podman: warn that 'docker run --privileged' may be needed

This complements 79c36e8 with useful info, Mock already falls-back to using "normal bootstrap" if in Docker without --privileged. Fixes: rpm-software-management#1184
praiskup · Sep 9, 2023 · 8c7aad5 · 8c7aad5
1 parent 46cdbff
commit 8c7aad5
Show file tree

Hide file tree

Showing 3 changed files with 37 additions and 19 deletions.
diff --git a/mock/py/mock.py b/mock/py/mock.py
@@ -618,23 +618,6 @@ def groupcheck(unprivGid, tgtGid):
                            (name, ", ".join(members)))
 
 
-def running_in_docker():
-    """ Returns True if we are running inside of Docker container """
-    # Docker container has different cgroup than PID 1 of host.
-    # And have "docker" in that tree.
-    with open('/proc/self/cgroup') as f:
-        for line in f:
-            items = line.split(':')
-            if 'docker' in items[2]:
-                return True
-    # For containers with cgroupv2
-    with open('/proc/self/mountinfo', encoding='utf8') as f:
-        for line in f:
-            if '/docker/containers/' in line and "/etc/hosts" in line:
-                return True
-    return False
-
-
 @traceLog()
 def unshare_namespace(config_opts):
     base_unshare_flags = util.CLONE_NEWNS
@@ -649,8 +632,9 @@ def unshare_namespace(config_opts):
             util.unshare(base_unshare_flags)
         except mockbuild.exception.UnshareFailed as e2:
             log.error("Namespace unshare failed.")
-            if running_in_docker() and not ('docker_unshare_warning' in config_opts and
-                                            config_opts['docker_unshare_warning']):
+            if util.mock_host_environment_type() == "docker" \
+                and not ('docker_unshare_warning' in config_opts
+                         and config_opts['docker_unshare_warning']):
                 log.error("It seems we are running inside of Docker. Let skip unsharing.")
                 log.error("You should *not* run anything but Mock in this container. You have been warned!")
                 time.sleep(5)

diff --git a/mock/py/mockbuild/buildroot.py b/mock/py/mockbuild/buildroot.py
@@ -217,6 +217,13 @@ def _load_from_container_image(self):
         if not self.uses_bootstrap_image or self.chroot_was_initialized:
             return
 
+        if util.mock_host_environment_type() == "docker":
+            getLog().info(
+                "It seems that you run Mock in a Docker container.  Mock "
+                "though uses container tooling itself (namely Podman) for "
+                "downloading bootstrap image.  This might require you to "
+                "run Mock in 'docker run --privileged'.")
+
         class _FallbackException(Exception):
             pass
 

diff --git a/mock/py/mockbuild/util.py b/mock/py/mockbuild/util.py
@@ -1043,3 +1043,30 @@ def subscription_redhat_init(opts, uidManager):
 def is_host_rh_family():
     distro_name = distro.id()
     return distro_name in RHEL_CLONES + ['fedora']
+
+def mock_host_environment_type():
+    """
+    Detect if we run in Docker.
+    """
+    if hasattr(mock_host_environment_type, "cached_retval"):
+        return mock_host_environment_type.cached_retval
+
+    def _cache(retval):
+        mock_host_environment_type.cached_retval = retval
+        getLog().info("Guessed host environment type: %s", retval)
+        return retval
+
+    # Docker container has different cgroup than PID 1 of host.
+    # And have "docker" in that tree.
+    with open('/proc/self/cgroup', encoding="utf8") as f:
+        for line in f:
+            items = line.split(':')
+            if 'docker' in items[2]:
+                return _cache("docker")
+    # For containers with cgroupv2
+    with open('/proc/self/mountinfo', encoding='utf8') as f:
+        for line in f:
+            if '/docker/containers/' in line and "/etc/hosts" in line:
+                return _cache("docker")
+
+    return _cache("unknown")