defaults: use user-writable data root on darwin#4842
defaults: use user-writable data root on darwin#484266Ton99 wants to merge 2 commits intocontainerd:mainfrom
Conversation
|
Related downstream packaging PR: |
66Ton99
force-pushed
the
ton/darwin-dataroot
branch
2 times, most recently
from
252e32e to
28dff3d
Compare
Signed-off-by: Ton Sharp <45160296+66Ton99@users.noreply.github.com>
66Ton99
force-pushed
the
ton/darwin-dataroot
branch
from
28dff3d to
45e76e3
Compare
pkg/defaults/defaults_darwin.go
Outdated
| if home, err := os.UserHomeDir(); err == nil && home != "" { | ||
| return filepath.Join(home, ".local", "share", "nerdctl") | ||
| } | ||
| return "/var/lib/nerdctl" |
There was a problem hiding this comment.
This should remain the default when EUID is 0
There was a problem hiding this comment.
Fixed in a5cdb0d. DataRoot now keeps /var/lib/nerdctl when EUID == 0.
pkg/defaults/defaults_darwin.go
Outdated
|
|
||
| func DataRoot() string { | ||
| if home, err := os.UserHomeDir(); err == nil && home != "" { | ||
| return filepath.Join(home, ".local", "share", "nerdctl") |
There was a problem hiding this comment.
$XDG_DATA_HOME should be respected
There was a problem hiding this comment.
Fixed in a5cdb0d. For non-root on Darwin, DataRoot now respects XDG_DATA_HOME (fallback: ~/.local/share).
There was a problem hiding this comment.
All the paths should be handled consistently, not just DataRoot
There was a problem hiding this comment.
Fixed in a5cdb0d. I applied the same root/non-root + XDG convention consistently to DataRoot, CNINetConfPath, CNIRuntimeDir, NerdctlTOML, HostsDirs, and CDISpecDirs.
pkg/defaults/defaults_darwin.go
Outdated
|
|
||
| func DataRoot() string { | ||
| if home, err := os.UserHomeDir(); err == nil && home != "" { | ||
| return filepath.Join(home, ".local", "share", "nerdctl") |
There was a problem hiding this comment.
The convention should be consistent with nerdbox.
Let me cc @containerd/nerdbox-committers @containerd/nerdbox-reviewers
There was a problem hiding this comment.
Addressed in a5cdb0d. Updated Darwin defaults to follow the same user-writable/XDG convention consistently across paths for non-root, while keeping system defaults for root.
| return []string{"/etc/cdi", "/var/run/cdi"} | ||
| } | ||
|
|
||
| func xdgConfigHome() string { |
There was a problem hiding this comment.
Duplicated code: https://github.com/containerd/nerdctl/blob/main/pkg/rootlessutil/xdg_linux.go
Should be consolidated to a single package (but not a single file).
| if xdr := os.Getenv("XDG_RUNTIME_DIR"); xdr != "" { | ||
| return xdr | ||
| } | ||
| return fmt.Sprintf("/run/user/%d", os.Geteuid()) |
There was a problem hiding this comment.
Probably (most of) defaults_darwin.go and defaults_freebsd.go can be consolidated into a single defaults_unix.go
2 participants
Summary
On Darwin,
defaults.DataRoot()currently always returns/var/lib/nerdctl.For regular users this can fail immediately with:
mkdir /var/lib/nerdctl: permission deniedThis change makes Darwin use a user-writable default data root.
Change
In
pkg/defaults/defaults_darwin.go:DataRoot()now returns$HOME/.local/share/nerdctlwhen the home directory is available/var/lib/nerdctlif home cannot be resolvedWhy
This aligns the Darwin default with typical non-root usage and avoids immediate startup failures for users who run
nerdctlwithout elevated privileges.Scope
Validation
go test ./pkg/defaults ./pkg/configReview request
A review from maintainers familiar with
nerdctldefault path semantics across platforms would be appreciated.