storage users to split the filesystem of containers vs image
store, `imagestore` if configured will pull images in image storage
instead of the `graphRoot` while keeping the other parts still in the
originally configured `graphRoot`.
overlay: set workdir and upperdir according to splitstore
If splitstore is set `workdir` and `upperdir` must go into the
splitstore i.e `graphRoot`.
Signed-off-by: Aditya R <arajan@redhat.com>
Add initial Check() and Repair() methods to Stores.
Check() checks for inconsistencies between the layers which the
lower-level storage driver claims to know about and the ones which we
know we're managing. It checks that layers referenced by layers,
images, and containers are known to us and that images referenced by
containers are known to us. It checks that data which we store
alongside layers, images, and containers is still present, and to the
extent which we store other information about that data (frequenly just
the size of the data), verifies that it matches recorded expectations.
Lastly, it checks that layers which are part of images (and which we
therefore know what they should have in them) have the expected content,
and nothing else.
Repair() removes any containers, images, and layers which have any
errors associated with them. This is destructive, so its use should be
considered and deliberate.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
make sure that the runroot and graphroot are not empty otherwise we will
end up using an empty directory as path prefix and create files in the
current directory.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
when running in rootful mode, if it is present, prefer the override path
/etc/containers/storage.conf instead of using the default storage.conf
provided by the package under the /usr/share/containers/ directory.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
This is an amend to https://github.com/containers/storage/pull/1460
That PR was not addressing the case when the system wide config had the
driver_priority option configured and the user had no config file of their
own. Then `getRootlessStorageOpts` would be called and it would override the
graph driver to "vfs".
With this commit we only override the graph driver if driver priority is
empty. Otherwise we propagate the driver priority into the storage options, so
that the driver autodetection works as expected.
Signed-off-by: Dan Čermák <dcermak@suse.com>
Currently we would display an error when the user does not specify a `driver` in
their config file. This has been present for historical reasons mostly to
prevent users from accidentally getting the vfs
driver (https://github.com/containers/storage/pull/1460#issuecomment-1370866271). Now
that most systems support the overlay driver natively, we can reduce this to a
warning and only warn about it if the driver_priority list is unset. If it is
provided, then clearly the user or the distribution wanted for c/storage to pick
a driver itself and the warning would be only confusing to users.
Signed-off-by: Dan Čermák <dcermak@suse.com>
Want to allow Podman to print helpful error message when
users runs out of UIDs to use with podman run --userns=auto.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Currently Podman warns when attempting to reset storage, if the
system wide storage.conf file
/usr/share/containers/storage.conf exists.
Since distros ship this, we need to allow Podman to check if the
default is the System default and therefore do not warn.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Currently running a simple container runs and stats configuration
storage.conf files multiple times on a simple container run.
This PR cuts the opens and stats in half by caching the first read.
This speeds up start by about 10-20 microseconds.
If container engines want to react to storage files changing, added a
new function UpdateStoreOptions to allow engines to reload options.
Fixes: https://github.com/containers/storage/issues/1403
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Follow up to https://github.com/containers/storage/pull/1357
Podman tests suggest that do not need to use XDG_CONFIG_HOME if
storage.conf does not exists. In that case we fall back to
/etc/containers/storage.conf and /usr/share/containers/storage.conf
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
HPC Customers noticed that storage was attempting to read files in /usr
and /etc, even though they set XDG_CONFIG_HOME, they expect to only read
config files in this directory.
Fixes: https://github.com/containers/podman/issues/15680
(Actually partial fixes), need to look at other config files.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
This commit replaces `ioutil.TempDir` with `t.TempDir` in tests. The
directory created by `t.TempDir` is automatically removed when the test
and all its subtests complete.
Prior to this commit, temporary directory created using `ioutil.TempDir`
needs to be removed manually by calling `os.RemoveAll`, which is omitted
in some tests. The error handling boilerplate e.g.
defer func() {
if err := os.RemoveAll(dir); err != nil {
t.Fatal(err)
}
}
is also tedious, but `t.TempDir` handles this for us nicely.
Reference: https://pkg.go.dev/testing#T.TempDir
Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
This allows consumers of this library to rely on the in-memory default
rather than requiring a storage.conf.
Refers to https://github.com/containers/storage/pull/1279 and
1f647d954f
Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
We now use the golang error wrapping format specifier `%w` instead of the
deprecated github.com/pkg/errors package.
Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
when the configuration file was explicitly specified, all the graph
drivers options are copied, not only the ones allowed for rootless.
Closes: https://github.com/containers/storage/issues/1278
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
otherwise changes applied later to the object are propagated to the
copy in prevReloadConfig.storeOptions.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
if the CONTAINERS_STORAGE_CONF environment variable is set and the
specified file doesn't exist, then return an error.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Using init in libs is bad. init() has to be run every time the
application which imports this package starts. This slows down startup
time even if the application will never use this code path.
Instead use a sync.Once to only the config when it is required.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
CONTAINERS_STORAGE_CONF env var should overwrite the default path even
for the first config load at init time.
Fixescontainers/podman#14267
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Also add interfaces to allow callers to see the pull options.
While experimenting with pushing and pulling with zstd, I found
that storage pulloptions were not being used in rootless mode.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
when the container specifies some mappings to be applied, verify that
they are not overlapping and give a clearer error message.
Closes: https://github.com/containers/storage/issues/1127
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
If passing either just a runroot or both a runroot and a graphroot
GetStore() was returning when finding a match for JUST the graph root,
overriding the runroot and using a different location than specified
Also create two new helper functions which add the ability to retrieve and overwrite
the toml config in the user's storage.conf file
Signed-off-by: cdoern <cdoern@redhat.com>
Giuseppe Scrivano