various cleanups to address linter issues
Signed-off-by: Dominik Süß <dominik@suess.wtf>
This commit is contained in:
parent
398f670bcb
commit
0b412e9482
|
@ -71,10 +71,7 @@ checkpointed.`,
|
||||||
if err := setEmptyNsMask(context, options); err != nil {
|
if err := setEmptyNsMask(context, options); err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
if err := container.Checkpoint(options); err != nil {
|
return container.Checkpoint(options)
|
||||||
return err
|
|
||||||
}
|
|
||||||
return nil
|
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -80,9 +80,8 @@ status of "ubuntu01" as "stopped" the following will delete resources held for
|
||||||
default:
|
default:
|
||||||
if force {
|
if force {
|
||||||
return killContainer(container)
|
return killContainer(container)
|
||||||
} else {
|
|
||||||
return fmt.Errorf("cannot delete container %s that is not stopped: %s\n", id, s)
|
|
||||||
}
|
}
|
||||||
|
return fmt.Errorf("cannot delete container %s that is not stopped: %s\n", id, s)
|
||||||
}
|
}
|
||||||
|
|
||||||
return nil
|
return nil
|
||||||
|
|
5
kill.go
5
kill.go
|
@ -51,10 +51,7 @@ signal to the init process of the "ubuntu01" container:
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
if err := container.Signal(signal, context.Bool("all")); err != nil {
|
return container.Signal(signal, context.Bool("all"))
|
||||||
return err
|
|
||||||
}
|
|
||||||
return nil
|
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -46,11 +46,7 @@ func (s *CpuGroup) ApplyDir(path string, cgroup *configs.Cgroup, pid int) error
|
||||||
}
|
}
|
||||||
// because we are not using d.join we need to place the pid into the procs file
|
// because we are not using d.join we need to place the pid into the procs file
|
||||||
// unlike the other subsystems
|
// unlike the other subsystems
|
||||||
if err := cgroups.WriteCgroupProc(path, pid); err != nil {
|
return cgroups.WriteCgroupProc(path, pid)
|
||||||
return err
|
|
||||||
}
|
|
||||||
|
|
||||||
return nil
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *CpuGroup) SetRtSched(path string, cgroup *configs.Cgroup) error {
|
func (s *CpuGroup) SetRtSched(path string, cgroup *configs.Cgroup) error {
|
||||||
|
@ -83,11 +79,7 @@ func (s *CpuGroup) Set(path string, cgroup *configs.Cgroup) error {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if err := s.SetRtSched(path, cgroup); err != nil {
|
return s.SetRtSched(path, cgroup)
|
||||||
return err
|
|
||||||
}
|
|
||||||
|
|
||||||
return nil
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *CpuGroup) Remove(d *cgroupData) error {
|
func (s *CpuGroup) Remove(d *cgroupData) error {
|
||||||
|
|
|
@ -84,11 +84,7 @@ func (s *CpusetGroup) ApplyDir(dir string, cgroup *configs.Cgroup, pid int) erro
|
||||||
|
|
||||||
// because we are not using d.join we need to place the pid into the procs file
|
// because we are not using d.join we need to place the pid into the procs file
|
||||||
// unlike the other subsystems
|
// unlike the other subsystems
|
||||||
if err := cgroups.WriteCgroupProc(dir, pid); err != nil {
|
return cgroups.WriteCgroupProc(dir, pid)
|
||||||
return err
|
|
||||||
}
|
|
||||||
|
|
||||||
return nil
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *CpusetGroup) getSubsystemSettings(parent string) (cpus []byte, mems []byte, err error) {
|
func (s *CpusetGroup) getSubsystemSettings(parent string) (cpus []byte, mems []byte, err error) {
|
||||||
|
|
|
@ -399,10 +399,7 @@ func (c *linuxContainer) createExecFifo() error {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
unix.Umask(oldMask)
|
unix.Umask(oldMask)
|
||||||
if err := os.Chown(fifoName, rootuid, rootgid); err != nil {
|
return os.Chown(fifoName, rootuid, rootgid)
|
||||||
return err
|
|
||||||
}
|
|
||||||
return nil
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func (c *linuxContainer) deleteExecFifo() {
|
func (c *linuxContainer) deleteExecFifo() {
|
||||||
|
|
|
@ -218,11 +218,7 @@ func syncParentReady(pipe io.ReadWriter) error {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Wait for parent to give the all-clear.
