search

kachick / dotfiles

🤤✂🌳
MIT License
8 stars 0 forks source link

Empty `/run/.containerenv` except privileged mode #601

Closed kachick closed 1 week ago

kachick commented 1 month ago

Updated to 1.19.0 in https://github.com/kachick/dotfiles/pull/600

user in ~ ⬢ [podman] zsh
> starship --version
starship 1.19.0
branch:
commit_hash:
build_time:1980-01-01 00:00:00 +00:00
build_env:rustc 1.77.2 (25ef9e3d8 2024-04-09) (built from a source tarball),

user in ~ ⬢ [podman] zsh
127! la /run/.containerenv
.rw-r--r-- 0 root 23 May 10:41 /run/.containerenv

user in ~ ⬢ [podman] zsh
> bat /run/.containerenv

https://github.com/starship/starship/pull/5195 https://access.redhat.com/documentation/ja-jp/red_hat_enterprise_linux/9/html-single/building_running_and_managing_containers/index

kachick commented 1 month ago

https://github.com/containers/podman/issues/6192 https://github.com/containers/buildah/pull/2821

kachick commented 1 month ago

https://github.com/containers/podman/blob/36152eeabff9cef0524d14c5c0ed0e43c3b9e36a/libpod/container_internal_common.go#L2015-L2024

🤔 Why inserting only in privilege mode?

kachick commented 1 month ago

podman run --privileged --detach and podman exec normally makes /run/.containerenv and starship shows it

dotfiles main(d28a8e6)  via 🐹 v1.22.3 26s via ❄️  impure (nix-shell-env) zsh
> podman run --privileged --detach --rm f1648c853b36e6e9782bba97bdca41ab4885228e176a54ad89030cbe4ea6b772
616a8a7ab487ad4492e2674d2eb9c9773882576b16090e624aa9f16ec0199096

dotfiles main(d28a8e6)  via 🐹 v1.22.3 via ❄️  impure (nix-shell-env) zsh
> podman exec --privileged --workdir=/home/user -it 616a8a7ab487ad4492e2674d2eb9c9773882576b16090e624aa9f16ec0199096 /home/user/.nix-profile/bin/zsh
616a8a7ab487# ls /run/.containerenv
/run/.containerenv
616a8a7ab487# cat /run/.containerenv
engine="podman-5.1.0-dev-34115231a"
name="jolly_jackson"
id="616a8a7ab487ad4492e2674d2eb9c9773882576b16090e624aa9f16ec0199096"
image="ghcr.io/kachick/home:latest"
imageid="f1648c853b36e6e9782bba97bdca41ab4885228e176a54ad89030cbe4ea6b772"
rootless=1

127! podman exec --user=user --workdir=/home/user -it 616a8a7ab487ad4492e2674d2eb9c9773882576b16090e624aa9f16ec0199096 /home/user/.nix-profile/bin/zsh

user in ~ ⬢ [jolly_jackson] zsh
>
kachick commented 1 week ago

Looks like a spec 🤷‍♂️ https://github.com/containers/podman/blob/298f31ba6fc1efcf6630282c45bb80b3f95f2534/docs/source/markdown/podman-run.1.md.in#L32-L35