12:26 p.m.
On Tue, Aug 13, 2019, at 12:44 AM, Brent Baude wrote:
You can manually do this quite easily. Example, in one terminal run
podman varlink as a regular user to setup the endpoint:
bin/podman --log-level=debug varlink --timeout 0
unix:/run/user/1000/io.podman
i think people favor the endpoint to be /run/user/num/podman/io.podman
if you prefer that.
In another terminal window, you can verify the endpoint like:
varlink call unix:/run/user/1000/io.podman/io.podman.GetVersion
{
"built": "1969-12-31T18:00:00-06:00",
"git_commit": "",
"go_version": "go1.12.7",
"os_arch": "linux/amd64",
"remote_api_version": 1,
"version": "1.5.1-dev"
}
I'm not familiar enough with systemd to do the setup as a regular user
but this should be possible as well.
On my RHEL8 system with podman
(verison:podman-1.0.0-2.git921f98f.module+el8+2785+ff8a053f.x86_64) I get error when i do
the below:
$ podman --log-level=debug varlink --timeout=0 unix:/run/user/11567/io.podman
INFO[0000] running as rootless
Command "varlink" not found.
See `podman --help`.
Is there a specific version of podman that i should be using ?
> On Mon, 2019-08-12 at 08:55 -0400, Daniel Walsh wrote:
> > You need to have podman varlink running locally in your homedir for
> > this to work. I know their is effort to make this happen seamlessly.
> >
> > I know that the Cockpit team have been working on making this happen,
> > but I need Jhon or Brent or Martin to chime in on how it works (Or
> > doesn't)
> >
> > On 8/12/19 2:37 AM, niranjan(a)ashoo.in wrote:
> > >
> > > On Fri, Aug 9, 2019, at 11:54 AM, niranjan(a)ashoo.in wrote:
> > > >
> > > > On Fri, Aug 9, 2019, at 11:44 AM, Alex Jia wrote:
> > > > > Hi Niranjan,
> > > > >
> > > > > default access permission is 0600 on /run/podman/io.podman
> > > > > directory, so you can't use non-root user
> > > > > to access this listening directory, but you may modify
> > > > > permission before starting io.podman.socket,
> > > > > good luck!
> > > >
> > > > Ah thanks, Since the container was started by non-root user,
> > > > when i tried with sudo it failed
> > > >
> > > > $ sudo varlink call -m
> > > > unix:/run/podman/io.podman/io.podman.ListContainerProcesses
> > > > '{"name": "mysssd", "opts":
[]}'
> > > > Unable to connect: CannotConnect
> > > >
> > > > Probably because the root user doesn't see the container .
> > > >
> > > > > [root@ajia-rhel-8 ajia]# ls -lad /run/podman/io.podman
> > > > > srw-------. 1 root root 0 Aug 9 01:42 /run/podman/io.podman
> > > > >
> > > > > [root@ajia-rhel-8 ajia]# cat
> > > > > /usr/lib/systemd/system/io.podman.socket
> > > > > [Unit]
> > > > > Description=Podman Remote API Socket
> > > > > Documentation=man:podman-varlink(1)
> > > > >
> > > > > [Socket]
> > > > > ListenStream=/run/podman/io.podman
> > > > > SocketMode=0600
> > > > >
> > > > > [Install]
> > > > > WantedBy=sockets.target
> > > > >
> > > > > Sincerely,
> > > > > Alex Jia
> > > >
> > > > When i tried to change the SocketMode to 0666
> > > >
> > > > [root@mniranja ~]# cat /usr/lib/systemd/system/io.podman.socket
> > > > [Unit]
> > > > Description=Podman Remote API Socket
> > > > Documentation=man:podman-varlink(1)
> > > >
> > > > [Socket]
> > > > ListenStream=/run/podman/io.podman
> > > > SocketMode=0666
> > > >
> > > > [Install]
> > > > WantedBy=sockets.target
> > > > [root@mniranja ~]# ls -l /var/run/podman/io.podman
> > > > srw-rw-rw-. 1 root root 0 Aug 9 11:51 /var/run/podman/io.podman
> > > >
> > > > $ varlink call -m
> > > > unix:/run/podman/io.podman/io.podman.ListContainerProcesses
> > > > '{"name": "mysssd", "opts":
[]}'
> > > > Unable to connect: CannotConnect
> > > > (venv) [mniranja@mniranja ad]$ sudo systemctl status
> > > > io.podman.socket
> > > > ● io.podman.socket - Podman Remote API Socket
> > > > Loaded: loaded (/usr/lib/systemd/system/io.podman.socket;
> > > > enabled; vendor preset: disabled)
> > > > Active: active (listening) since Fri 2019-08-09 11:51:21 IST;
> > > > 1min 12s ago
> > > > Docs: man:podman-varlink(1)
> > > > Listen: /run/podman/io.podman (Stream)
> > > > CGroup: /system.slice/io.podman.socket
> > > >
> > > > (venv) [mniranja@mniranja ad]$ podman ps
> > > > CONTAINER ID IMAGE COMMAND
> > > > CREATED STATUS PORTS NAMES
> > > > de27f6bd7c59 docker.io/library/fedora:latest /usr/sbin/init 24
> > > > hours ago Up 24 hours ago mysssd
> > > > (venv) [mniranja@mniranja ad]$
> > >
> > > Even after changing the permissions to 0666, as non root user i am
> > > still unable to use varlink to access the container. Any info on
> > > how i could use varlink as non root user to access containers
> > > created using non-root user.
