From cd21973f476c5716850a32d7dca5526f78c2e1bb Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Mon, 30 Oct 2023 10:16:18 +0100 Subject: [PATCH] pkg/util: use code from c/storage [NO NEW TESTS NEEDED] no new functionalities are added Signed-off-by: Giuseppe Scrivano --- cmd/podman/machine/machine.go | 2 +- cmd/podman/registry/config.go | 2 +- cmd/podman/registry/registry.go | 2 +- cmd/podman/system/service.go | 2 +- contrib/tmpfile/podman.conf | 1 + libpod/container_top_linux.go | 2 +- libpod/networking_linux.go | 2 +- libpod/oci_conmon_common.go | 18 +++--- libpod/reset.go | 2 +- libpod/runtime.go | 2 +- pkg/domain/infra/abi/system.go | 2 +- pkg/machine/qemu/options_linux.go | 2 +- pkg/util/utils.go | 8 --- pkg/util/utils_supported.go | 92 ++----------------------------- pkg/util/utils_windows.go | 4 +- 15 files changed, 28 insertions(+), 115 deletions(-) diff --git a/cmd/podman/machine/machine.go b/cmd/podman/machine/machine.go index 959f8008b6..11bebcf260 100644 --- a/cmd/podman/machine/machine.go +++ b/cmd/podman/machine/machine.go @@ -150,7 +150,7 @@ func resolveEventSock() ([]string, error) { } func eventSockDir() (string, error) { - xdg, err := util.GetRuntimeDir() + xdg, err := util.GetRootlessRuntimeDir() if err != nil { return "", err } diff --git a/cmd/podman/registry/config.go b/cmd/podman/registry/config.go index 1f6f6f566c..fd8f322c45 100644 --- a/cmd/podman/registry/config.go +++ b/cmd/podman/registry/config.go @@ -134,7 +134,7 @@ func setXdgDirs() error { // Set up XDG_RUNTIME_DIR if _, found := os.LookupEnv("XDG_RUNTIME_DIR"); !found { - dir, err := util.GetRuntimeDir() + dir, err := util.GetRootlessRuntimeDir() if err != nil { return err } diff --git a/cmd/podman/registry/registry.go b/cmd/podman/registry/registry.go index b45a34ff17..100856f2fb 100644 --- a/cmd/podman/registry/registry.go +++ b/cmd/podman/registry/registry.go @@ -99,7 +99,7 @@ func GetContext() context.Context { func DefaultAPIAddress() string { if rootless.IsRootless() { - xdg, err := util.GetRuntimeDir() + xdg, err := util.GetRootlessRuntimeDir() if err != nil { logrus.Warnf("Failed to get rootless runtime dir for DefaultAPIAddress: %s", err) return DefaultRootAPIAddress diff --git a/cmd/podman/system/service.go b/cmd/podman/system/service.go index c2b017e8b3..6474e1aa2a 100644 --- a/cmd/podman/system/service.go +++ b/cmd/podman/system/service.go @@ -130,7 +130,7 @@ func resolveAPIURI(uri []string) (string, error) { logrus.Info("Using systemd socket activation to determine API endpoint") return "", nil case rootless.IsRootless(): - xdg, err := util.GetRuntimeDir() + xdg, err := util.GetRootlessRuntimeDir() if err != nil { return "", err } diff --git a/contrib/tmpfile/podman.conf b/contrib/tmpfile/podman.conf index fad824cfbf..5cc4c0d70e 100644 --- a/contrib/tmpfile/podman.conf +++ b/contrib/tmpfile/podman.conf @@ -1,6 +1,7 @@ # /tmp/podman-run-* directory can contain content for Podman containers that have run # for many days. This following line prevents systemd from removing this content. x /tmp/podman-run-* +x /tmp/storage-run-* x /tmp/containers-user-* x /tmp/run-*/libpod D! /var/lib/containers/storage/tmp 0700 root root diff --git a/libpod/container_top_linux.go b/libpod/container_top_linux.go index 85cec315e7..aa81a8b459 100644 --- a/libpod/container_top_linux.go +++ b/libpod/container_top_linux.go @@ -328,7 +328,7 @@ func (c *Container) execPS(psArgs []string) ([]string, bool, error) { cmd.Stdout = wPipe cmd.Stderr = &errBuf // nil means use current env so explicitly unset all, to not leak any sensitive env vars - cmd.Env = []string{} + cmd.Env = []string{fmt.Sprintf("HOME=%s", os.Getenv("HOME"))} retryContainerExec := true err = cmd.Run() diff --git a/libpod/networking_linux.go b/libpod/networking_linux.go index 16c3174966..7d75158efc 100644 --- a/libpod/networking_linux.go +++ b/libpod/networking_linux.go @@ -82,7 +82,7 @@ func (r *RootlessNetNS) Do(toRun func() error) error { return fmt.Errorf("cannot create a new mount namespace: %w", err) } - xdgRuntimeDir, err := util.GetRuntimeDir() + xdgRuntimeDir, err := util.GetRootlessRuntimeDir() if err != nil { return fmt.Errorf("could not get runtime directory: %w", err) } diff --git a/libpod/oci_conmon_common.go b/libpod/oci_conmon_common.go index 9fc2810496..a8514a622b 100644 --- a/libpod/oci_conmon_common.go +++ b/libpod/oci_conmon_common.go @@ -209,7 +209,7 @@ func (r *ConmonOCIRuntime) CreateContainer(ctr *Container, restoreOptions *Conta // status, but will instead only check for the existence of the conmon exit file // and update state to stopped if it exists. func (r *ConmonOCIRuntime) UpdateContainerStatus(ctr *Container) error { - runtimeDir, err := util.GetRuntimeDir() + runtimeDir, err := util.GetRootlessRuntimeDir() if err != nil { return err } @@ -290,7 +290,7 @@ func (r *ConmonOCIRuntime) UpdateContainerStatus(ctr *Container) error { // Sets time the container was started, but does not save it. func (r *ConmonOCIRuntime) StartContainer(ctr *Container) error { // TODO: streams should probably *not* be our STDIN/OUT/ERR - redirect to buffers? - runtimeDir, err := util.GetRuntimeDir() + runtimeDir, err := util.GetRootlessRuntimeDir() if err != nil { return err } @@ -309,7 +309,7 @@ func (r *ConmonOCIRuntime) StartContainer(ctr *Container) error { // UpdateContainer updates the given container's cgroup configuration func (r *ConmonOCIRuntime) UpdateContainer(ctr *Container, resources *spec.LinuxResources) error { - runtimeDir, err := util.GetRuntimeDir() + runtimeDir, err := util.GetRootlessRuntimeDir() if err != nil { return err } @@ -368,7 +368,7 @@ func (r *ConmonOCIRuntime) KillContainer(ctr *Container, signal uint, all bool) // *bytes.buffer and returned; otherwise, it is set to os.Stderr. func (r *ConmonOCIRuntime) killContainer(ctr *Container, signal uint, all, captureStderr bool) (*bytes.Buffer, error) { logrus.Debugf("Sending signal %d to container %s", signal, ctr.ID()) - runtimeDir, err := util.GetRuntimeDir() + runtimeDir, err := util.GetRootlessRuntimeDir() if err != nil { return nil, err } @@ -504,7 +504,7 @@ func (r *ConmonOCIRuntime) StopContainer(ctr *Container, timeout uint, all bool) // DeleteContainer deletes a container from the OCI runtime. func (r *ConmonOCIRuntime) DeleteContainer(ctr *Container) error { - runtimeDir, err := util.GetRuntimeDir() + runtimeDir, err := util.GetRootlessRuntimeDir() if err != nil { return err } @@ -514,7 +514,7 @@ func (r *ConmonOCIRuntime) DeleteContainer(ctr *Container) error { // PauseContainer pauses the given container. func (r *ConmonOCIRuntime) PauseContainer(ctr *Container) error { - runtimeDir, err := util.GetRuntimeDir() + runtimeDir, err := util.GetRootlessRuntimeDir() if err != nil { return err } @@ -524,7 +524,7 @@ func (r *ConmonOCIRuntime) PauseContainer(ctr *Container) error { // UnpauseContainer unpauses the given container. func (r *ConmonOCIRuntime) UnpauseContainer(ctr *Container) error { - runtimeDir, err := util.GetRuntimeDir() + runtimeDir, err := util.GetRootlessRuntimeDir() if err != nil { return err } @@ -851,7 +851,7 @@ func (r *ConmonOCIRuntime) CheckpointContainer(ctr *Container, options Container args = append(args, ctr.ID()) logrus.Debugf("the args to checkpoint: %s %s", r.path, strings.Join(args, " ")) - runtimeDir, err := util.GetRuntimeDir() + runtimeDir, err := util.GetRootlessRuntimeDir() if err != nil { return 0, err } @@ -1324,7 +1324,7 @@ func (r *ConmonOCIRuntime) configureConmonEnv() ([]string, error) { } res = append(res, v) } - runtimeDir, err := util.GetRuntimeDir() + runtimeDir, err := util.GetRootlessRuntimeDir() if err != nil { return nil, err } diff --git a/libpod/reset.go b/libpod/reset.go index 2dac1ae6be..b80cbe007e 100644 --- a/libpod/reset.go +++ b/libpod/reset.go @@ -202,7 +202,7 @@ func (r *Runtime) reset(ctx context.Context) error { prevError = err } } - runtimeDir, err := util.GetRuntimeDir() + runtimeDir, err := util.GetRootlessRuntimeDir() if err != nil { return err } diff --git a/libpod/runtime.go b/libpod/runtime.go index 9122c7ff34..c58b2fb9ec 100644 --- a/libpod/runtime.go +++ b/libpod/runtime.go @@ -134,7 +134,7 @@ func SetXdgDirs() error { if runtimeDir == "" { var err error - runtimeDir, err = util.GetRuntimeDir() + runtimeDir, err = util.GetRootlessRuntimeDir() if err != nil { return err } diff --git a/pkg/domain/infra/abi/system.go b/pkg/domain/infra/abi/system.go index 4d2f8c303e..8d7a830500 100644 --- a/pkg/domain/infra/abi/system.go +++ b/pkg/domain/infra/abi/system.go @@ -36,7 +36,7 @@ func (ic *ContainerEngine) Info(ctx context.Context) (*define.Info, error) { // service may be run with another URI. if ic.Libpod.RemoteURI() == "" { xdg := defaultRunPath - if path, err := util.GetRuntimeDir(); err != nil { + if path, err := util.GetRootlessRuntimeDir(); err != nil { // Info is as good as we can guess... return info, err } else if path != "" { diff --git a/pkg/machine/qemu/options_linux.go b/pkg/machine/qemu/options_linux.go index 8f267dbe23..15b162aeb4 100644 --- a/pkg/machine/qemu/options_linux.go +++ b/pkg/machine/qemu/options_linux.go @@ -9,5 +9,5 @@ func getRuntimeDir() (string, error) { if !rootless.IsRootless() { return "/run", nil } - return util.GetRuntimeDir() + return util.GetRootlessRuntimeDir() } diff --git a/pkg/util/utils.go b/pkg/util/utils.go index 679110df2f..0d4fa4ef4c 100644 --- a/pkg/util/utils.go +++ b/pkg/util/utils.go @@ -13,7 +13,6 @@ import ( "sort" "strconv" "strings" - "sync" "syscall" "time" @@ -920,13 +919,6 @@ func ParseIDMapping(mode namespaces.UsernsMode, uidMapSlice, gidMapSlice []strin return &options, nil } -var ( - rootlessConfigHomeDirOnce sync.Once - rootlessConfigHomeDir string - rootlessRuntimeDirOnce sync.Once - rootlessRuntimeDir string -) - type tomlOptionsConfig struct { MountProgram string `toml:"mount_program"` } diff --git a/pkg/util/utils_supported.go b/pkg/util/utils_supported.go index 406d56ce6f..58ac795a1f 100644 --- a/pkg/util/utils_supported.go +++ b/pkg/util/utils_supported.go @@ -7,109 +7,29 @@ package util // should work to take darwin from this import ( - "errors" - "fmt" - "os" "path/filepath" - "strconv" - "syscall" "github.com/containers/podman/v4/pkg/rootless" - "github.com/sirupsen/logrus" + "github.com/containers/storage/pkg/homedir" ) -// GetRuntimeDir returns the runtime directory -func GetRuntimeDir() (string, error) { - var