|
// Wait for parent to give the all-clear.
|
||||||
if err := readSync(pipe, procRun); err != nil {
|
return readSync(pipe, procRun)
|
||||||
return err
|
|
||||||
}
|
|
||||||
|
|
||||||
return nil
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// syncParentHooks sends to the given pipe a JSON payload which indicates that
|
// syncParentHooks sends to the given pipe a JSON payload which indicates that
|
||||||
|
@ -235,11 +231,7 @@ func syncParentHooks(pipe io.ReadWriter) error {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Wait for parent to give the all-clear.
|
// Wait for parent to give the all-clear.
|
||||||
if err := readSync(pipe, procResume); err != nil {
|
return readSync(pipe, procResume)
|
||||||
return err
|
|
||||||
}
|
|
||||||
|
|
||||||
return nil
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// setupUser changes the groups, gid, and uid for the user inside the container
|
// setupUser changes the groups, gid, and uid for the user inside the container
|
||||||
|
|
|
@ -1263,10 +1263,7 @@ func TestSTDIOPermissions(t *testing.T) {
|
||||||
}
|
}
|
||||||
|
|
||||||
func unmountOp(path string) error {
|
func unmountOp(path string) error {
|
||||||
if err := unix.Unmount(path, unix.MNT_DETACH); err != nil {
|
return unix.Unmount(path, unix.MNT_DETACH)
|
||||||
return err
|
|
||||||
}
|
|
||||||
return nil
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// Launch container with rootfsPropagation in rslave mode. Also
|
// Launch container with rootfsPropagation in rslave mode. Also
|
||||||
|
|
|
@ -44,9 +44,5 @@ func ModKeyringPerm(ringId KeySerial, mask, setbits uint32) error {
|
||||||
|
|
||||||
perm := (uint32(perm64) & mask) | setbits
|
perm := (uint32(perm64) & mask) | setbits
|
||||||
|
|
||||||
if err := unix.KeyctlSetperm(int(ringId), perm); err != nil {
|
return unix.KeyctlSetperm(int(ringId), perm)
|
||||||
return err
|
|
||||||
}
|
|
||||||
|
|
||||||
return nil
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -828,10 +828,7 @@ func remount(m *configs.Mount, rootfs string) error {
|
||||||
if !strings.HasPrefix(dest, rootfs) {
|
if !strings.HasPrefix(dest, rootfs) {
|
||||||
dest = filepath.Join(rootfs, dest)
|
dest = filepath.Join(rootfs, dest)
|
||||||
}
|
}
|
||||||
if err := unix.Mount(m.Source, dest, m.Device, uintptr(m.Flags|unix.MS_REMOUNT), ""); err != nil {
|
return unix.Mount(m.Source, dest, m.Device, uintptr(m.Flags|unix.MS_REMOUNT), "")
|
||||||
return err
|
|
||||||
}
|
|
||||||
return nil
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// Do the mount operation followed by additional mounts required to take care
|
// Do the mount operation followed by additional mounts required to take care
|
||||||
|
|
|
@ -52,7 +52,7 @@ func (l *linuxStandardInit) Init() error {
|
||||||
// If keyrings aren't supported then it is likely we are on an
|
// If keyrings aren't supported then it is likely we are on an
|
||||||
// older kernel (or inside an LXC container). While we could bail,
|
// older kernel (or inside an LXC container). While we could bail,
|
||||||
// the security feature we are using here is best-effort (it only
|
// the security feature we are using here is best-effort (it only
|
||||||
// really provides marignal protection since VFS credentials are
|
// really provides marginal protection since VFS credentials are
|
||||||
// the only significant protection of keyrings).
|
// the only significant protection of keyrings).
