diff --git a/libpod/container_internal.go b/libpod/container_internal.go index 0b5a8b9468..6bf8439da8 100644 --- a/libpod/container_internal.go +++ b/libpod/container_internal.go @@ -14,6 +14,7 @@ import ( "github.com/containers/libpod/libpod/define" "github.com/containers/libpod/libpod/events" + "github.com/containers/libpod/pkg/cgroups" "github.com/containers/libpod/pkg/ctime" "github.com/containers/libpod/pkg/hooks" "github.com/containers/libpod/pkg/hooks/exec" @@ -1132,6 +1133,16 @@ func (c *Container) pause() error { return errors.Wrapf(define.ErrNoCgroups, "cannot pause without using CGroups") } + if rootless.IsRootless() { + cgroupv2, err := cgroups.IsCgroup2UnifiedMode() + if err != nil { + return errors.Wrap(err, "failed to determine cgroupversion") + } + if !cgroupv2 { + return errors.Wrap(define.ErrNoCgroups, "can not pause containers on rootless containers with cgroup V1") + } + } + if err := c.ociRuntime.pauseContainer(c); err != nil { return err } diff --git a/libpod/pod_api.go b/libpod/pod_api.go index e2448e92a6..7c786b8355 100644 --- a/libpod/pod_api.go +++ b/libpod/pod_api.go @@ -5,6 +5,8 @@ import ( "github.com/containers/libpod/libpod/define" "github.com/containers/libpod/libpod/events" + "github.com/containers/libpod/pkg/cgroups" + "github.com/containers/libpod/pkg/rootless" "github.com/pkg/errors" "github.com/sirupsen/logrus" ) @@ -163,6 +165,16 @@ func (p *Pod) Pause() (map[string]error, error) { return nil, define.ErrPodRemoved } + if rootless.IsRootless() { + cgroupv2, err := cgroups.IsCgroup2UnifiedMode() + if err != nil { + return nil, errors.Wrap(err, "failed to determine cgroupversion") + } + if !cgroupv2 { + return nil, errors.Wrap(define.ErrNoCgroups, "can not pause pods containing rootless containers with cgroup V1") + } + } + allCtrs, err := p.runtime.state.PodContainers(p) if err != nil { return nil, err diff --git a/pkg/varlinkapi/containers.go b/pkg/varlinkapi/containers.go index 2dcdbc0893..93f9d4fe32 100644 --- a/pkg/varlinkapi/containers.go +++ b/pkg/varlinkapi/containers.go @@ -319,12 +319,14 @@ func (i *LibpodAPI) ExportContainer(call iopodman.VarlinkCall, name, outPath str // GetContainerStats ... func (i *LibpodAPI) GetContainerStats(call iopodman.VarlinkCall, name string) error { - cgroupv2, err := cgroups.IsCgroup2UnifiedMode() - if err != nil { - return call.ReplyErrorOccurred(err.Error()) - } - if rootless.IsRootless() && !cgroupv2 { - return call.ReplyErrRequiresCgroupsV2ForRootless("rootless containers cannot report container stats") + if rootless.IsRootless() { + cgroupv2, err := cgroups.IsCgroup2UnifiedMode() + if err != nil { + return call.ReplyErrorOccurred(err.Error()) + } + if !cgroupv2 { + return call.ReplyErrRequiresCgroupsV2ForRootless("rootless containers cannot report container stats") + } } ctr, err := i.Runtime.LookupContainer(name) if err != nil { diff --git a/pkg/varlinkapi/pods.go b/pkg/varlinkapi/pods.go index c0fd8b1f7f..9b659f66bb 100644 --- a/pkg/varlinkapi/pods.go +++ b/pkg/varlinkapi/pods.go @@ -5,12 +5,12 @@ package varlinkapi import ( "encoding/json" "fmt" - "github.com/containers/libpod/pkg/adapter/shortcuts" "syscall" "github.com/containers/libpod/cmd/podman/shared" "github.com/containers/libpod/cmd/podman/varlink" "github.com/containers/libpod/libpod" + "github.com/containers/libpod/pkg/adapter/shortcuts" ) // CreatePod ...