atomic icon indicating copy to clipboard operation
atomic copied to clipboard
verified publisher icon projectatomic

atomic run should inform user when running as exec inside an existing container

Open baude opened this issue 9 years ago • 0 comments

Not sure how this should work, but it looks off...

When using atomic run to run a container that is already running, the command appears to start a new container with a different ID. However, the output from atomic containers list shows that the previously running container is intact and its ID has not changed.

I would suggest changing the output to indicate that the container is already running or otherwise notifying the user that the new container ID is not going to be used.

# ./atomic containers list
   CONTAINER ID IMAGE                COMMAND              CREATED          STATE     RUNTIME   
   d7843c1a7f8c docker.io/cockpit/ws /container/atomic-ru 2017-01-17 19:59 running   docker    
# ./atomic run docker.io/cockpit/ws
/usr/bin/docker run -d --privileged --pid=host -v /:/host docker.io/cockpit/ws /container/atomic-run --local-ssh

This container uses privileged security switches:

INFO: --pid=host 
      Processes in this container can see and interact with all processes on the host and disables SELinux within the container.

INFO: --privileged 
      This container runs without separation and should be considered the same as root on your system.

For more information on these switches and their security implications, consult the manpage for 'docker run'.

50736975bed2f07fa9eeea91228d57340b3feeb13118e74c9f8aba40a37a7a70
# ./atomic containers list
   CONTAINER ID IMAGE                COMMAND              CREATED          STATE     RUNTIME   
   d7843c1a7f8c docker.io/cockpit/ws /container/atomic-ru 2017-01-17 19:59 running   docker    
# ./atomic run docker.io/cockpit/ws
/usr/bin/docker run -d --privileged --pid=host -v /:/host docker.io/cockpit/ws /container/atomic-run --local-ssh

This container uses privileged security switches:

INFO: --pid=host 
      Processes in this container can see and interact with all processes on the host and disables SELinux within the container.

INFO: --privileged 
      This container runs without separation and should be considered the same as root on your system.

For more information on these switches and their security implications, consult the manpage for 'docker run'.

5ad399a88ebdfb3c8cd039d622a88e224844b2f927f704546bc9785f0e05616b
# ./atomic containers list
   CONTAINER ID IMAGE                COMMAND              CREATED          STATE     RUNTIME   
   d7843c1a7f8c docker.io/cockpit/ws /container/atomic-ru 2017-01-17 19:59 running   docker

baude avatar Jan 17 '17 22:01 baude