jasder
/
runc
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
3,136 Commits 5 Branches 25 Tags 17 MiB
Commit Graph

16 Commits

Author SHA1 Message Date
Samuel Ortiz f19aa2d04d
validate: Check that the given namespace path is a symlink 
When checking if the provided networking namespace is the host
one or not, we should first check if it's a symbolic link or not
as in some cases we can use persistent networking namespace under
e.g. /var/run/netns/.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
 2016-12-10 11:14:49 +01:00
Qiang Huang 81d6088c8f Unify rootfs validation 
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
 2016-10-29 10:31:44 +08:00
Aleksa Sarai 1ab3c035d2
validator: actually test success 
Previously we only tested failures, which causes us to miss issues where
setting sysctls would *always* fail.

Signed-off-by: Aleksa Sarai <asarai@suse.de>
 2016-10-26 23:07:57 +11:00
Aleksa Sarai 2a94c3651b
validator: unbreak sysctl net.* validation 
When changing this validation, the code actually allowing the validation
to pass was removed. This meant that any net.* sysctl would always fail
to validate.

Fixes: bc84f83344 ("fix docker/docker#27484")
Reported-by: Justin Cormack <justin.cormack@docker.com>
Signed-off-by: Aleksa Sarai <asarai@suse.de>
 2016-10-26 22:58:51 +11:00
Ce Gao 41c35810f2 add test cases about host ns 
Signed-off-by: Ce Gao <ce.gao@outlook.com>
 2016-10-22 11:31:15 +08:00
Ce Gao bc84f83344 fix docker/docker#27484 
Signed-off-by: Ce Gao <ce.gao@outlook.com>
 2016-10-22 11:22:52 +08:00
Zhao Lei bac8b4f0b4 UNITTEST: Bypass userns test on platform without userns support 
We should bypass userns test instead of show fail in platform
without userns support.

Signed-off-by: Zhao Lei <zhaolei@cn.fujitsu.com>
 2016-07-25 15:35:04 +08:00
Aleksa Sarai 399175c227 Merge pull request #679 from rajasec/selinux-errorcheck 
Adding selinux check during container start
 2016-04-24 16:24:26 +00:00
rajasec 733ff99f6d Updating kcore in validator test 
Signed-off-by: rajasec <rajasec79@gmail.com>
 2016-04-21 15:29:19 +05:30
rajasec d0bf80e481 Adding selinux check during container start 
Signed-off-by: rajasec <rajasec79@gmail.com>

Fixed review comments and rebased

Signed-off-by: rajasec <rajasec79@gmail.com>

updated the message as per review comment

Signed-off-by: Rajasekaran <rajasec79@gmail.com>
 2016-04-19 22:22:04 +05:30
Mrunal Patel 5640330693 Fix for runc failing when rootfs has a traling slash 
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
 2016-04-11 09:50:28 -07:00
Alberto Leal dca2d12760 Add unit tests for validate.Validator 
Signed-off-by: Alberto Leal <albertonb@gmail.com>
 2016-04-06 11:18:11 +01:00
Dan Walsh d2a39ea043 Return a more meaningful error when namespaces are disabled 
Signed-off-by: Dan Walsh <dwalsh@redhat.com>
 2016-03-30 16:16:24 -04:00
Mrunal Patel f7d1401a69 Add validation for sysctl 
/proc/sys isn't completely namespaced and only some properties are allowed
per linux namespace.

Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
 2015-09-25 14:04:18 -04:00
Michael Crosby 080df7ab88 Update import paths for new repository 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-06-21 19:29:59 -07:00
Michael Crosby 8f97d39dd2 Move libcontainer into subdirectory 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-06-21 19:29:15 -07:00