From: "Daniel P. Berrangé" <berrange@redhat.com>
To: "Marc-André Lureau" <marcandre.lureau@redhat.com>
Cc: "Fam Zheng" <fam@euphon.net>,
"Alex Bennée" <alex.bennee@linaro.org>,
qemu-devel@nongnu.org, "Gerd Hoffmann" <kraxel@redhat.com>,
pbonzini@redhat.com, "Philippe Mathieu-Daudé" <philmd@redhat.com>
Subject: Re: [Qemu-devel] [PATCH v3 2/6] docker.py: add podman support
Date: Mon, 15 Jul 2019 10:58:54 +0100 [thread overview]
Message-ID: <20190715095854.GF30298@redhat.com> (raw)
In-Reply-To: <20190713143311.17620-3-marcandre.lureau@redhat.com>
On Sat, Jul 13, 2019 at 06:33:07PM +0400, Marc-André Lureau wrote:
> Add a --engine option to select either docker, podman or auto.
>
> Among other advantages, podman allows to run rootless & daemonless
> containers, fortunately sharing compatible CLI with docker.
>
> With current podman, we have to use a uidmap trick in order to be able
> to rw-share the ccache directory with the container user.
>
> With a user 1000, the default mapping is: 1000 (host) -> 0 (container).
> So write access to /var/tmp/ccache ends will end with permission
> denied error.
>
> With "--uidmap 1000:0:1 --uidmap 0:1:1000", the mapping is:
> 1000 (host) -> 0 (container, 1st namespace) -> 1000 (container, 2nd namespace).
> (the rest is mumbo jumbo to avoid holes in the range of UIDs)
>
> A future podman version may have an option such as --userns-keep-uid.
> Thanks to Debarshi Ray <rishi@redhat.com> for the help!
>
> Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
> Acked-by: Alex Bennée <alex.bennee@linaro.org>
> ---
> tests/docker/docker.py | 48 +++++++++++++++++++++++++++++++++++++-----
> 1 file changed, 43 insertions(+), 5 deletions(-)
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
next prev parent reply other threads:[~2019-07-15 9:59 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-07-13 14:33 [Qemu-devel] [PATCH v3 0/6] tests/docker: add podman support Marc-André Lureau
2019-07-13 14:33 ` [Qemu-devel] [PATCH v3 1/6] docker.py: add --run-as-current-user Marc-André Lureau
2019-07-15 9:57 ` Daniel P. Berrangé
2019-07-15 14:38 ` Alex Bennée
2019-07-15 16:43 ` Philippe Mathieu-Daudé
2019-07-13 14:33 ` [Qemu-devel] [PATCH v3 2/6] docker.py: add podman support Marc-André Lureau
2019-07-15 9:58 ` Daniel P. Berrangé [this message]
2019-07-13 14:33 ` [Qemu-devel] [PATCH v3 3/6] tests/docker: " Marc-André Lureau
2019-07-15 9:46 ` Daniel P. Berrangé
2019-07-15 14:39 ` Alex Bennée
2019-08-23 12:26 ` Markus Armbruster
2019-08-23 12:28 ` Markus Armbruster
2019-07-13 14:33 ` [Qemu-devel] [PATCH v3 4/6] tests: specify the address family when checking bind Marc-André Lureau
2019-07-15 9:37 ` Daniel P. Berrangé
2019-07-13 14:33 ` [Qemu-devel] [PATCH v3 5/6] test-char: skip tcp tests if ipv4 check failed Marc-André Lureau
2019-07-15 9:38 ` Daniel P. Berrangé
2019-07-15 16:45 ` Philippe Mathieu-Daudé
2019-07-16 10:24 ` Daniel P. Berrangé
2019-07-13 14:33 ` [Qemu-devel] [PATCH v3 6/6] test: skip tests if socket_check_protocol_support() failed Marc-André Lureau
2019-07-15 9:40 ` Daniel P. Berrangé
2019-07-15 10:25 ` Marc-André Lureau
2019-07-15 10:29 ` Daniel P. Berrangé
2019-07-14 3:20 ` [Qemu-devel] [PATCH v3 0/6] tests/docker: add podman support no-reply
2019-09-05 16:15 ` David Hildenbrand
2019-09-05 16:19 ` David Hildenbrand
2019-09-05 16:33 ` Alex Bennée
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190715095854.GF30298@redhat.com \
--to=berrange@redhat.com \
--cc=alex.bennee@linaro.org \
--cc=fam@euphon.net \
--cc=kraxel@redhat.com \
--cc=marcandre.lureau@redhat.com \
--cc=pbonzini@redhat.com \
--cc=philmd@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.