jasder
/
runc
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
1,413 Commits 5 Branches 25 Tags 17 MiB
Commit Graph

13 Commits

Author SHA1 Message Date
Mrunal Patel ab3d3ce15e Only try to get AdditionalGroups if they are configured. 
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
 2015-06-12 13:20:44 -04:00
Mrunal Patel 429752a69d Lookup additional groups in the container. 
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
 2015-06-09 23:11:25 -04:00
Michael Crosby 5edcda910e Improve seccomp API 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>

Conflicts:
	configs/config.go
	container_linux.go
	seccomp/seccomp.go
	seccomp/seccomp.test
 2015-06-05 11:21:40 -07:00
yangshukui 12a41c825d seccomp surport filter args 
1. add args surport for seccomp
    2. add CLONE_SECCOMP flag for preventing seccomp feature
Signed-off-by: Yang Shukui <yangshukui@huawei.com>
 2015-06-05 11:21:40 -07:00
yangshukui 02e05e0884 Add seccomp feature 
add seccomp feature which is not use third-party
add multi arch surport
add test case
all code use golang

this pr is relate to #511 because I close it and find it can not be reopen

Signed-off-by: Yang Shukui <yangshukui@huawei.com>
 2015-06-05 11:21:40 -07:00
Qiang Huang e5a7aad7eb Replace aliased imports of logrus 
Docker already did this: https://github.com/docker/docker/issues/11762
libcontainer should also do it.

Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
 2015-05-06 21:14:04 +08:00
Michael Crosby 570eed473b Move childPipe to the end of FD set 
This adds a new env var for identifying the internal sync pipe that
libcontainer uses to sync with the container and parent process.  This
replaces #496 to allow the user to add additional files to the processes
and not take over fd 3 for all containers.

Closes #496

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-04-08 14:14:51 -07:00
Jörg Thalheim 708b25e61e add option to pass additional fds to container process 
This can be usefull to implement socket activated containers for example.

Signed-off-by: Jörg Thalheim <joerg@higgsboson.tk>
 2015-04-08 13:56:03 -07:00
Michael Crosby 46132cebcf Fix pdeathsig and ppid for supervisor running as pid1 
For some reason when the supervisor of a container is PID1 the parent
death signal was being delivered to the container's init process even if
it did not die.  Also the ppid() will return 1 for a container running
in the pid namespace of it's parent and the parent is pid1.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-04-02 13:55:55 -07:00
Mrunal Patel ca73d7aede Pass down process Capabilities and apply them if present. 
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
 2015-03-25 15:40:32 -04:00
Lei Jitang a4f2e1e187 Fix minor typo in init_linux.go 
Signed-off-by: Lei Jitang <leijitang@huawei.com>
 2015-03-25 14:58:22 +08:00
Alexander Morozov 8d0b06257b Move tty configuration to Process 
Now you need to call Process.NewConsole to setup console for process

Signed-off-by: Alexander Morozov <lk4d4@docker.com>
 2015-02-25 15:04:43 -08:00
Alexander Morozov a1c3e0db94 Change os-prefix file naming to standard postfix naming 
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
 2015-02-23 10:41:26 -08:00