Commit Graph

3913 Commits

Author SHA1 Message Date
Mrunal Patel 035b57895d Merge pull request #1479 from wking/sane-terminal-for-forwarding-only
libcontainer/console_linux.go: Make SaneTerminal public
2017-06-20 11:34:33 -07:00
W. Trevor King 439eaa3584 libcontainer/system/proc: Add Stat and Stat_t
So we can extract more than the start time with a single read.

Signed-off-by: W. Trevor King <wking@tremily.us>
2017-06-14 15:28:03 -07:00
Michael Crosby c995ee407b Merge pull request #1388 from avagin/travis
travis: set go_import_path to github.com/opencontainers/runc
2017-06-12 09:11:33 -07:00
Andrei Vagin 76d87976d9 tests: remove wait_for_container from checkpoint.bats
It isn't required there, all operations what are called are synchronous.

Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
2017-06-10 02:50:45 +03:00
Andrei Vagin a541df7cb7 tests: redirect runc log message to stderr
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
2017-06-10 02:50:45 +03:00
Andrei Vagin ff0521f8e8 travis: set go_import_path to github.com/opencontainers/runc
If someone forks runc and wants to check changes in travis, he will find
that the command 'make BUILDTAGS="${BUILDTAGS}"' fails, because
github.com/opencontainers/runc/ is used in many places to import
packages (e.g. libcontainer).

Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
2017-06-10 01:15:51 +03:00
Tobias Klauser cfe87fe3e2 Use keyctl wrappers from x/sys/unix
Use KeyctlJoinSessionKeyring, KeyctlString and KeyctlSetperm from
golang.org/x/sys/unix instead of manually reimplementing them.

Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2017-06-09 15:55:18 +02:00
Kang Liang a341724c95 update READ.me for new struct configs.Config.Capabilities
Signed-off-by: Kang Liang <kangliang424@gmail.com>
2017-06-09 18:47:05 +08:00
W. Trevor King 830c0d70df libcontainer/console_linux.go: Make SaneTerminal public
And use it only in local tooling that is forwarding the pseudoterminal
master.  That way runC no longer has an opinion on the onlcr setting
for folks who are creating a terminal and detaching.  They'll use
--console-socket and can setup the pseudoterminal however they like
without runC having an opinion.  With this commit, the only cases
where runC still has applies SaneTerminal is when *it* is the process
consuming the master descriptor.

Signed-off-by: W. Trevor King <wking@tremily.us>
2017-06-07 21:32:41 -07:00
Aleksa Sarai ea35825a63
merge branch 'pr-1478'
LGTMs: @cyphar @crosbymichael
Closes #1478
2017-06-08 03:26:25 +10:00
Tobias Klauser 553016d7da Use Prctl() from x/sys/unix instead of own wrapper
Use unix.Prctl() instead of reimplemnting it as system.Prctl().

Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2017-06-07 15:03:15 +02:00
Mrunal Patel 9d6821d1b5 Merge pull request #1473 from crosbymichael/update-spec
Update spec to 239c4e44f2
2017-06-06 10:26:07 -07:00
Aleksa Sarai 3723495972
merge branch 'pr-1474'
LGTMs: @cyphar @crosbymichael
Closes #1474
2017-06-04 04:30:37 +10:00
Vladimir Stefanovic d01050e6d4 Add support for mips/mips64
Signed-off-by: Vladimir Stefanovic <vladimir.stefanovic@imgtec.com>
2017-06-02 22:30:00 +02:00
Vladimir Stefanovic 9916b7918d Put signalMap in a separate file, so it may be arch-specific
Some architectures don't have all the signals listed.
(Those architectures are mips and mips64, which don't have SIGSTKFLT
and SIGUNUSED. The next commit defines the map for mips and mips64.)

Signed-off-by: Vladimir Stefanovic <vladimir.stefanovic@imgtec.com>
2017-06-02 22:29:24 +02:00
Tobias Klauser 306b4980f7 Use NLA_* constants from x/sys/unix instead of syscall
Use the NLA_ALIGNTO and NLA_HDRLEN constants from x/sys/unix instead of
syscall, as the syscall package shouldn't be used anymore (except for a
few exceptions).

