github.com/containers/libpod@v1.9.4-0.20220419124438-4284fd425507/cmd/podman/commands.go (about) 1 // +build !remoteclient 2 3 package main 4 5 import ( 6 "fmt" 7 "os" 8 9 "github.com/containers/buildah/pkg/parse" 10 "github.com/containers/common/pkg/config" 11 "github.com/containers/libpod/pkg/apparmor" 12 "github.com/containers/libpod/pkg/cgroups" 13 "github.com/containers/libpod/pkg/rootless" 14 "github.com/containers/libpod/pkg/sysinfo" 15 "github.com/opencontainers/selinux/go-selinux" 16 "github.com/spf13/cobra" 17 ) 18 19 const remoteclient = false 20 21 // Commands that the local client implements 22 func getMainCommands() []*cobra.Command { 23 rootCommands := []*cobra.Command{ 24 _autoUpdateCommand, 25 _cpCommand, 26 _playCommand, 27 _loginCommand, 28 _logoutCommand, 29 _mountCommand, 30 _refreshCommand, 31 _searchCommand, 32 _statsCommand, 33 _umountCommand, 34 _unshareCommand, 35 } 36 37 if len(_varlinkCommand.Use) > 0 { 38 rootCommands = append(rootCommands, _varlinkCommand) 39 } 40 return rootCommands 41 } 42 43 // Commands that the local client implements 44 func getImageSubCommands() []*cobra.Command { 45 return []*cobra.Command{ 46 _signCommand, 47 _trustCommand, 48 } 49 } 50 51 // Commands that the local client implements 52 func getContainerSubCommands() []*cobra.Command { 53 54 return []*cobra.Command{ 55 _cpCommand, 56 _cleanupCommand, 57 _mountCommand, 58 _refreshCommand, 59 _runlabelCommand, 60 _statsCommand, 61 _umountCommand, 62 } 63 } 64 65 // Commands that the local client implements 66 func getPlaySubCommands() []*cobra.Command { 67 return []*cobra.Command{ 68 _playKubeCommand, 69 } 70 } 71 72 // Commands that the local client implements 73 func getTrustSubCommands() []*cobra.Command { 74 return []*cobra.Command{ 75 _setTrustCommand, 76 _showTrustCommand, 77 } 78 } 79 80 // Commands that the local client implements 81 func getSystemSubCommands() []*cobra.Command { 82 systemCommands := []*cobra.Command{ 83 _renumberCommand, 84 _dfSystemCommand, 85 _migrateCommand, 86 } 87 88 if len(_serviceCommand.Use) > 0 { 89 systemCommands = append(systemCommands, _serviceCommand) 90 } 91 92 return systemCommands 93 } 94 95 func getDefaultSecurityOptions() []string { 96 securityOpts := []string{} 97 if defaultContainerConfig.Containers.SeccompProfile != "" && defaultContainerConfig.Containers.SeccompProfile != parse.SeccompDefaultPath { 98 securityOpts = append(securityOpts, fmt.Sprintf("seccomp=%s", defaultContainerConfig.Containers.SeccompProfile)) 99 } 100 if apparmor.IsEnabled() && defaultContainerConfig.Containers.ApparmorProfile != "" { 101 securityOpts = append(securityOpts, fmt.Sprintf("apparmor=%s", defaultContainerConfig.Containers.ApparmorProfile)) 102 } 103 if selinux.GetEnabled() && !defaultContainerConfig.Containers.EnableLabeling { 104 securityOpts = append(securityOpts, fmt.Sprintf("label=%s", selinux.DisableSecOpt()[0])) 105 } 106 return securityOpts 107 } 108 109 // getDefaultSysctls 110 func getDefaultSysctls() []string { 111 return defaultContainerConfig.Containers.DefaultSysctls 112 } 113 114 func getDefaultVolumes() []string { 115 return defaultContainerConfig.Containers.Volumes 116 } 117 118 func getDefaultDevices() []string { 119 return defaultContainerConfig.Containers.Devices 120 } 121 122 func getDefaultDNSServers() []string { 123 return defaultContainerConfig.Containers.DNSServers 124 } 125 126 func getDefaultDNSSearches() []string { 127 return defaultContainerConfig.Containers.DNSSearches 128 } 129 130 func getDefaultDNSOptions() []string { 131 return defaultContainerConfig.Containers.DNSOptions 132 } 133 134 func getDefaultEnv() []string { 135 return defaultContainerConfig.Containers.Env 136 } 137 138 func getDefaultInitPath() string { 139 return defaultContainerConfig.Containers.InitPath 140 } 141 142 func getDefaultIPCNS() string { 143 return defaultContainerConfig.Containers.IPCNS 144 } 145 146 func getDefaultPidNS() string { 147 return defaultContainerConfig.Containers.PidNS 148 } 149 150 func getDefaultNetNS() string { 151 if defaultContainerConfig.Containers.NetNS == "private" && rootless.IsRootless() { 152 return "slirp4netns" 153 } 154 return defaultContainerConfig.Containers.NetNS 155 } 156 157 func getDefaultCgroupNS() string { 158 return defaultContainerConfig.Containers.CgroupNS 159 } 160 161 func getDefaultUTSNS() string { 162 return defaultContainerConfig.Containers.UTSNS 163 } 164 165 func getDefaultShmSize() string { 166 return defaultContainerConfig.Containers.ShmSize 167 } 168 169 func getDefaultUlimits() []string { 170 return defaultContainerConfig.Containers.DefaultUlimits 171 } 172 173 func getDefaultUserNS() string { 174 userns := os.Getenv("PODMAN_USERNS") 175 if userns != "" { 176 return userns 177 } 178 return defaultContainerConfig.Containers.UserNS 179 } 180 181 func getDefaultPidsLimit() int64 { 182 if rootless.IsRootless() { 183 if defaultContainerConfig.Engine.CgroupManager == config.SystemdCgroupsManager { 184 cgroup2, _ := cgroups.IsCgroup2UnifiedMode() 185 if cgroup2 { 186 return defaultContainerConfig.Containers.PidsLimit 187 } 188 } 189 return 0 190 } 191 return sysinfo.GetDefaultPidsLimit() 192 } 193 194 func getDefaultPidsDescription() string { 195 return "Tune container pids limit (set 0 for unlimited)" 196 } 197 198 func getDefaultDetachKeys() string { 199 return defaultContainerConfig.Engine.DetachKeys 200 }