Add a way to pass a "set the SELinux contexts" labels to
MountWithOptions.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Signed-off-by: David Shea <dshea@redhat.com>
Add a ForceMount flag to pkg/overlay.Options that forces mounting the
overlay filesystem and returning a bind mount to it instead of trying to
leave that for later in cases where we're able to have the kernel do it.
This is mainly for the sake of callers that want to do more things with
the mounted overlay filesystem before passing them to the (presumably)
OCI runtime.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Signed-off-by: David Shea <dshea@redhat.com>
if a mountProgram is specified, use it also in rootfull mode.
Closes: https://github.com/containers/buildah/issues/3281
[NO NEW TESTS NEEDED]
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Allow users to specify non-volatile `upper` and `workdir` with overlay
mounts.
Usage
```console
buildah from alpine
buildah run -v /something/lower:/test:z,O,upperdir=/somewhere/upperdir,workdir=/somwhere/workdir alpine-working-container cat /test/hello
```
Signed-off-by: Aditya R <arajan@redhat.com>
Expose `MountWithOptions` for overlay which allows users to pass more
verbose configuration for overlay mounts.
For instance `upperdir, workerdir` and in future `volatile`.
Signed-off-by: Aditya R <arajan@redhat.com>
In linux, directory can contains colon.
Add support to mount path contains colon.
buildah run --volume /root/a\\🅱️/root/test:O
Signed-off-by: chenk008 <kongchen28@gmail.com>
This patch sets the userxattr field when run in rootless mode.
Fixes: https://github.com/containers/buildah/issues/3503
Patch came from @flouthoc Aditya Rajan <arajan@redhat.com>
[NO TESTS NEEDED] Since this can not be tested in CI/CD system yet.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
When we're told to add built images to a manifest list, manipulate the
list ourselves, so that if we're creating a list, we won't have a
partially-populated list if some of the builds fail.
This also lets us include all of the platform information (including
variant info, which we can't sniff out after the fact) that we were
given when we started building the images.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Following function generates a permanent overlayfs struct as compared to tempdir.
[NO NEW TESTS NEEDED]
Signed-off-by: flouthoc <flouthoc.git@gmail.com>
Overlay mounts should work like volume bind mounts and preserve the
underlyng source directories permissions.
Fixes: https://github.com/containers/podman/issues/9947
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Golangs os.* functions return the name of the file/directory they
fail to use. We should not wrap these errors with the file/directory
to use names, causes stuttering when the user sees the errors, and looks
bad having huge error messages.
Since this is just code cleanup, existing tests should handle the
changes.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
We are setting the permissions based on the dest dir rather
then the source dir. Since we want this to work identical to a bind
mount, we need to have the permissions align.
There is also an issue where overlays on existing mounts is blowing up.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
When using volume mounts, the destination directory will get
created if it does not exists. The current code blows up when
the destination directory did not exists.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
When we mount over a destination directory inside of the container
we need to preserve the mode of the destination.
Needed to fix: https://github.com/containers/podman/issues/8801
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
there can be multiple overlay mounts for a container. Each mount is
performed in a ../userdata/overlay subdirectory.
Iterate the subdirectories and attempt to unmount them.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Podman uses the overlay mounts differently then in buildah. Specifically the
overlay mount points can be used over and over again when starting and stopping
the container. Since the paths are backed into the contianer config, we have
to be able to cleanout just the Upper and Merged directory rather then destroying
and recreating the overlay directories on each container start.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1822
Approved by: vrothberg
We have moved share code from buildah, podman and others into containers/common.
Specifically for this PR we are moving to use containers/common/pkg/unshare and
containers/common/pkg/cgroups.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #2010
Approved by: QiWang19
when running in rootless mode, use fuse-overlayfs for mounting the
overlay file system on the host. Then create a bind mount inside the
container.
Closes: https://github.com/containers/buildah/issues/1741
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #1743
Approved by: rhatdan
This commit enabled to golint linter in golangci-lint and applies all
necessary fixes.
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
Closes: #1740
Approved by: rhatdan
There is a chance that buildah crashed and left overlay
content. This patch will remove any left over content
before creating the overlay mounts.
Also the previous patch would not be able to handle multiple
overlay volume mounts. This patch fixes this issue as well.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1625
Approved by: TomSweeneyRedHat
Overlay mounts allow buildah bud and buildah from to
specify a directory on the disk that will be mounted
as an overlay into the container, where the overlay can be written to
but when the RUN or buildah run exits, the modified files will dissapear.
The basic idea is to be able to mount cache from the disk for things like yum/dnf/apt
to be able to be used and modified in the contianer on a run command, but to be
kept fresh for each RUN.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1560
Approved by: giuseppe
Nalin Dahyabhai
Giuseppe Scrivano
Aditya R
chenk008
Daniel J Walsh
flouthoc
Valentin Rothberg
Sascha Grunert