Use nsinit for setting up namespace

Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
This commit is contained in:
Michael Crosby 2014-02-19 10:44:29 -08:00
parent d2612d7018
commit 4c6b5ff1e0
4 changed files with 17 additions and 2 deletions

View File

@ -32,6 +32,7 @@ func init() {
func nsinitFunc(container *libcontainer.Container) error { func nsinitFunc(container *libcontainer.Container) error {
container.Master = uintptr(masterFd) container.Master = uintptr(masterFd)
container.Console = console container.Console = console
container.LogFile = "/root/logs"
return nsinit.InitNamespace(container) return nsinit.InitNamespace(container)
} }

View File

@ -13,6 +13,7 @@ type Container struct {
Capabilities Capabilities `json:"capabilities,omitempty"` Capabilities Capabilities `json:"capabilities,omitempty"`
Master uintptr `json:"master"` Master uintptr `json:"master"`
Console string `json:"console"` Console string `json:"console"`
LogFile string `json:"log_file"`
} }
type Command struct { type Command struct {

View File

@ -44,9 +44,10 @@ func ExecContainer(container *libcontainer.Container) (pid int, err error) {
// we need CLONE_VFORK so we can wait on the child // we need CLONE_VFORK so we can wait on the child
flag := uintptr(getNamespaceFlags(container.Namespaces) | CLONE_VFORK) flag := uintptr(getNamespaceFlags(container.Namespaces) | CLONE_VFORK)
command := exec.Command(nsinit, "init", "-master", strconv.Itoa(int(master.Fd())), "-console", console) command := exec.Command(nsinit, "-master", strconv.Itoa(int(master.Fd())), "-console", console, "init")
command.SysProcAttr = &syscall.SysProcAttr{} command.SysProcAttr = &syscall.SysProcAttr{}
command.SysProcAttr.Cloneflags = flag command.SysProcAttr.Cloneflags = flag
command.ExtraFiles = []*os.File{master}
// command.SysProcAttr.Setctty = true // command.SysProcAttr.Setctty = true
if err := command.Start(); err != nil { if err := command.Start(); err != nil {
@ -64,7 +65,6 @@ func ExecContainer(container *libcontainer.Container) (pid int, err error) {
log.Println(err) log.Println(err)
} }
}() }()
command.Wait()
return pid, nil return pid, nil
} }

View File

@ -14,6 +14,10 @@ import (
// InitNamespace should be run inside an existing namespace to setup // InitNamespace should be run inside an existing namespace to setup
// common mounts, drop capabilities, and setup network interfaces // common mounts, drop capabilities, and setup network interfaces
func InitNamespace(container *libcontainer.Container) error { func InitNamespace(container *libcontainer.Container) error {
if err := setLogFile(container); err != nil {
return err
}
rootfs, err := resolveRootfs(container) rootfs, err := resolveRootfs(container)
if err != nil { if err != nil {
return err return err
@ -138,3 +142,12 @@ func openTerminal(name string, flag int) (*os.File, error) {
} }
return os.NewFile(uintptr(r), name), nil return os.NewFile(uintptr(r), name), nil
} }
func setLogFile(container *libcontainer.Container) error {
f, err := os.OpenFile(container.LogFile, os.O_CREATE|os.O_RDWR|os.O_APPEND, 0655)
if err != nil {
return err
}
log.SetOutput(f)
return nil
}