Merge pull request #13560 from n1hility/backport-handle-incompatible

[v4.0] Backport handling of incompatible machines
containers · Mar 19, 2022 · 19c8019 · 19c8019
2 parents e3184e9 + 6878376
commit 19c8019
Show file tree

Hide file tree

Showing 8 changed files with 165 additions and 69 deletions.
diff --git a/cmd/podman/machine/rm.go b/cmd/podman/machine/rm.go
@@ -26,7 +26,7 @@ var (
 )
 
 var (
-	destoryOptions machine.RemoveOptions
+	destroyOptions machine.RemoveOptions
 )
 
 func init() {
@@ -37,16 +37,16 @@ func init() {
 
 	flags := rmCmd.Flags()
 	formatFlagName := "force"
-	flags.BoolVar(&destoryOptions.Force, formatFlagName, false, "Do not prompt before rming")
+	flags.BoolVarP(&destroyOptions.Force, formatFlagName, "f", false, "Stop and do not prompt before rming")
 
 	keysFlagName := "save-keys"
-	flags.BoolVar(&destoryOptions.SaveKeys, keysFlagName, false, "Do not delete SSH keys")
+	flags.BoolVar(&destroyOptions.SaveKeys, keysFlagName, false, "Do not delete SSH keys")
 
 	ignitionFlagName := "save-ignition"
-	flags.BoolVar(&destoryOptions.SaveIgnition, ignitionFlagName, false, "Do not delete ignition file")
+	flags.BoolVar(&destroyOptions.SaveIgnition, ignitionFlagName, false, "Do not delete ignition file")
 
 	imageFlagName := "save-image"
-	flags.BoolVar(&destoryOptions.SaveImage, imageFlagName, false, "Do not delete the image file")
+	flags.BoolVar(&destroyOptions.SaveImage, imageFlagName, false, "Do not delete the image file")
 }
 
 func rm(cmd *cobra.Command, args []string) error {
@@ -64,12 +64,12 @@ func rm(cmd *cobra.Command, args []string) error {
 	if err != nil {
 		return err
 	}
-	confirmationMessage, remove, err := vm.Remove(vmName, machine.RemoveOptions{})
+	confirmationMessage, remove, err := vm.Remove(vmName, destroyOptions)
 	if err != nil {
 		return err
 	}
 
-	if !destoryOptions.Force {
+	if !destroyOptions.Force {
 		// Warn user
 		fmt.Println(confirmationMessage)
 		reader := bufio.NewReader(os.Stdin)

diff --git a/cmd/podman/machine/start.go b/cmd/podman/machine/start.go
@@ -57,10 +57,6 @@ func start(cmd *cobra.Command, args []string) error {
 		}
 		return errors.Wrapf(machine.ErrMultipleActiveVM, "cannot start VM %s. VM %s is currently running", vmName, activeName)
 	}
-	vm, err = provider.LoadVMByName(vmName)
-	if err != nil {
-		return err
-	}
 	fmt.Printf("Starting machine %q\n", vmName)
 	if err := vm.Start(vmName, machine.StartOptions{}); err != nil {
 		return err

diff --git a/docs/source/markdown/podman-machine-rm.1.md b/docs/source/markdown/podman-machine-rm.1.md
@@ -23,17 +23,17 @@ is used.
 
 Print usage statement.
 
-#### **--force**
+#### **--force**, **-f**
 
-Delete without confirmation
+Stop and delete without confirmation.
 
 #### **--save-ignition**
 
-Do not delete the generated ignition file
+Do not delete the generated ignition file.
 
 #### **--save-image**
 
-Do not delete the VM image
+Do not delete the VM image.
 
 #### **--save-keys**
 
@@ -42,7 +42,7 @@ deleted.
 
 ## EXAMPLES
 
-Remove a VM named "test1"
+Remove a VM named "test1":
 
 ```
 $ podman machine rm test1
@@ -58,6 +58,10 @@ The following files will be deleted:
 Are you sure you want to continue? [y/N] y
 ```
 
+```
+$ podman machine rm -f test1
+$
+```
 ## SEE ALSO
 **[podman(1)](podman.1.md)**, **[podman-machine(1)](podman-machine.1.md)**
 

diff --git a/pkg/machine/config.go b/pkg/machine/config.go
@@ -1,3 +1,4 @@
+//go:build amd64 || arm64
 // +build amd64 arm64
 
 package machine
@@ -28,6 +29,8 @@ type InitOptions struct {
 	Username     string
 	ReExec       bool
 	Rootful      bool
+	// The numberical userid of the user that called machine
+	UID string
 }
 
 type QemuMachineStatus = string

diff --git a/pkg/machine/ignition.go b/pkg/machine/ignition.go
@@ -51,6 +51,7 @@ type DynamicIgnition struct {
 	Name      string
 	Key       string
 	TimeZone  string
+	UID       int
 	VMName    string
 	WritePath string
 }
@@ -63,12 +64,13 @@ func NewIgnitionFile(ign DynamicIgnition) error {
 	ignVersion := Ignition{
 		Version: "3.2.0",
 	}
-
 	ignPassword := Passwd{
 		Users: []PasswdUser{
 			{
 				Name:              ign.Name,
 				SSHAuthorizedKeys: []SSHAuthorizedKey{SSHAuthorizedKey(ign.Key)},
+				// Set the UID of the core user inside the machine
+				UID: intToPtr(ign.UID),
 			},
 			{
 				Name:              "root",
@@ -289,9 +291,7 @@ func getDirs(usrName string) []Directory {
 }
 
 func getFiles(usrName string) []File {
-	var (
-		files []File
-	)
+	files := make([]File, 0)
 
 	lingerExample := `[Unit]
 Description=A systemd user unit demo
@@ -310,6 +310,7 @@ machine_enabled=true
 	delegateConf := `[Service]
 Delegate=memory pids cpu io
 `
+	subUID := `%s:100000:1000000`
 
 	// Add a fake systemd service to get the user socket rolling
 	files = append(files, File{
@@ -344,6 +345,25 @@ Delegate=memory pids cpu io
 		},
 	})
 
+	// Setup /etc/subuid and /etc/subgid
+	for _, sub := range []string{"/etc/subuid", "/etc/subgid"} {
+		files = append(files, File{
+			Node: Node{
+				Group:     getNodeGrp("root"),
+				Path:      sub,
+				User:      getNodeUsr("root"),
+				Overwrite: boolToPtr(true),
+			},
+			FileEmbedded1: FileEmbedded1{
+				Append: nil,
+				Contents: Resource{
+					Source: encodeDataURLPtr(fmt.Sprintf(subUID, usrName)),
+				},
+				Mode: intToPtr(0744),
+			},
+		})
+	}
+
 	// Set delegate.conf so cpu,io subsystem is delegated to non-root users as well for cgroupv2
 	// by default
 	files = append(files, File{

diff --git a/pkg/machine/qemu/config.go b/pkg/machine/qemu/config.go
@@ -1,8 +1,11 @@
+//go:build (amd64 && !windows) || (arm64 && !windows)
 // +build amd64,!windows arm64,!windows
 
 package qemu
 
-import "time"
+import (
+	"time"
+)
 
 type Provider struct{}
 
@@ -35,6 +38,8 @@ type MachineVM struct {
 	RemoteUsername string
 	// Whether this machine should run in a rootful or rootless manner
 	Rootful bool
+	// UID is the numerical id of the user that called machine
+	UID int
 }
 
 type Mount struct {