Deprecate the --monitor-host option of 'init-container'
The --monitor-host option was added to the 'init-container' command in commit8b84b5e460
to accommodate Podman versions older than 1.2.0 that didn't have the '--dns none' and '--no-hosts' options for 'podman create'. These options are necessary to keep the Toolbx container's /etc/resolv.conf and /etc/hosts files synchronized with those of the host. Note that Podman 1.2.0 was already available a few months before commit8b84b5e460
introduced the --monitor-host option. The chances of someone using an older Podman back then was already on the decline, and it's very unlikely that a container created with such a Podman has survived till this date. Commitb6b484fa79
raised the minimum required Podman version to 1.4.0, and made the '--dns none' and '--no-hosts' options a hard requirement. The minimum required Podman version was again raised recently in commit8e80dd5db1
to 1.6.4. Therefore, these days, there's no need to separately use the --monitor-host option of 'init-container' for newly created containers to indicate that the Podman version wasn't older than 1.2.0. Given all this, it's time to stop using the --monitor-host option of 'init-container', and assume that it's always set. The option is still accepted to retain compatibility with existing Toolbx containers. For containers that were created with the --monitor-host option, a deprecation notice will be shown as: $ podman start --attach CONTAINER Flag --monitor-host has been deprecated, it does nothing ... https://github.com/containers/toolbox/pull/617
This commit is contained in:
parent
9680e4eeb2
commit
58638c5940
3 changed files with 52 additions and 73 deletions
|
@ -9,7 +9,6 @@ toolbox\-init\-container - Initialize a running container
|
||||||
*--home-link*
|
*--home-link*
|
||||||
*--media-link*
|
*--media-link*
|
||||||
*--mnt-link*
|
*--mnt-link*
|
||||||
*--monitor-host*
|
|
||||||
*--shell SHELL*
|
*--shell SHELL*
|
||||||
*--uid UID*
|
*--uid UID*
|
||||||
*--user USER*
|
*--user USER*
|
||||||
|
@ -76,31 +75,12 @@ Make `/mnt` a symbolic link to `/var/mnt`.
|
||||||
|
|
||||||
**--monitor-host**
|
**--monitor-host**
|
||||||
|
|
||||||
Ensures that certain configuration files inside the toolbox container are kept
|
Deprecated, does nothing.
|
||||||
synchronized with their counterparts on the host, and bind mounts some paths
|
|
||||||
from the host's file system into the container.
|
|
||||||
|
|
||||||
The synchronized files are:
|
Crucial configuration files inside the toolbox container are always kept
|
||||||
|
synchronized with their counterparts on the host, and various subsets of the
|
||||||
- `/etc/host.conf`
|
host's file system hierarchy are always bind mounted to their corresponding
|
||||||
- `/etc/hosts`
|
locations inside the toolbox container.
|
||||||
- `/etc/localtime`
|
|
||||||
- `/etc/resolv.conf`
|
|
||||||
- `/etc/timezone`
|
|
||||||
|
|
||||||
The bind mounted paths are:
|
|
||||||
|
|
||||||
- `/etc/machine-id`
|
|
||||||
- `/run/libvirt`
|
|
||||||
- `/run/systemd/journal`
|
|
||||||
- `/run/systemd/resolve`
|
|
||||||
- `/run/udev/data`
|
|
||||||
- `/tmp`
|
|
||||||
- `/var/lib/flatpak`
|
|
||||||
- `/var/lib/libvirt`
|
|
||||||
- `/var/lib/systemd/coredump`
|
|
||||||
- `/var/log/journal`
|
|
||||||
- `/var/mnt`
|
|
||||||
|
|
||||||
**--shell** SHELL
|
**--shell** SHELL
|
||||||
|
|
||||||
|
|
|
@ -386,7 +386,6 @@ func createContainer(container, image, release, authFile string, showCommandToEn
|
||||||
"--shell", userShell,
|
"--shell", userShell,
|
||||||
"--uid", currentUser.Uid,
|
"--uid", currentUser.Uid,
|
||||||
"--user", currentUser.Username,
|
"--user", currentUser.Username,
|
||||||
"--monitor-host",
|
|
||||||
}
|
}
|
||||||
|
|
||||||
entryPoint = append(entryPoint, slashHomeLink...)
|
entryPoint = append(entryPoint, slashHomeLink...)
