mirror of
https://github.com/containers/podman.git
synced 2026-02-07 12:52:05 -05:00
f172ff789b
use name_to_handle_at and open_by_handle_at to persist rootless namespaces without needing a pause process. The namespace file handles are stored in a file and can be used to rejoin the namespaces, as long as the namespaces still exist. Fall back to the pause process approach only when the kernel doesn't support nsfs handles (EOPNOTSUPP). The feature is currently only enabled when the PODMAN_NO_PAUSE_PROCESS environment variable is set. These changes in the kernel are required (landed in Linux 6.18): https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3ab378cfa793 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
40 lines
1.1 KiB
Go
40 lines
1.1 KiB
Go
//go:build !windows
|
|
|
|
package util
|
|
|
|
// TODO once rootless function is consolidated under libpod, we
|
|
// should work to take darwin from this
|
|
|
|
import (
|
|
"path/filepath"
|
|
|
|
"github.com/containers/podman/v6/pkg/rootless"
|
|
"go.podman.io/storage/pkg/homedir"
|
|
)
|
|
|
|
// GetRootlessRuntimeDir returns the runtime directory when running as non root
|
|
func GetRootlessRuntimeDir() (string, error) {
|
|
if !rootless.IsRootless() {
|
|
return "", nil
|
|
}
|
|
return homedir.GetRuntimeDir()
|
|
}
|
|
|
|
// GetRootlessConfigHomeDir returns the config home directory when running as non root
|
|
func GetRootlessConfigHomeDir() (string, error) {
|
|
return homedir.GetConfigHome()
|
|
}
|
|
|
|
// GetRootlessStateDir returns the directory that holds the rootless state
|
|
// (pause.pid and ns_handles files).
|
|
func GetRootlessStateDir() (string, error) {
|
|
runtimeDir, err := homedir.GetRuntimeDir()
|
|
if err != nil {
|
|
return "", err
|
|
}
|
|
// Note this path must be kept in sync with pkg/rootless/rootless_linux.c
|
|
// We only want a single pause process per user, so we do not want to use
|
|
// the tmpdir which can be changed via --tmpdir.
|
|
return filepath.Join(runtimeDir, "libpod", "tmp"), nil
|
|
}
|