jasder
/
runc
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

libcontainer: RunningInUserNS() use sync.Once 

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This commit is contained in:
Sebastiaan van Stijn 2020-05-04 15:53:33 +02:00
parent 609ba79f7a
commit 9df0b5e268
No known key found for this signature in database
GPG Key ID: 76698F39D527CE8C
1 changed files with 15 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
libcontainer/system/linux.go
View File

@ -5,6 +5,7 @@ package system
import ( import (
"os" "os"
"os/exec" "os/exec"
"sync"
"unsafe" "unsafe"
"github.com/opencontainers/runc/libcontainer/user" "github.com/opencontainers/runc/libcontainer/user"
@ -86,15 +87,23 @@ func Setctty() error {
return nil return nil
} }
var (
inUserNS bool
nsOnce sync.Once
)
// RunningInUserNS detects whether we are currently running in a user namespace. // RunningInUserNS detects whether we are currently running in a user namespace.
// Originally copied from github.com/lxc/lxd/shared/util.go // Originally copied from github.com/lxc/lxd/shared/util.go
func RunningInUserNS() bool { func RunningInUserNS() bool {
uidmap, err := user.CurrentProcessUIDMap() nsOnce.Do(func() {
if err != nil { uidmap, err := user.CurrentProcessUIDMap()
// This kernel-provided file only exists if user namespaces are supported if err != nil {
return false // This kernel-provided file only exists if user namespaces are supported
} return
return UIDMapInUserNS(uidmap) }
inUserNS = UIDMapInUserNS(uidmap)
})
return inUserNS
} }
func UIDMapInUserNS(uidmap []user.IDMap) bool { func UIDMapInUserNS(uidmap []user.IDMap) bool {