Ensure DefaultEnvVariables is used in Specgen

When we rewrote Podman's pkg/spec, one of the things that was lost was our use of a set of default environment variables, that ensure all containers have at least $PATH and $TERM set. While we're in the process of re-adding it, change it from a variable to a function, so we can ensure the Join function does not overwrite it and corrupt the defaults. Signed-off-by: Matthew Heon <[email protected]>
containers · Aug 17, 2020 · d226603 · d226603
1 parent ff09631
commit d226603
Show file tree

Hide file tree

Showing 5 changed files with 21 additions and 12 deletions.
diff --git a/cmd/podman/common/specgen.go b/cmd/podman/common/specgen.go
@@ -308,9 +308,8 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string
 	//
 	// Precedence order (higher index wins):
 	//  1) env-host, 2) image data, 3) env-file, 4) env
-	env := map[string]string{
-		"container": "podman",
-	}
+	env := make(map[string]string)
+	env["container"] = "podman"
 
 	// First transform the os env into a map. We need it for the labels later in
 	// any case.

diff --git a/pkg/env/env.go b/pkg/env/env.go
@@ -12,14 +12,16 @@ import (
 	"github.com/pkg/errors"
 )
 
-// DefaultEnvVariables sets $PATH and $TERM.
-var DefaultEnvVariables = map[string]string{
-	"PATH": "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
-	"TERM": "xterm",
-}
-
 const whiteSpaces = " \t"
 
+// DefaultEnvVariables returns a default environment, with $PATH and $TERM set.
+func DefaultEnvVariables() map[string]string {
+	return map[string]string{
+		"PATH": "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
+		"TERM": "xterm",
+	}
+}
+
 // Slice transforms the specified map of environment variables into a
 // slice. If a value is non-empty, the key and value are joined with '='.
 func Slice(m map[string]string) []string {

diff --git a/pkg/spec/spec.go b/pkg/spec/spec.go
@@ -321,13 +321,13 @@ func (config *CreateConfig) createConfigToOCISpec(runtime *libpod.Runtime, userM
 	// config.
 	var defaultEnv map[string]string
 	if runtimeConfig == nil {
-		defaultEnv = env.DefaultEnvVariables
+		defaultEnv = env.DefaultEnvVariables()
 	} else {
 		defaultEnv, err = env.ParseSlice(runtimeConfig.Containers.Env)
 		if err != nil {
 			return nil, errors.Wrap(err, "Env fields in containers.conf failed ot parse")
 		}
-		defaultEnv = env.Join(env.DefaultEnvVariables, defaultEnv)
+		defaultEnv = env.Join(env.DefaultEnvVariables(), defaultEnv)
 	}
 
 	if err := addRlimits(config, &g); err != nil {

diff --git a/pkg/specgen/generate/container.go b/pkg/specgen/generate/container.go
@@ -86,6 +86,15 @@ func CompleteSpec(ctx context.Context, r *libpod.Runtime, s *specgen.SpecGenerat
 
 	s.Env = envLib.Join(envLib.Join(defaultEnvs, envs), s.Env)
 
+	// Ensure that default environment variables are populated.
+	// Container must have PATH and TERM set, even if nothing else set them.
+	baseEnv := envLib.DefaultEnvVariables()
+	for k, v := range baseEnv {
+		if _, ok := s.Env[k]; !ok {
+			s.Env[k] = v
+		}
+	}
+
 	// Labels and Annotations
 	annotations := make(map[string]string)
 	if newImage != nil {

diff --git a/pkg/specgen/generate/oci.go b/pkg/specgen/generate/oci.go
@@ -260,7 +260,6 @@ func SpecGenToOCI(ctx context.Context, s *specgen.SpecGenerator, rt *libpod.Runt
 	for key, val := range s.Annotations {
 		g.AddAnnotation(key, val)
 	}
-	g.AddProcessEnv("container", "podman")
 
 	g.Config.Linux.Resources = s.ResourceLimits