3:13 p.m.
You can manually do this quite easily. Example, in one terminal run
podman varlink as a regular user to setup the endpoint:
bin/podman --log-level=debug varlink --timeout 0
unix:/run/user/1000/io.podman
i think people favor the endpoint to be /run/user/num/podman/io.podman
if you prefer that.
In another terminal window, you can verify the endpoint like:
varlink call unix:/run/user/1000/io.podman/io.podman.GetVersion
{
"built": "1969-12-31T18:00:00-06:00",
"git_commit": "",
"go_version": "go1.12.7",
"os_arch": "linux/amd64",
"remote_api_version": 1,
"version": "1.5.1-dev"
}
I'm not familiar enough with systemd to do the setup as a regular user
but this should be possible as well.
On Mon, 2019-08-12 at 08:55 -0400, Daniel Walsh wrote:
You need to have podman varlink running locally in your homedir for
this to work. I know their is effort to make this happen seamlessly.
I know that the Cockpit team have been working on making this happen,
but I need Jhon or Brent or Martin to chime in on how it works (Or
doesn't)
On 8/12/19 2:37 AM, niranjan(a)ashoo.in wrote:
>
> On Fri, Aug 9, 2019, at 11:54 AM, niranjan(a)ashoo.in wrote:
> >
> > On Fri, Aug 9, 2019, at 11:44 AM, Alex Jia wrote:
> > > Hi Niranjan,
> > >
> > > default access permission is 0600 on /run/podman/io.podman
> > > directory, so you can't use non-root user
> > > to access this listening directory, but you may modify
> > > permission before starting io.podman.socket,
> > > good luck!
> >
> > Ah thanks, Since the container was started by non-root user,
> > when i tried with sudo it failed
> >
> > $ sudo varlink call -m
> > unix:/run/podman/io.podman/io.podman.ListContainerProcesses
> > '{"name": "mysssd", "opts": []}'
> > Unable to connect: CannotConnect
> >
> > Probably because the root user doesn't see the container .
> >
> > > [root@ajia-rhel-8 ajia]# ls -lad /run/podman/io.podman
> > > srw-------. 1 root root 0 Aug 9 01:42 /run/podman/io.podman
> > >
> > > [root@ajia-rhel-8 ajia]# cat
> > > /usr/lib/systemd/system/io.podman.socket
> > > [Unit]
> > > Description=Podman Remote API Socket
> > > Documentation=man:podman-varlink(1)
> > >
> > > [Socket]
> > > ListenStream=/run/podman/io.podman
> > > SocketMode=0600
> > >
> > > [Install]
> > > WantedBy=sockets.target
> > >
> > > Sincerely,
> > > Alex Jia
> >
> > When i tried to change the SocketMode to 0666
> >
> > [root@mniranja ~]# cat /usr/lib/systemd/system/io.podman.socket
> > [Unit]
> > Description=Podman Remote API Socket
> > Documentation=man:podman-varlink(1)
> >
> > [Socket]
> > ListenStream=/run/podman/io.podman
> > SocketMode=0666
> >
> > [Install]
> > WantedBy=sockets.target
> > [root@mniranja ~]# ls -l /var/run/podman/io.podman
> > srw-rw-rw-. 1 root root 0 Aug 9 11:51 /var/run/podman/io.podman
> >
> > $ varlink call -m
> > unix:/run/podman/io.podman/io.podman.ListContainerProcesses
> > '{"name": "mysssd", "opts": []}'
> > Unable to connect: CannotConnect
> > (venv) [mniranja@mniranja ad]$ sudo systemctl status
> > io.podman.socket
> > ● io.podman.socket - Podman Remote API Socket
> > Loaded: loaded (/usr/lib/systemd/system/io.podman.socket;
> > enabled; vendor preset: disabled)
> > Active: active (listening) since Fri 2019-08-09 11:51:21 IST;
> > 1min 12s ago
> > Docs: man:podman-varlink(1)
> > Listen: /run/podman/io.podman (Stream)
> > CGroup: /system.slice/io.podman.socket
> >
> > (venv) [mniranja@mniranja ad]$ podman ps
> > CONTAINER ID IMAGE COMMAND
> > CREATED STATUS PORTS NAMES
> > de27f6bd7c59 docker.io/library/fedora:latest /usr/sbin/init 24
> > hours ago Up 24 hours ago mysssd
> > (venv) [mniranja@mniranja ad]$
>
> Even after changing the permissions to 0666, as non root user i am
> still unable to use varlink to access the container. Any info on
> how i could use varlink as non root user to access containers
> created using non-root user.
>
>
>
> >
> > >
> > > On Fri, Aug 9, 2019 at 1:16 PM <niranjan(a)ashoo.in> wrote:
> > > > Greetings,
> > > >
> > > > I have a container running on RHEL8 , The container was
> > > > started as non root user using podman cli. I am trying to
> > > > connect to container using varlink and it's unable to
> > > > connect.
> > > >
> > > > $ podman ps
> > > > CONTAINER ID IMAGE COMMAND
> > > > CREATED STATUS PORTS NAMES
> > > > de27f6bd7c59 docker.io/library/fedora:latest
> > > > /usr/sbin/init 22 hours ago Up 22 hours ago mysssd
> > > >
> > > >
> > > > $ sudo systemctl restart io.podman.socket
> > > > $ sudo systemctl status io.podman.socket
> > > > ● io.podman.socket - Podman Remote API Socket
> > > > Loaded: loaded (/usr/lib/systemd/system/io.podman.socket;
> > > > enabled; vendor preset: disabled)
> > > > Active: active (listening) since Fri 2019-08-09 10:38:38
> > > > IST; 1s ago
> > > > Docs: man:podman-varlink(1)
> > > > Listen: /run/podman/io.podman (Stream)
> > > > CGroup: /system.slice/io.podman.socket
> > > >
> > > >
> > > > $varlink call -m
> > > > unix:/run/podman/io.podman/io.podman.ListContainerProcesses
> > > > '{"name": "mysssd", "opts":
[]}'
> > > > Unable to connect: CannotConnect
> > > >
> > > >
> > > > Version:
> > > > podman-1.0.0-2.git921f98f.module+el8+2785+ff8a053f.x86_64
> > > > libvarlink-16-1.el8.x86_64
> > > > libvarlink-util-16-1.el8.x86_64
> > > >
> > > > Regards
> > > > Niranjan
> > > > _______________________________________________
> > > > Podman mailing list -- podman(a)lists.podman.io
> > > > To unsubscribe send an email to podman-leave(a)lists.podman.io
> >
> > _______________________________________________
> > Podman mailing list -- podman(a)lists.podman.io
> > To unsubscribe send an email to podman-leave(a)lists.podman.io
> >
>
>
>
> _______________________________________________
> Podman mailing list -- podman(a)lists.podman.io
> To unsubscribe send an email to podman-leave(a)lists.podman.io
_______________________________________________
Podman mailing list -- podman(a)lists.podman.io
To unsubscribe send an email to podman-leave(a)lists.podman.io