10:50 a.m.
Merged.
On 8/13/19 8:22 AM, Daniel Walsh wrote:
Looks like this is ready to merge, just needs one more LGTM
On 8/13/19 2:00 AM, Martin Pitt wrote:
> Hello all,
>
> Daniel Walsh [2019-08-12 8:55 -0400]:
>> You need to have podman varlink running locally in your homedir for this
>> to work. I know their is effort to make this happen seamlessly.
> Indeed podman's service file almost works for the systemd user instance. Matej
> recently sent https://github.com/containers/libpod/pull/3662 to make varlink on
> the user instance work out of the box.
>
> Martin
>
>> On 8/12/19 2:37 AM, niranjan(a)ashoo.in wrote:
>>> On Fri, Aug 9, 2019, at 11:54 AM, niranjan(a)ashoo.in wrote:
>>>> On Fri, Aug 9, 2019, at 11:44 AM, Alex Jia wrote:
>>>>> Hi Niranjan,
>>>>>
>>>>> default access permission is *0600* on */run/podman/io.podman
>>>>> *directory*,* so you can't use non-root user
>>>>> to access this listening directory, but you may modify permission
>>>>> before starting io.podman.socket,
>>>>> good luck!
>>>> Ah thanks, Since the container was started by non-root user, when i
>>>> tried with sudo it failed
>>>>
>>>> $ sudo varlink call -m
>>>> unix:/run/podman/io.podman/io.podman.ListContainerProcesses
>>>> <http://io.podman/io.podman.ListContainerProcesses>
'{"name":
>>>> "mysssd", "opts": []}'
>>>> Unable to connect: CannotConnect
>>>>
>>>> Probably because the root user doesn't see the container .
>>>>
>>>>> [root@ajia-rhel-8 ajia]# ls -lad /run/podman/io.podman
>>>>> s*rw*-------. 1 root root 0 Aug 9 01:42 /run/podman/io.podman
>>>>>
>>>>> [root@ajia-rhel-8 ajia]# cat
/usr/lib/systemd/system/io.podman.socket
>>>>> [Unit]
>>>>> Description=Podman Remote API Socket
>>>>> Documentation=man:podman-varlink(1)
>>>>>
>>>>> [Socket]
>>>>> *ListenStream=/run/podman/io.podman
>>>>> SocketMode=0600*
>>>>>
>>>>> [Install]
>>>>> WantedBy=sockets.target
>>>>>
>>>>> Sincerely,
>>>>> Alex Jia
>>>> When i tried to change the SocketMode to 0666
>>>>
>>>> [root@mniranja ~]# cat /usr/lib/systemd/system/io.podman.socket
>>>> [Unit]
>>>> Description=Podman Remote API Socket
>>>> Documentation=man:podman-varlink(1)
>>>>
>>>> [Socket]
>>>> ListenStream=/run/podman/io.podman
>>>> SocketMode=0666
>>>>
>>>> [Install]
>>>> WantedBy=sockets.target
>>>> [root@mniranja ~]# ls -l /var/run/podman/io.podman
>>>> srw-rw-rw-. 1 root root 0 Aug 9 11:51 /var/run/podman/io.podman
>>>>
>>>> $ varlink call -m
>>>> unix:/run/podman/io.podman/io.podman.ListContainerProcesses
>>>> <http://io.podman/io.podman.ListContainerProcesses>
'{"name":
>>>> "mysssd", "opts": []}'
>>>> Unable to connect: CannotConnect
>>>> (venv) [mniranja@mniranja ad]$ sudo systemctl status io.podman.socket
>>>> ● io.podman.socket - Podman Remote API Socket
>>>> Loaded: loaded (/usr/lib/systemd/system/io.podman.socket; enabled;
>>>> vendor preset: disabled)
>>>> Active: active (listening) since Fri 2019-08-09 11:51:21 IST; 1min
>>>> 12s ago
>>>> Docs: man:podman-varlink(1)
>>>> Listen: /run/podman/io.podman (Stream)
>>>> CGroup: /system.slice/io.podman.socket
>>>> <http://system.slice/io.podman.socket>
>>>>
>>>> (venv) [mniranja@mniranja ad]$ podman ps
>>>> CONTAINER ID IMAGE COMMAND
>>>> CREATED STATUS PORTS NAMES
>>>> de27f6bd7c59 docker.io/library/fedora:latest
>>>> <http://docker.io/library/fedora:latest> /usr/sbin/init 24 hours
>>>> ago Up 24 hours ago mysssd
>>>> (venv) [mniranja@mniranja ad]$
>>> Even after changing the permissions to 0666, as non root user i am
>>> still unable to use varlink to access the container. Any info on how
>>> i could use varlink as non root user to access containers created
>>> using non-root user.
