Skip to content

Commit

Permalink
Merge pull request #653 from TristanCacqueray/master
Browse files Browse the repository at this point in the history 
rootless: don't create a namespace unless for containers-storage
  • Loading branch information
@mtrmac
mtrmac authored May 18, 2019
2 parents 30b0a17 + b46d16f commit 2b50861
Show file tree
Hide file tree
Showing 14 changed files with 113 additions and 82 deletions.
14 changes: 9 additions & 5 deletions cmd/skopeo/copy.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,6 @@ func copyCmd(global *globalOptions) cli.Command {
`, strings.Join(transports.ListNames(), ", ")),
ArgsUsage: "SOURCE-IMAGE DESTINATION-IMAGE",
Action: commandAction(opts.run),
Before: needsRexec,
// FIXME: Do we need to namespace the GPG aspect?
Flags: append(append(append([]cli.Flag{
cli.StringSliceFlag{
Expand Down Expand Up @@ -86,20 +85,25 @@ func (opts *copyOptions) run(args []string, stdout io.Writer) error {
if len(args) != 2 {
return errorShouldDisplayUsage{errors.New("Exactly two arguments expected")}
}
imageNames := args

if err := reexecIfNecessaryForImages(imageNames...); err != nil {
return err
}

policyContext, err := opts.global.getPolicyContext()
if err != nil {
return fmt.Errorf("Error loading trust policy: %v", err)
}
defer policyContext.Destroy()

srcRef, err := alltransports.ParseImageName(args[0])
srcRef, err := alltransports.ParseImageName(imageNames[0])
if err != nil {
return fmt.Errorf("Invalid source name %s: %v", args[0], err)
return fmt.Errorf("Invalid source name %s: %v", imageNames[0], err)
}
destRef, err := alltransports.ParseImageName(args[1])
destRef, err := alltransports.ParseImageName(imageNames[1])
if err != nil {
return fmt.Errorf("Invalid destination name %s: %v", args[1], err)
return fmt.Errorf("Invalid destination name %s: %v", imageNames[1], err)
}

sourceCtx, err := opts.srcImage.newSystemContext()
Expand Down
14 changes: 9 additions & 5 deletions cmd/skopeo/delete.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,9 +24,8 @@ func deleteCmd(global *globalOptions) cli.Command {
image: imageOpts,
}
return cli.Command{
Before: needsRexec,
Name: "delete",
Usage: "Delete image IMAGE-NAME",
Name: "delete",
Usage: "Delete image IMAGE-NAME",
Description: fmt.Sprintf(`
Delete an "IMAGE_NAME" from a transport
Expand All @@ -45,10 +44,15 @@ func (opts *deleteOptions) run(args []string, stdout io.Writer) error {
if len(args) != 1 {
return errors.New("Usage: delete imageReference")
}
imageName := args[0]

ref, err := alltransports.ParseImageName(args[0])
if err := reexecIfNecessaryForImages(imageName); err != nil {
return err
}

ref, err := alltransports.ParseImageName(imageName)
if err != nil {
return fmt.Errorf("Invalid source name %s: %v", args[0], err)
return fmt.Errorf("Invalid source name %s: %v", imageName, err)
}

sys, err := opts.image.newSystemContext()
Expand Down
9 changes: 7 additions & 2 deletions cmd/skopeo/inspect.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -68,7 +68,6 @@ func inspectCmd(global *globalOptions) cli.Command {
Destination: &opts.config,
},
}, sharedFlags...), imageFlags...),
Before: needsRexec,
Action: commandAction(opts.run),
}
}
Expand All @@ -80,7 +79,13 @@ func (opts *inspectOptions) run(args []string, stdout io.Writer) (retErr error)
if len(args) != 1 {
return errors.New("Exactly one argument expected")
}
img, err := parseImage(ctx, opts.image, args[0])
imageName := args[0]

if err := reexecIfNecessaryForImages(imageName); err != nil {
return err
}

img, err := parseImage(ctx, opts.image, imageName)
if err != nil {
return err
}
Expand Down
8 changes: 6 additions & 2 deletions cmd/skopeo/layers.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,6 @@ func layersCmd(global *globalOptions) cli.Command {
Name: "layers",
Usage: "Get layers of IMAGE-NAME",
ArgsUsage: "IMAGE-NAME [LAYER...]",
Before: needsRexec,
Hidden: true,
Action: commandAction(opts.run),
Flags: append(sharedFlags, imageFlags...),
Expand All @@ -44,6 +43,11 @@ func (opts *layersOptions) run(args []string, stdout io.Writer) (retErr error) {
if len(args) == 0 {
return errors.New("Usage: layers imageReference [layer...]")
}
imageName := args[0]

if err := reexecIfNecessaryForImages(imageName); err != nil {
return err
}

ctx, cancel := opts.global.commandTimeoutContext()
defer cancel()
Expand All @@ -53,7 +57,7 @@ func (opts *layersOptions) run(args []string, stdout io.Writer) (retErr error) {
return err
}
cache := blobinfocache.DefaultCache(sys)
rawSource, err := parseImageSource(ctx, opts.image, args[0])
rawSource, err := parseImageSource(ctx, opts.image, imageName)
if err != nil {
return err
}
Expand Down
4 changes: 4 additions & 0 deletions cmd/skopeo/unshare.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,3 +5,7 @@ package main
func maybeReexec() error {
return nil
}

func reexecIfNecessaryForImages(inputImageNames ...string) error {
return nil
}
12 changes: 12 additions & 0 deletions cmd/skopeo/unshare_linux.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,8 @@ package main

import (
"github.com/containers/buildah/pkg/unshare"
"github.com/containers/image/storage"
"github.com/containers/image/transports/alltransports"
"github.com/pkg/errors"
"github.com/syndtr/gocapability/capability"
)
Expand Down Expand Up @@ -32,3 +34,13 @@ func maybeReexec() error {
}
return nil
}

func reexecIfNecessaryForImages(imageNames ...string) error {
// Check if container-storage are used before doing unshare
for _, imageName := range imageNames {
if alltransports.TransportFromImageName(imageName).Name() == storage.Transport.Name() {
return maybeReexec()
}
}
return nil
}
4 changes: 0 additions & 4 deletions cmd/skopeo/utils.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,10 +16,6 @@ type errorShouldDisplayUsage struct {
error
}

func needsRexec(c *cli.Context) error {
return maybeReexec()
}

// commandAction intermediates between the cli.ActionFunc interface and the real handler,
// primarily to ensure that cli.Context is not available to the handler, which in turn
// makes sure that the cli.String() etc. flag access functions are not used,
Expand Down
2 changes: 1 addition & 1 deletion vendor.conf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
github.com/urfave/cli v1.20.0
github.com/kr/pretty v0.1.0
github.com/kr/text v0.1.0
github.com/containers/image ff926d3c79684793a2135666a2cb738f44ba33dc
github.com/containers/image 2c0349c99af7d90694b3faa0e9bde404d407b145
github.com/containers/buildah 810efa340ab43753034e2ed08ec290e4abab7e72
github.com/vbauerster/mpb v3.3.4
github.com/mattn/go-isatty v0.0.4
Expand Down
44 changes: 18 additions & 26 deletions vendor/github.com/containers/image/docker/docker_client.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

27 changes: 16 additions & 11 deletions vendor/github.com/containers/image/docker/docker_image_src.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

18 changes: 9 additions & 9 deletions ...ntainers/image/docs/atomic-signature.5.md → ...ners/image/docs/containers-signature.5.md
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading

0 comments on commit 2b50861

Please sign in to comment.