> > >
> > >
> > >
> > > >
> > > > >
> > > > > On Fri, Aug 9, 2019 at 1:16 PM <niranjan(a)ashoo.in> wrote:
> > > > > > Greetings,
> > > > > >
> > > > > > I have a container running on RHEL8 , The container was
> > > > > > started as non root user using podman cli. I am trying to
> > > > > > connect to container using varlink and it's unable to
> > > > > > connect.
> > > > > >
> > > > > > $ podman ps
> > > > > > CONTAINER ID IMAGE COMMAND
> > > > > > CREATED STATUS PORTS NAMES
> > > > > > de27f6bd7c59 docker.io/library/fedora:latest
> > > > > > /usr/sbin/init 22 hours ago Up 22 hours ago
mysssd
> > > > > >
> > > > > >
> > > > > > $ sudo systemctl restart io.podman.socket
> > > > > > $ sudo systemctl status io.podman.socket
> > > > > > ● io.podman.socket - Podman Remote API Socket
> > > > > > Loaded: loaded
(/usr/lib/systemd/system/io.podman.socket;
> > > > > > enabled; vendor preset: disabled)
> > > > > > Active: active (listening) since Fri 2019-08-09 10:38:38
> > > > > > IST; 1s ago
> > > > > > Docs: man:podman-varlink(1)
> > > > > > Listen: /run/podman/io.podman (Stream)
> > > > > > CGroup: /system.slice/io.podman.socket
> > > > > >
> > > > > >
> > > > > > $varlink call -m
> > > > > > unix:/run/podman/io.podman/io.podman.ListContainerProcesses
> > > > > > '{"name": "mysssd",
"opts": []}'
> > > > > > Unable to connect: CannotConnect
> > > > > >
> > > > > >
> > > > > > Version:
> > > > > > podman-1.0.0-2.git921f98f.module+el8+2785+ff8a053f.x86_64
> > > > > > libvarlink-16-1.el8.x86_64
> > > > > > libvarlink-util-16-1.el8.x86_64
> > > > > >
> > > > > > Regards
> > > > > > Niranjan
> > > > > > _______________________________________________
> > > > > > Podman mailing list -- podman(a)lists.podman.io
> > > > > > To unsubscribe send an email to
podman-leave(a)lists.podman.io
> > > >
> > > > _______________________________________________
> > > > Podman mailing list -- podman(a)lists.podman.io
> > > > To unsubscribe send an email to podman-leave(a)lists.podman.io
> > > >
> > >
> > >
> > >
> > > _______________________________________________
> > > Podman mailing list -- podman(a)lists.podman.io
> > > To unsubscribe send an email to podman-leave(a)lists.podman.io
> >
> >
> > _______________________________________________
> > Podman mailing list -- podman(a)lists.podman.io
> > To unsubscribe send an email to podman-leave(a)lists.podman.io
> _______________________________________________
> Podman mailing list -- podman(a)lists.podman.io
> To unsubscribe send an email to podman-leave(a)lists.podman.io
>