|
||||||
|
|
|
@ -107,8 +107,12 @@ func init() {
|
||||||
|
|
||||||
flags.BoolVar(&initContainerFlags.monitorHost,
|
flags.BoolVar(&initContainerFlags.monitorHost,
|
||||||
"monitor-host",
|
"monitor-host",
|
||||||
false,
|
true,
|
||||||
"Ensure that certain configuration files inside the toolbox container are in sync with the host")
|
"Deprecated, does nothing")
|
||||||
|
if err := flags.MarkDeprecated("monitor-host", "it does nothing"); err != nil {
|
||||||
|
panicMsg := fmt.Sprintf("cannot mark --monitor-host as deprecated: %s", err)
|
||||||
|
panic(panicMsg)
|
||||||
|
}
|
||||||
|
|
||||||
flags.StringVar(&initContainerFlags.shell,
|
flags.StringVar(&initContainerFlags.shell,
|
||||||
"shell",
|
"shell",
|
||||||
|
@ -163,59 +167,55 @@ func initContainer(cmd *cobra.Command, args []string) error {
|
||||||
|
|
||||||
defer toolboxEnvFile.Close()
|
defer toolboxEnvFile.Close()
|
||||||
|
|
||||||
if initContainerFlags.monitorHost {
|
if utils.PathExists("/run/host/etc") {
|
||||||
logrus.Debug("Monitoring host")
|
logrus.Debug("Path /run/host/etc exists")
|
||||||
|
|
||||||
if utils.PathExists("/run/host/etc") {
|
if _, err := os.Readlink("/etc/host.conf"); err != nil {
|
||||||
logrus.Debug("Path /run/host/etc exists")
|
if err := redirectPath("/etc/host.conf",
|
||||||
|
"/run/host/etc/host.conf",
|
||||||
if _, err := os.Readlink("/etc/host.conf"); err != nil {
|
false); err != nil {
|
||||||
if err := redirectPath("/etc/host.conf",
|
|
||||||
"/run/host/etc/host.conf",
|
|
||||||
false); err != nil {
|
|
||||||
return err
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if _, err := os.Readlink("/etc/hosts"); err != nil {
|
|
||||||
if err := redirectPath("/etc/hosts",
|
|
||||||
"/run/host/etc/hosts",
|
|
||||||
false); err != nil {
|
|
||||||
return err
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if localtimeTarget, err := os.Readlink("/etc/localtime"); err != nil ||
|
|
||||||
localtimeTarget != "/run/host/etc/localtime" {
|
|
||||||
if err := redirectPath("/etc/localtime",
|
|
||||||
"/run/host/etc/localtime",
|
|
||||||
false); err != nil {
|
|
||||||
return err
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if err := updateTimeZoneFromLocalTime(); err != nil {
|
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if _, err := os.Readlink("/etc/resolv.conf"); err != nil {
|
if _, err := os.Readlink("/etc/hosts"); err != nil {
|
||||||
if err := redirectPath("/etc/resolv.conf",
|
if err := redirectPath("/etc/hosts",
|
||||||
"/run/host/etc/resolv.conf",
|
"/run/host/etc/hosts",
|
||||||
false); err != nil {
|
false); err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
for _, mount := range initContainerMounts {
|
if localtimeTarget, err := os.Readlink("/etc/localtime"); err != nil ||
|
||||||
if err := mountBind(mount.containerPath, mount.source, mount.flags); err != nil {
|
localtimeTarget != "/run/host/etc/localtime" {
|
||||||
return err
|
if err := redirectPath("/etc/localtime",
|
||||||
}
|
"/run/host/etc/localtime",
|
||||||
|
false); err != nil {
|
||||||
|
return err
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if utils.PathExists("/sys/fs/selinux") {
|
if err := updateTimeZoneFromLocalTime(); err != nil {
|
||||||
if err := mountBind("/sys/fs/selinux", "/usr/share/empty", ""); err != nil {
|
return err
|
||||||
return err
|
}
|
||||||
}
|
|
||||||
|
if _, err := os.Readlink("/etc/resolv.conf"); err != nil {
|
||||||
|
if err := redirectPath("/etc/resolv.conf",
|
||||||
|
"/run/host/etc/resolv.conf",
|
||||||
|
false); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
for _, mount := range initContainerMounts {
|
||||||
|
if err := mountBind(mount.containerPath, mount.source, mount.flags); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if utils.PathExists("/sys/fs/selinux") {
|
||||||
|
if err := mountBind("/sys/fs/selinux", "/usr/share/empty", ""); err != nil {
|
||||||
|
return err
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue