This adds an `--no-new-keyring` flag to run and create so that a new
session keyring is not created for the container and the calling
processes keyring is inherited.
Fixes#818
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
When any non-global-flag parameter appears on the command line make sure
there's a "command" even in the 'start' (run) case to ensure its not
ambiguous as to what the arg is. For example, w/o this fix its not
clear if
runc foo
means 'foo' is the name of a config file or an unknown command. Or worse,
you can't name a config file the same a ANY command, even future (yet to
be created) commands.
We should fix this now before we ship 1.0 and are forced to support this
ambiguous case for a long time.
Signed-off-by: Doug Davis <dug@us.ibm.com>
Without this, multiple runc containers can accidentally share the same cgroup(s)
(and change each other's limits), when runc is invoked from the same directory
(i.e.: same cwd on multiple runc executions).
After these changes, each runc container will run on its own cgroup(s). Before,
the only workaround was to invoke runc from an unique (temporary?) cwd for each
container.
Common cgroup configuration (and hierarchical limits) can be set by having
multiple runc containers share the same cgroup parent, which is the cgroup of
the process executing runc.
Signed-off-by: Fabio Kung <fabio.kung@gmail.com>
Should compile now without errors but changes needed to be added for each system so it actually works.
main_unsupported.go is a new file with all the unsupported commands
Fixes#9
Signed-off-by: Marianna <mtesselh@gmail.com>
This removes the Processes slice and only allows for one process of the
container. It also renames TTY to Terminal for a cross platform
meaning.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
A couple minor changes to error handling in startup:
1. Don't dump full help/usage text when the only problem is `runc` wasn't started under
root privileges
2. Check for rootfs and make error clear to user when it doesn't exist
3. Change fatal to logrus.Fatal to get nicer output with simple error
message
Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
Aleksa Sarai
Mrunal Patel
Michael Crosby
Doug Davis
Fabio Kung
Shishir Mahajan
Jin-Hwan Jeong
Marianna
Phil Estes