Downgrade podman dependencies.

because with the latest containers get stuck during initialization and
build caching doesn't work.

Dockerfile

@@ -1,6 +1,6 @@
 # runc
 FROM golang:1.14-alpine3.12 AS runc
-ARG RUNC_VERSION=v1.0.0-rc93
+ARG RUNC_VERSION=v1.0.0-rc92
 RUN set -eux; \
 	apk add --no-cache --virtual .build-deps gcc musl-dev libseccomp-dev make git bash; \
 	git clone --branch ${RUNC_VERSION} https://github.com/opencontainers/runc src/github.com/opencontainers/runc; \
@@ -39,7 +39,7 @@ RUN set -ex; \
 # conmon (without systemd support)
 FROM podmanbuildbase AS conmon
 # conmon 2.0.19 cannot be built currently since alpine does not provide nix package yet
-ARG CONMON_VERSION=v2.0.26
+ARG CONMON_VERSION=v2.0.22
 RUN git clone --branch ${CONMON_VERSION} https://github.com/containers/conmon.git /conmon
 WORKDIR /conmon
 RUN set -ex; \
@@ -49,7 +49,7 @@ RUN set -ex; \
 
 # CNI plugins
 FROM podmanbuildbase AS cniplugins
-ARG CNI_PLUGIN_VERSION=v0.9.1
+ARG CNI_PLUGIN_VERSION=v0.9.0
 RUN git clone --branch=${CNI_PLUGIN_VERSION} https://github.com/containernetworking/plugins /go/src/github.com/containernetworking/plugins
 WORKDIR /go/src/github.com/containernetworking/plugins
 RUN set -ex; \
@@ -85,7 +85,7 @@ RUN set -ex; \
 # fuse-overlayfs (derived from https://github.com/containers/fuse-overlayfs/blob/master/Dockerfile.static)
 FROM podmanbuildbase AS fuse-overlayfs
 RUN apk add --update --no-cache autoconf automake meson ninja clang g++ eudev-dev fuse3-dev
-ARG LIBFUSE_VERSION=fuse-3.10.2
+ARG LIBFUSE_VERSION=fuse-3.10.1
 RUN git clone --branch=$LIBFUSE_VERSION https://github.com/libfuse/libfuse /libfuse
 WORKDIR /libfuse
 RUN set -ex; \
@@ -96,7 +96,7 @@ RUN set -ex; \
 	touch /dev/fuse; \
 	ninja install; \
 	fusermount3 -V
-ARG FUSEOVERLAYFS_VERSION=v1.4.0
+ARG FUSEOVERLAYFS_VERSION=v1.3.0
 RUN git clone --branch=$FUSEOVERLAYFS_VERSION https://github.com/containers/fuse-overlayfs /fuse-overlayfs
 WORKDIR /fuse-overlayfs
 RUN set -ex; \

Makefile

@@ -13,6 +13,7 @@ BUILD_DIR=build/$(ASSET_NAME)
 # TODO: Make the tests work with podman in podman (GitHub's workflow runner also supports podman)
 #DOCKER ?= $(if $(shell podman -v),podman,docker)
 DOCKER ?= docker
+export DOCKER
 
 images: podman podman-remote podman-minimal
 

README.md

@@ -65,6 +65,8 @@ To support applications that use the `docker` command you may want to link it to
 sudo ln -s /usr/local/bin/podman /usr/local/bin/docker
 ```
 
+Before updating binaries on your host please terminate all corresponding processes.
+
 ### Binary usage example
 
 ```sh

test/test-local-rootful.sh

@@ -2,12 +2,21 @@
 
 cd "$(dirname $0)"
 
+DOCKER=${DOCKER:-docker}
+
+if [ "$DOCKER" = podman -a $(id -u) -ne 0 ]; then
+	echo
+	echo WARNING: SKIPPING ROOTFUL PODMAN TEST BECAUSE IT IS
+	echo          RUN BY UNPRIVILEGED USER AND DOCKER=podman
+	exit 0
+fi
+
 set -eu
 
 echo
 echo TEST PODMAN AS ROOT - NETWORKING '(using CNI)'
 echo
-(set -x; docker run --rm --privileged --entrypoint /bin/sh \
+(set -x; $DOCKER run --rm --privileged --entrypoint /bin/sh \
 	-u root:root \
 	-v "`pwd`/storage/root":/var/lib/containers/storage \
 	"${IMAGE}" \
@@ -16,7 +25,7 @@ echo
 echo
 echo TEST PODMAN DOCKERFILE BUILD AS ROOT
 echo
-(set -x; docker run --rm --privileged --entrypoint /bin/sh \
+(set -x; $DOCKER run --rm --privileged --entrypoint /bin/sh \
 	-u root:root \
 	-v "`pwd`/storage/root":/podman/.local/share/containers/storage \
 	"${IMAGE}" \
@@ -30,7 +39,7 @@ echo
 echo
 echo TEST PODMAN AS ROOT - PORT MAPPING
 echo
-(set -x; docker run --rm --privileged --entrypoint /bin/sh \
+(set -x; $DOCKER run --rm --privileged --entrypoint /bin/sh \
 	-u root:root \
 	-v "`pwd`/storage/root":/var/lib/containers/storage \
 	--mount "type=bind,src=`pwd`/test-portmapping.sh,dst=/test-portmapping.sh" \

test/test-local-rootless.sh

@@ -1,36 +1,39 @@
 cd "$(dirname $0)"
 
