This patch fixes selinuxopt generation as found in:
```
install /usr/sbin/selinuxenabled -D -m 644 crio.conf /etc/crio/crio.conf
```
The above is clearly wrong when installing the configuration because
`commmand -v` outputs the path of selinuxenabled as well, resulting in
/usr/bin/selinuxenabled -Z
This patch fixes that by just echoing the -Z as needed.
Issue introduced in
https://github.com/kubernetes-incubator/cri-o/pull/1363
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
This should have happened in f4883dd2 (Makefile: do not install man1
files, 2017-11-08, #1129). It may have been missed due to the
man1/man8 typo from e61c672a (Add missing man pages and bash
completions for kpod, 2016-12-02, #230).
Signed-off-by: W. Trevor King <wking@tremily.us>
The hard-coded path landed in 488216f5 (Make sure selinuxenabled
exists before executing it, 2016-10-17, #154), but there's no need to
require that path. Using 'command -v' (in POSIX [1]) supports anyone
who has selinuxenabled in their PATH.
[1]: http://pubs.opengroup.org/onlinepubs/9699919799/utilities/command.html
Signed-off-by: W. Trevor King <wking@tremily.us>
Without this change, hitting these targets directly will fail. For
example:
$ make clean
$ make MANDIR=/tmp install.man
install -d -m 755 /tmp/man5
install -d -m 755 /tmp/man8
install -m 644 docs/crio.conf.5 -t /tmp/man5
install: cannot stat 'docs/crio.conf.5': No such file or directory
make: *** [Makefile:150: install.man] Error 1
Signed-off-by: W. Trevor King <wking@tremily.us>
This makes fixing errors easier. Before this commit, errors looked
like [1]:
$ make gofmt
!!! 'gofmt -s' needs to be run on the following files:
./lib/config.go
make: *** [gofmt] Error 1
But that's not very helpful when your local gofmt thinks the file is
fine. With this commit, errors will look like:
$ make gofmt
find . -name '*.go' ! -path './vendor/*' -exec gofmt -s -w {} \+
git diff --exit-code
diff --git a/lib/config.go b/lib/config.go
index 1acca8c7..6a63b2b0 100644
--- a/lib/config.go
+++ b/lib/config.go
@@ -2,7 +2,7 @@ package lib
import (
"bytes"
-"io/ioutil"
+ "io/ioutil"
"github.com/BurntSushi/toml"
"github.com/kubernetes-incubator/cri-o/oci"
make: *** [Makefile:68: gofmt] Error 1
(or whatever, I just stuffed in a formatting error for demonstration
purposes).
Also remove the helper script in favor of direct Makefile calls,
because with Git handling difference reporting and exit status, this
becomes a simpler check. find's -exec, !, and -path arguments are
specified in POSIX [2].
[1]: https://travis-ci.org/kubernetes-incubator/cri-o/jobs/331949394#L1075
[2]: http://pubs.opengroup.org/onlinepubs/9699919799/utilities/find.html
Signed-off-by: W. Trevor King <wking@tremily.us>
Avoid crashing 'make' with:
No package 'devmapper' found
by disabling the devmapper driver when the library it requires is not
installed. Also give the libdm_no_deferred_remove script a more
specific name to avoid confusion.
Signed-off-by: W. Trevor King <wking@tremily.us>
Instead of compiling all of the *.go files each time, the
-i flag will cause them to be only compiled if they changed.
This will make developers much happier.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
kpod removal actually removed all man1 docs but the Makefile was still
referencing man1 stuff. CRI-O doesn't have man1 so let's drop that
altogether now.
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
Rename our $STORAGE_OPTS variable to $STORAGE_OPTIONS, so that the
storage library doesn't try to use its contents as default driver
options.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Determine if selinux is available before building cri-o with support.
Don't add ostree support to crio or any tools other then kpod.
cri-o does not use ostree.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Where `make install` still has the same behaviour, but you could instead
only `make install.bin` if you don't need the man pages.
Signed-off-by: Vincent Batts <vbatts@hashbangbash.com>
This patch set add crio-umount.conf file which tells oci-umount plugin
to look for leaked mount points in /var/lib/containers/storage/* and
/var/run/containers/*
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
The inspect endpoint is used mainly in the CRI-O cAdvisor handler.
Let's make sure we don't break it by adding some trivial unit tests.
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
This patch will check to see if SELinux is enabled and then pass
the -Z flag to the install command, which causes install to label
all created content with the system default labels.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
ln -s errors out with file exists if you run make install.systemd twice
or more. This patch installs the alias directly w/o using a symlink so
it can be run multiple times w/o errors.
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
bin2img/checkseccomp/copyimg are file targets and should not be .PHONY.
This prevents to build them if not necessary.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Build all of our binaries with the same build tags and the same LDFLAGS.
This means we add $(LDFLAGS) to bin2img, copyimg, and cri-o,
$(BUILDTAGS) to kpod, and both to crioctl and checkseccomp.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