|
||||||
//
|
//
|
||||||
// TODO(cyphar): Log this so people know what's going on, once we
|
// TODO(cyphar): Log this so people know what's going on, once we
|
||||||
|
|
|
@ -41,10 +41,7 @@ type syncT struct {
|
||||||
// writeSync is used to write to a synchronisation pipe. An error is returned
|
// writeSync is used to write to a synchronisation pipe. An error is returned
|
||||||
// if there was a problem writing the payload.
|
// if there was a problem writing the payload.
|
||||||
func writeSync(pipe io.Writer, sync syncType) error {
|
func writeSync(pipe io.Writer, sync syncType) error {
|
||||||
if err := utils.WriteJSON(pipe, syncT{sync}); err != nil {
|
return utils.WriteJSON(pipe, syncT{sync})
|
||||||
return err
|
|
||||||
}
|
|
||||||
return nil
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// readSync is used to read from a synchronisation pipe. An error is returned
|
// readSync is used to read from a synchronisation pipe. An error is returned
|
||||||
|
|
|
@ -37,8 +37,8 @@ func newNotifySocket(context *cli.Context, notifySocketHost string, id string) *
|
||||||
return notifySocket
|
return notifySocket
|
||||||
}
|
}
|
||||||
|
|
||||||
func (ns *notifySocket) Close() error {
|
func (s *notifySocket) Close() error {
|
||||||
return ns.socket.Close()
|
return s.socket.Close()
|
||||||
}
|
}
|
||||||
|
|
||||||
// If systemd is supporting sd_notify protocol, this function will add support
|
// If systemd is supporting sd_notify protocol, this function will add support
|
||||||
|
@ -66,16 +66,16 @@ func (s *notifySocket) setupSocket() error {
|
||||||
|
|
||||||
// pid1 must be set only with -d, as it is used to set the new process as the main process
|
// pid1 must be set only with -d, as it is used to set the new process as the main process
|
||||||
// for the service in systemd
|
// for the service in systemd
|
||||||
func (notifySocket *notifySocket) run(pid1 int) {
|
func (s *notifySocket) run(pid1 int) {
|
||||||
buf := make([]byte, 512)
|
buf := make([]byte, 512)
|
||||||
notifySocketHostAddr := net.UnixAddr{Name: notifySocket.host, Net: "unixgram"}
|
notifySocketHostAddr := net.UnixAddr{Name: s.host, Net: "unixgram"}
|
||||||
client, err := net.DialUnix("unixgram", nil, ¬ifySocketHostAddr)
|
client, err := net.DialUnix("unixgram", nil, ¬ifySocketHostAddr)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logrus.Error(err)
|
logrus.Error(err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
for {
|
for {
|
||||||
r, err := notifySocket.socket.Read(buf)
|
r, err := s.socket.Read(buf)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
break
|
break
|
||||||
}
|
}
|
||||||
|
|
12
pause.go
12
pause.go
|
@ -22,11 +22,7 @@ Use runc list to identiy instances of containers and their current status.`,
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
if err := container.Pause(); err != nil {
|
return container.Pause()
|
||||||
return err
|
|
||||||
}
|
|
||||||
|
|
||||||
return nil
|
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -48,10 +44,6 @@ Use runc list to identiy instances of containers and their current status.`,
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
if err := container.Resume(); err != nil {
|
return container.Resume()
|
||||||
return err
|
|
||||||
}
|
|
||||||
|
|
||||||
return nil
|
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
|
@ -69,9 +69,8 @@ func (h *signalHandler) forward(process *libcontainer.Process, tty *tty, detach
|
||||||
if detach {
|
if detach {
|
||||||
h.notifySocket.run(pid1)
|
h.notifySocket.run(pid1)
|
||||||
return 0, nil
|
return 0, nil
|
||||||
} else {
|
|
||||||
go h.notifySocket.run(0)
|
|
||||||
}
|
}
|
||||||
|
go h.notifySocket.run(0)
|
||||||
}
|
}
|
||||||
|
|
||||||
// Perform the initial tty resize. Always ignore errors resizing because
|
// Perform the initial tty resize. Always ignore errors resizing because
|
||||||
|
|
Loading…
Reference in New Issue