+DOCKER=${DOCKER:-docker}
 TEST_PREDICATE="${TEST_PREDICATE}"
 
 set -eu
 
 echo
 echo TEST ${TEST_PREDICATE} PODMAN AS UNPRIVILEGED USER - NETWORK CONNECTIVITY
 echo
-(set -x; docker run --rm --privileged -u podman:podman \
+(set -x; $DOCKER run --rm --privileged -u podman:podman \
 	-v "`pwd`/storage/user":/podman/.local/share/containers/storage \
 	"${IMAGE}" \
 	docker run --rm alpine:3.12 wget -O /dev/null http://example.org)
 
 echo
 echo TEST ${TEST_PREDICATE} PODMAN AS UNPRIVILEGED USER - UID MAPPING '(using fuse-overlayfs)'
 echo
-(set -x; docker run --rm --privileged -u podman:podman \
+(set -x; $DOCKER run --rm --privileged -u podman:podman \
 	-v "`pwd`/storage/user":/podman/.local/share/containers/storage \
 	"${IMAGE}" \
 	docker run --rm alpine:3.12 /bin/sh -c 'set -ex; touch /file; chown guest /file; [ $(stat -c %U /file) = guest ]')
 
-echo
-echo TEST ${TEST_PREDICATE} PODMAN AS UNPRIVILEGED USER WITH NON-DEFAULT UID '(no uid/gid mapping)'
-echo
-(set -x; docker run --rm --privileged --user 9000:9000 \
-	"${IMAGE}" \
-	docker run --rm alpine:3.12 wget -O /dev/null http://example.org)
+if [ ! "$DOCKER" = podman ]; then # this doesn't work with podman (v3.0.1) due to missing uid mapping
+	echo
+	echo TEST ${TEST_PREDICATE} PODMAN AS UNPRIVILEGED USER WITH NON-DEFAULT UID '(no uid/gid mapping)'
+	echo
+	(set -x; $DOCKER run --rm --privileged --user 9000:9000 \
+		"${IMAGE}" \
+		docker run --rm alpine:3.12 wget -O /dev/null http://example.org)
+fi
 
 echo
 echo TEST ${TEST_PREDICATE} PODMAN BUILD DOCKERFILE AS UNPRIVILEGED USER
 echo
-(set -x; docker run --rm --privileged -u podman:podman --entrypoint /bin/sh \
+(set -x; $DOCKER run --rm --privileged -u podman:podman --entrypoint /bin/sh \
 	-v "`pwd`/storage/user":/podman/.local/share/containers/storage \
 	"${IMAGE}" \
 	-c 'set -e;
@@ -44,7 +47,7 @@ if [ ! "${SKIP_PORTMAPPING_TEST:-}" ]; then
 echo
 echo TEST ${TEST_PREDICATE} PODMAN AS UNPRIVILEGED USER - PORT MAPPING
 echo
-(set -x; docker run --rm --privileged -u podman:podman \
+(set -x; $DOCKER run --rm --privileged -u podman:podman \
 	-v "`pwd`/storage/user":/podman/.local/share/containers/storage \
 	--mount "type=bind,src=`pwd`/test-portmapping.sh,dst=/test-portmapping.sh" \
 	"${IMAGE}" \

test/test-remote.sh

@@ -1,5 +1,7 @@
 #!/bin/sh
 
+DOCKER=${DOCKER:-docker}
+
 echo
 echo TEST REMOTE PODMAN
 echo
@@ -10,7 +12,7 @@ set -ux
 
 ADDRESS=127.0.0.1:53453
 
-PODMAN_CONTAINER="$(docker run -d --rm --privileged --network=host -u podman:podman \
+PODMAN_CONTAINER="$($DOCKER run -d --rm --privileged --network=host -u podman:podman \
 	-v "`pwd`/storage/user":/podman/.local/share/containers/storage \
 	"${PODMAN_IMAGE}" \
 	podman system service -t 0 tcp:$ADDRESS)"
@@ -20,19 +22,19 @@ sleep 5
 
 (
 set -eu
-docker run --rm --network=host -v "$(pwd):/build" \
+$DOCKER run --rm --network=host -v "$(pwd):/build" \
 	"${PODMAN_REMOTE_IMAGE}" \
 	podman --url=tcp://$ADDRESS run alpine:3.12 echo hello from remote container
 
 # ATTENTION: podman remote fails if it cannot map the uids/gids from the server locally as well (which is why podman-remote user has been added)
-docker run --rm --network=host --user=podman-remote:podman-remote \
+$DOCKER run --rm --network=host --user=podman-remote:podman-remote \
 	-v "`pwd`:/build" \
 	"${PODMAN_REMOTE_IMAGE}" \
 	sh -c "set -ex; \
 		podman --log-level=debug --remote --url=tcp://$ADDRESS build -t testbuild -f /build/Dockerfile /build; \
 		podman --url=tcp://$ADDRESS run testbuild echo hello from remote container"
 # ATTENTION: volume mounts don't work (using podman 2.0.4)
-#docker run --rm --network=host \
+#$DOCKER run --rm --network=host \
 #	-v "`pwd`:/build" \
 #	"${PODMAN_REMOTE_IMAGE}" \
 #	sh -c "set -ex; \
@@ -41,5 +43,5 @@ docker run --rm --network=host --user=podman-remote:podman-remote \
 )
 STATUS=$?
 
-docker kill $PODMAN_CONTAINER
+$DOCKER kill $PODMAN_CONTAINER
 exit $STATUS