Since the caller of os.Lstat in devices.go is a function (not a method),
we use a variable to allow os.Lstat to be substituted during testing.
In this case the variable osLstat is private to the devices package to
prevent abuse. So the testcase needs to reside in the same package.
This commit includes a simple test of GetDevices() using osLstat to
simulate an error being returned from os.Lstat. In this case, the
behaviour of GetDevices() in the error case is trivial, but this may
change.
This is just the beginning of error injection. In future, it may be
necessary to pull out repetitive code sequences into a common file.
Signed-off-by: Steve Powell <spowell@pivotal.io>
This also makes sure that devices are pointers to avoid copies
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
We now have one place that keeps track of (most) devices that are allowed and created within the container. That place is pkg/libcontainer/devices/devices.go
This fixes several inconsistencies between which devices were created in the lxc backend and the native backend. It also fixes inconsistencies between wich devices were created and which were allowed. For example, /dev/full was being created but it was not allowed within the cgroup. It also declares the file modes and permissions of the default devices, rather than copying them from the host. This is in line with docker's philosphy of not being host dependent.
Docker-DCO-1.1-Signed-off-by: Timothy Hobbs <timothyhobbs@seznam.cz> (github: https://github.com/timthelion)
Steve Powell
Michael Crosby
Michael Crosby
Michael Crosby
Timothy Hobbs