>>>
>>>
>>>
>>>>> On Fri, Aug 9, 2019 at 1:16 PM <niranjan(a)ashoo.in
>>>>> <mailto:niranjan@ashoo.in>> wrote:
>>>>>
>>>>> Greetings,
>>>>>
>>>>> I have a container running on RHEL8 , The container was started
>>>>> as non root user using podman cli. I am trying to connect to
>>>>> container using varlink and it's unable to connect.
>>>>>
>>>>> $ podman ps
>>>>> CONTAINER ID IMAGE COMMAND
>>>>> CREATED STATUS PORTS NAMES
>>>>> de27f6bd7c59 docker.io/library/fedora:latest
>>>>> <http://docker.io/library/fedora:latest> /usr/sbin/init
22
>>>>> hours ago Up 22 hours ago mysssd
>>>>>
>>>>>
>>>>> $ sudo systemctl restart io.podman.socket
>>>>> $ sudo systemctl status io.podman.socket
>>>>> ● io.podman.socket - Podman Remote API Socket
>>>>> Loaded: loaded (/usr/lib/systemd/system/io.podman.socket;
>>>>> enabled; vendor preset: disabled)
>>>>> Active: active (listening) since Fri 2019-08-09 10:38:38 IST;
>>>>> 1s ago
>>>>> Docs: man:podman-varlink(1)
>>>>> Listen: /run/podman/io.podman (Stream)
>>>>> CGroup: /system.slice/io.podman.socket
>>>>>
>>>>>
>>>>> $varlink call -m
>>>>> unix:/run/podman/io.podman/io.podman.ListContainerProcesses
>>>>> '{"name": "mysssd", "opts":
[]}'
>>>>> Unable to connect: CannotConnect
>>>>>
>>>>>
>>>>> Version:
>>>>> podman-1.0.0-2.git921f98f.module+el8+2785+ff8a053f.x86_64
>>>>> libvarlink-16-1.el8.x86_64
>>>>> libvarlink-util-16-1.el8.x86_64
>>>>>
>>>>> Regards
>>>>> Niranjan
>>>>> _______________________________________________
>>>>> Podman mailing list -- podman(a)lists.podman.io
>>>>> <mailto:podman@lists.podman.io>
>>>>> To unsubscribe send an email to podman-leave(a)lists.podman.io
>>>>> <mailto:podman-leave@lists.podman.io>
>>>>>
>>>> _______________________________________________
>>>> Podman mailing list -- podman(a)lists.podman.io
>>>> To unsubscribe send an email to podman-leave(a)lists.podman.io
>>>>
>>> _______________________________________________
>>> Podman mailing list -- podman(a)lists.podman.io
>>> To unsubscribe send an email to podman-leave(a)lists.podman.io
> _______________________________________________
> Podman mailing list -- podman(a)lists.podman.io
> To unsubscribe send an email to podman-leave(a)lists.podman.io
_______________________________________________
Podman mailing list -- podman(a)lists.podman.io
To unsubscribe send an email to podman-leave(a)lists.podman.io