Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

pkg/docker/config: correct defaultPerUIDPathFormat #729

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

pkg/docker/config: correct defaultPerUIDPathFormat #729

wants to merge 1 commit into from

Conversation

nalind
Copy link
Member

@nalind nalind commented Oct 11, 2019

If I'm reading containers/podman#4227 right, we should make defaultPerUIDPathFormat correspond to the value that we'd compute by combining the default value of ${XDG_RUNTIME_DIR} (typically /run/user/$(id -u)) and xdgRuntimeDirPath.

@nalind
pkg/docker/config: correct defaultPerUIDPathFormat
e2fa32b 
Make defaultPerUIDPathFormat correspond to the value that we'd compute
by combining the default value of ${XDG_RUNTIME_DIR} and
xdgRuntimeDirPath.

Signed-off-by: Nalin Dahyabhai <[email protected]>
@mtrmac
Copy link
Collaborator

mtrmac commented Oct 11, 2019
edited
Loading

Thanks. The non-XDG_RUNTIME_DIR default was, IIRC, intentionally different, e.g. #424 says:

Looking at pam_systemd(8), it removes /run/user when “the last concurrent session of a user ends”; so, if we created the directory without systemd knowing about the session, it can delete the directory at an unpredictable time when some other session terminates.

so it may not be all quite as simple (but I haven’t reread all of the previous issues/PRs/bugs filed).

One clear problem with the current code is that it does not work at all for non-root users who are not allowed to create subdirectories in /run/containers (OTOH that’s also the case for /run/user/$UID), so I’m not at all saying that the current code is right, just that the intent of this code path was not to match $XDG_RUNTIME_DIR.

@nalind
Copy link
Member Author

nalind commented Oct 14, 2019

One clear problem with the current code is that it does not work at all for non-root users who are not allowed to create subdirectories in /run/containers (OTOH that’s also the case for /run/user/$UID), so I’m not at all saying that the current code is right, just that the intent of this code path was not to match $XDG_RUNTIME_DIR.

Yeah, the "not being able to create /run/containers or subdirectories under it" was what had me thinking this was an error. If it's intentional, though, should I just close this one?

@mtrmac
Copy link
Collaborator

mtrmac commented Oct 14, 2019

See also the conversation in containers/podman#4232 , not sure how that will turn out.

@mtrmac
Copy link
Collaborator

mtrmac commented Aug 8, 2020

The original motivation for this PR, containers/podman#4227 , was resolved by containers/podman#4337 , having Podman mostly defer to this code for the defaults.

That does not mean that these non-$XDG_RUNTIME_DIR defaults work all that well (they really don’t), OTOH I don’t think we have any good choices.

The longer-term plan is to have (system-wide and per-user) registries.conf set up a set of credential helpers, and to use such a helper instead of a flat file for the credentials. That should make the common/ideal case better.

OTOH that does nothing for users who choose to use files, or have to use files because nothing else is available, and do not have $XDG_RUNTIME_DIR; still, I don’t think we have good choices.

@mtrmac mtrmac added the kind/feature A request for, or a PR adding, new functionality label Dec 7, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
kind/feature A request for, or a PR adding, new functionality
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@nalind @mtrmac