The OCI CLI document doesn't define any required global options, but there
are a number which are commonly accepted by most runtimes. We define this
subset there, and incorporate it into the top-level Parser in Youki using
fixes #508
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Because we want to allow a final user to add extension commands
easily, it doesn't work to entirely move the enum of runtime
subcommands into the liboci-cli crate. However, using the
incoporate those into the top-level enum defined by youki.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Currently every individual subcommand of youki has clap attributes giving
the youki version and authors. That seems a bit redundant, since this
information is also on the top level Opts structure.
Having the tags on each does have an effect though: it means that, e.g.
"youki create --help" will give the version and author, as well as plain
"youki --help". Likewise "youki create --version" will give a result as
well as "youki --version".
Including this is of limited value, though, since it can be easily obtained
from the top level command. It also provides a barrier to splitting out
the frontend argument parsing from the rest of youki, so remove it.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
The OCI Runtime Command Line Interface specification[0] specifies only five
subcommands to implement. However, there are a number of other subcommands
that are commonly implemented by runtimes, and commonly used by their
clients.
Move the parsing of a number of those subcommands into the liboci-cli
crate. This leaves only one subcommand "info" parsed in the youki crate.
As far as I can tell this is a youki specific extension, since it doesn't
appear in either runc or crun.
[0] https://github.com/opencontainers/runtime-tools/blob/master/docs/command-line-interface.md
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
In particular it has a summary of what subcommands implemented by various
runtimes are included in the frontend crate so far.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
It would be useful to have an independent crate covering solely the OCI
command line front end of youki, to which other backends can then be
written.
To start on that, we create a new "oci-runtime-clap" crate, and move some
subcommand structure definitions into it. For now we only move the
subcommands which are actually specified in the OCI runtime command line
interface document (v1.0.1):
https://github.com/opencontainers/runtime-tools/blob/master/docs/command-line-interface.md
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Currently youki implements each OCI command as a single "exec()" method on
the structure encoding the arguments for that command. Tying the
implementation to the argument structure makes it difficult to split the
container backend from the command line front end.
So, rework each command as a standalone function.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
- Use systemd client to find systemd cgroup root
- Add error context
- Manager debug impl
- Comments
- Set default slice name for rootless and rootfull containers
determine_root_path goes through various options to find a state storage
location, the last of which is /tmp/youki/<uid>.
If a user (say, UID 1000) uses youki, and this final option is selected,
/tmp/youki will be created as well as /tmp/youki/1000. Both will be
created owned by UID 1000 and with write permissions only for that user.
Them, if another user (say, UID 1001) attempts to use youki and the same
final option is selected, it will fail, because it cannot create
/tmp/youki/1001 under the /tmp/youki owned by UID 1000.
There's really no way to safely create a multi-user shared subdirectory in
/tmp, so instead we should create our per-user directory directly under
/tmp. We do this by calling it /tmp/youki-<uid> instead.
fixes #496
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
When using a root state directory from $XDG_RUNTIME_DIR, or from it's
default value of /run/user/<uid>, we don't add a tag specific to youki
to the path. That means the directories for individual containers
will be placed directly in the general use runtime dir.
That's against normal conventions, and could mean that "youki list"
will see files or directories from other software as if they were
youki managed containers. Therefore, add "youki" to the base runtime
path from XDG.
fixes #487
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