rootlessRuntimeDirError error - +// GetRootlessRuntimeDir returns the runtime directory when running as non root +func GetRootlessRuntimeDir() (string, error) { if !rootless.IsRootless() { return "", nil } - - rootlessRuntimeDirOnce.Do(func() { - runtimeDir := os.Getenv("XDG_RUNTIME_DIR") - - if runtimeDir != "" { - rootlessRuntimeDir, rootlessRuntimeDirError = filepath.EvalSymlinks(runtimeDir) - return - } - - uid := strconv.Itoa(rootless.GetRootlessUID()) - if runtimeDir == "" { - tmpDir := filepath.Join("/run", "user", uid) - if err := os.MkdirAll(tmpDir, 0700); err != nil { - logrus.Debug(err) - } - st, err := os.Stat(tmpDir) - if err == nil && int(st.Sys().(*syscall.Stat_t).Uid) == os.Geteuid() && (st.Mode().Perm()&0700 == 0700) { - runtimeDir = tmpDir - } - } - if runtimeDir == "" { - tmpDir := filepath.Join(os.TempDir(), fmt.Sprintf("podman-run-%s", uid)) - if err := os.MkdirAll(tmpDir, 0700); err != nil { - logrus.Debug(err) - } - st, err := os.Stat(tmpDir) - if err == nil && int(st.Sys().(*syscall.Stat_t).Uid) == os.Geteuid() && (st.Mode().Perm()&0700 == 0700) { - runtimeDir = tmpDir - } - } - if runtimeDir == "" { - home := os.Getenv("HOME") - if home == "" { - rootlessRuntimeDirError = errors.New("neither XDG_RUNTIME_DIR nor HOME was set non-empty") - return - } - resolvedHome, err := filepath.EvalSymlinks(home) - if err != nil { - rootlessRuntimeDirError = fmt.Errorf("cannot resolve %s: %w", home, err) - return - } - runtimeDir = filepath.Join(resolvedHome, "rundir") - } - rootlessRuntimeDir = runtimeDir - }) - - if rootlessRuntimeDirError != nil { - return "", rootlessRuntimeDirError - } - return rootlessRuntimeDir, nil + return homedir.GetRuntimeDir() } // GetRootlessConfigHomeDir returns the config home directory when running as non root func GetRootlessConfigHomeDir() (string, error) { - var rootlessConfigHomeDirError error - - rootlessConfigHomeDirOnce.Do(func() { - cfgHomeDir := os.Getenv("XDG_CONFIG_HOME") - if cfgHomeDir == "" { - home := os.Getenv("HOME") - resolvedHome, err := filepath.EvalSymlinks(home) - if err != nil { - rootlessConfigHomeDirError = fmt.Errorf("cannot resolve %s: %w", home, err) - return - } - tmpDir := filepath.Join(resolvedHome, ".config") - st, err := os.Stat(tmpDir) - if err == nil && int(st.Sys().(*syscall.Stat_t).Uid) == os.Geteuid() && st.Mode().Perm() >= 0700 { - cfgHomeDir = tmpDir - } - } - rootlessConfigHomeDir = cfgHomeDir - }) - - if rootlessConfigHomeDirError != nil { - return "", rootlessConfigHomeDirError - } - - return rootlessConfigHomeDir, nil + return homedir.GetConfigHome() } // GetRootlessPauseProcessPidPath returns the path to the file that holds the pid for // the pause process. func GetRootlessPauseProcessPidPath() (string, error) { - runtimeDir, err := GetRuntimeDir() + runtimeDir, err := GetRootlessRuntimeDir() if err != nil { return "", err } diff --git a/pkg/util/utils_windows.go b/pkg/util/utils_windows.go index 1e48eb5721..3d403e3f47 100644 --- a/pkg/util/utils_windows.go +++ b/pkg/util/utils_windows.go @@ -30,8 +30,8 @@ func GetRootlessPauseProcessPidPath() (string, error) { return "", fmt.Errorf("GetRootlessPauseProcessPidPath: %w", errNotImplemented) } -// GetRuntimeDir returns the runtime directory -func GetRuntimeDir() (string, error) { +// GetRootlessRuntimeDir returns the runtime directory +func GetRootlessRuntimeDir() (string, error) { data, err := homedir.GetDataHome() if err != nil { return "", err