From 16f939a9583f3fdb84d8e1f37257a821c75f8fc3 Mon Sep 17 00:00:00 2001
From: maebashi <maebashi@iij.ad.jp>
Date: Sun, 29 Jun 2014 19:25:10 +0900
Subject: [PATCH 1/3] fix the order of setns()

Docker-DCO-1.1-Signed-off-by: Takahiro Maebashi <maebashi@iij.ad.jp> (github: maebashi)
---
 namespaces/nsenter.go | 23 +++++++----------------
 1 file changed, 7 insertions(+), 16 deletions(-)

diff --git a/namespaces/nsenter.go b/namespaces/nsenter.go
index d5eaa271..ddc2541b 100644
--- a/namespaces/nsenter.go
+++ b/namespaces/nsenter.go
@@ -125,36 +125,27 @@ void nsenter() {
 	char ns_dir[PATH_MAX];
 	memset(ns_dir, 0, PATH_MAX);
 	snprintf(ns_dir, PATH_MAX - 1, "/proc/%d/ns/", init_pid);
-	struct dirent *dent;
-	DIR *dir = opendir(ns_dir);
-	if (dir == NULL) {
-		fprintf(stderr, "nsenter: Failed to open directory \"%s\" with error: \"%s\"\n", ns_dir, strerror(errno));
-		exit(1);
-	}
 
-	while((dent = readdir(dir)) != NULL) {
-		if(strcmp(dent->d_name, ".") == 0 || strcmp(dent->d_name, "..") == 0 || strcmp(dent->d_name, "user") == 0) {
-			continue;
-		}
-
-		// Get and open the namespace for the init we are joining..
+	char* namespaces[] = {"ipc", "uts", "net", "pid", "mnt"};
+	const int num = sizeof(namespaces) / sizeof(char*);
+	int i;
+	for (i = 0; i < num; i++) {
 		char buf[PATH_MAX];
 		memset(buf, 0, PATH_MAX);
-		snprintf(buf, PATH_MAX - 1, "%s%s", ns_dir, dent->d_name);
+		snprintf(buf, PATH_MAX - 1, "%s%s", ns_dir, namespaces[i]);
 		int fd = open(buf, O_RDONLY);
 		if (fd == -1) {
-			fprintf(stderr, "nsenter: Failed to open ns file \"%s\" for ns \"%s\" with error: \"%s\"\n", buf, dent->d_name, strerror(errno));
+			fprintf(stderr, "nsenter: Failed to open ns file \"%s\" for ns \"%s\" with error: \"%s\"\n", buf, namespaces[i], strerror(errno));
 			exit(1);
 		}
 
 		// Set the namespace.
 		if (setns(fd, 0) == -1) {
-			fprintf(stderr, "nsenter: Failed to setns for \"%s\" with error: \"%s\"\n", dent->d_name, strerror(errno));
+			fprintf(stderr, "nsenter: Failed to setns for \"%s\" with error: \"%s\"\n", namespaces[i], strerror(errno));
 			exit(1);
 		}
 		close(fd);
 	}
-	closedir(dir);
 
 	// We must fork to actually enter the PID namespace.
 	int child = fork();

From 01a7f19afe92e257b3c50f48ae41860cc39b7f2a Mon Sep 17 00:00:00 2001
From: Aleksa Sarai <cyphar@cyphar.com>
Date: Thu, 24 Jul 2014 17:34:00 +1000
Subject: [PATCH 2/3] namespaces: nsenter: ignore nonexistent namespaces

If a particular kernel doesn't have namespace directories that
libcontainer tries to attain during nsenter(), ignore the error (this is
consistent with the previous implementation of nsenter()).

Docker-DCO-1.1-Signed-off-by: Aleksa Sarai <cyphar@cyphar.com> (github: cyphar)
---
 namespaces/nsenter.go | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/namespaces/nsenter.go b/namespaces/nsenter.go
index ddc2541b..7784b9fa 100644
--- a/namespaces/nsenter.go
+++ b/namespaces/nsenter.go
@@ -135,6 +135,10 @@ void nsenter() {
 		snprintf(buf, PATH_MAX - 1, "%s%s", ns_dir, namespaces[i]);
 		int fd = open(buf, O_RDONLY);
 		if (fd == -1) {
+			// Ignore nonexistent namespaces.
+			if (errno == ENOENT)
+				continue;
+
 			fprintf(stderr, "nsenter: Failed to open ns file \"%s\" for ns \"%s\" with error: \"%s\"\n", buf, namespaces[i], strerror(errno));
 			exit(1);
 		}

From f333c5ce9b28b78944b183c32bb0917c226a533a Mon Sep 17 00:00:00 2001
From: maebashi <maebashi@iij.ad.jp>
Date: Fri, 25 Jul 2014 15:22:58 +0900
Subject: [PATCH 3/3] remove unnecessary headers

Docker-DCO-1.1-Signed-off-by: Takahiro Maebashi <maebashi@iij.ad.jp> (github: maebashi)
---
 namespaces/nsenter.go | 2 --
 1 file changed, 2 deletions(-)

diff --git a/namespaces/nsenter.go b/namespaces/nsenter.go
index 7784b9fa..c9db1def 100644
--- a/namespaces/nsenter.go
+++ b/namespaces/nsenter.go
@@ -3,7 +3,6 @@
 package namespaces
 
 /*
-#include <dirent.h>
 #include <errno.h>
 #include <fcntl.h>
 #include <linux/limits.h>
@@ -12,7 +11,6 @@ package namespaces
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
-#include <sys/stat.h>
 #include <sys/types.h>
 #include <unistd.h>
 #include <getopt.h>