Fixed some typos and tried to make comments read better.
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
This commit is contained in:
parent
2990f254f0
commit
a1d509759b
|
@ -168,7 +168,7 @@ func (c *linuxContainer) newInitProcess(p *Process, cmd *exec.Cmd, parentPipe, c
|
||||||
cloneFlags := c.config.Namespaces.CloneFlags()
|
cloneFlags := c.config.Namespaces.CloneFlags()
|
||||||
if cloneFlags&syscall.CLONE_NEWUSER != 0 {
|
if cloneFlags&syscall.CLONE_NEWUSER != 0 {
|
||||||
if err := c.addUidGidMappings(cmd.SysProcAttr); err != nil {
|
if err := c.addUidGidMappings(cmd.SysProcAttr); err != nil {
|
||||||
// mappings is not supported
|
// user mappings are not supported
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
// Default to root user when user namespaces are enabled.
|
// Default to root user when user namespaces are enabled.
|
||||||
|
|
|
@ -40,7 +40,7 @@ type network struct {
|
||||||
TempVethPeerName string `json:"temp_veth_peer_name"`
|
TempVethPeerName string `json:"temp_veth_peer_name"`
|
||||||
}
|
}
|
||||||
|
|
||||||
// Process is used for transferring parameters from Exec() to Init()
|
// initConfig is used for transferring parameters from Exec() to Init()
|
||||||
type initConfig struct {
|
type initConfig struct {
|
||||||
Args []string `json:"args"`
|
Args []string `json:"args"`
|
||||||
Env []string `json:"env"`
|
Env []string `json:"env"`
|
||||||
|
@ -99,7 +99,7 @@ func populateProcessEnvironment(env []string) error {
|
||||||
}
|
}
|
||||||
|
|
||||||
// finalizeNamespace drops the caps, sets the correct user
|
// finalizeNamespace drops the caps, sets the correct user
|
||||||
// and working dir, and closes any leaky file descriptors
|
// and working dir, and closes any leaked file descriptors
|
||||||
// before execing the command inside the namespace
|
// before execing the command inside the namespace
|
||||||
func finalizeNamespace(config *initConfig) error {
|
func finalizeNamespace(config *initConfig) error {
|
||||||
// Ensure that all non-standard fds we may have accidentally
|
// Ensure that all non-standard fds we may have accidentally
|
||||||
|
@ -229,7 +229,7 @@ func setupRlimits(config *configs.Config) error {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// killCgroupProcesses freezes then itterates over all the processes inside the
|
// killCgroupProcesses freezes then iterates over all the processes inside the
|
||||||
// manager's cgroups sending a SIGKILL to each process then waiting for them to
|
// manager's cgroups sending a SIGKILL to each process then waiting for them to
|
||||||
// exit.
|
// exit.
|
||||||
func killCgroupProcesses(m cgroups.Manager) error {
|
func killCgroupProcesses(m cgroups.Manager) error {
|
||||||
|
|
|
@ -98,7 +98,7 @@ func (l *loopback) initialize(config *network) error {
|
||||||
}
|
}
|
||||||
|
|
||||||
// veth is a network strategy that uses a bridge and creates
|
// veth is a network strategy that uses a bridge and creates
|
||||||
// a veth pair, one that stays outside on the host and the other
|
// a veth pair, one that is attached to the bridge on the host and the other
|
||||||
// is placed inside the container's namespace
|
// is placed inside the container's namespace
|
||||||
type veth struct {
|
type veth struct {
|
||||||
}
|
}
|
||||||
|
|
|
@ -161,8 +161,8 @@ func setupDevSymlinks(rootfs string) error {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// Is stdin, stdout or stderr were to be pointing to '/dev/null',
|
// If stdin, stdout or stderr are pointing to '/dev/null' in the global mount namespace,
|
||||||
// this method will make them point to '/dev/null' from within this namespace.
|
// this method will make them point to '/dev/null' in this namespace.
|
||||||
func reOpenDevNull(rootfs string) error {
|
func reOpenDevNull(rootfs string) error {
|
||||||
var stat, devNullStat syscall.Stat_t
|
var stat, devNullStat syscall.Stat_t
|
||||||
file, err := os.Open(filepath.Join(rootfs, "/dev/null"))
|
file, err := os.Open(filepath.Join(rootfs, "/dev/null"))
|
||||||
|
|
Loading…
Reference in New Issue