This also makes the syscall_NLA_HDRLEN workaround for gccgo unnecessary.

Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2017-06-02 10:42:11 +02:00
W. Trevor King 4f81337e95 libcontainer/specconv/spec_linux: Add support for (no)lazytime
And also silent, loud, (no)iversion, and (no)acl.  This is part of
catching runC up with the spec, which punts valid options to mount(8)
[1,2].

(no)acl is a filesystem-specific entry in mount(8), but it's
represented by a MS_* flag in mount(2) so we need an entry in the
translation table.

[1]: https://github.com/opencontainers/runtime-spec/blame/v1.0.0-rc5/config.md#L68
[2]: https://github.com/opencontainers/runtime-spec/pull/771

Signed-off-by: W. Trevor King <wking@tremily.us>
2017-06-01 20:43:35 -07:00
Michael Crosby 18f336d23b Merge pull request #1470 from tklauser/x-sys-unix-symlink-xattrs
Use symlink xattr functions from x/sys/unix
2017-06-01 18:14:19 -07:00
Michael Crosby 854b41d81e Update spec to 239c4e44f2
This provides updates to runc for the spec changes with *Process and
OOMScoreAdj

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2017-06-01 16:29:47 -07:00
Tobias Klauser d8b5c1c810 Use symlink xattr functions from x/sys/unix
Use the symlink xattr syscall wrappers Lgetxattr, Llistxattr and
Lsetxattr from x/sys/unix (introduced in
golang/sys@b90f89a1e7) instead of
providing own wrappers. Leave the functionality of system.Lgetxattr
intact with respect to the retry with a larger buffer, but switch it to
use unix.Lgetxattr.

Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2017-05-31 13:50:34 +02:00
Daniel, Dao Quang Minh a6906d5a53 Merge pull request #1467 from tklauser/readme-syscall-to-unix
Switch examples in README.md from syscall to x/sys/unix
2017-05-30 17:19:07 +01:00
Tobias Klauser b5768387c6 Switch examples in README.md from syscall to x/sys/unix
Follow commit 3d7cb4293c ("Move libcontainer to x/sys/unix") and also
move the examples in README.md from syscall to x/sys/unix.

Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2017-05-30 14:50:59 +02:00
Tobias Klauser f0ae35b9e7 vendor: bump golang.org/x/sys to b90f89a1e7a9c1f6b918820b3daa7f08488c8594
Update golang.org/x/sys to get the Lgetxattr, Llistxattr, Lremovexattr
and Lsetxattr syscall wrappers. These will be used in a successive
commit to replace the wrappers in libcontainer/system/xattr_linux.go.

Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2017-05-30 09:23:16 +02:00
Michael Crosby cf630c6ae8 Merge pull request #1464 from wking/bump-sys-unix
vendor.conf: Bump golang.org/x/sys to a55a76086885b80f79961eacb876ebd8caf3868d
2017-05-29 18:53:53 -07:00
Michael Crosby 1b8e6ecefc Merge pull request #1452 from justincormack/make-flags
Allow specification of general Go build flags and ldflags
2017-05-26 16:37:29 -07:00
W. Trevor King 75ed93de16 vendor.conf: Bump golang.org/x/sys to a55a76086885b80f79961eacb876ebd8caf3868d
With:

  $ go get -u github.com/LK4D4/vndr
  $ sed -i 's/9a7256cb28ed514b4e1e5f68959914c4c28a92e0/a55a76086885b80f79961eacb876ebd8caf3868d/' vendor.conf
  $ vndr

I'm not sure why vndr is messing with github.com/golang/protobuf, but
I assume it knows what it's doing.

The x/sys bumps to master, but I need it for MS_LAZYTIME (added in
github.com/golang/sys@ea9bcade75, unix: generate all Linux go files
from source, 2017-03-08).

Signed-off-by: W. Trevor King <wking@tremily.us>
2017-05-26 10:03:08 -07:00
Daniel, Dao Quang Minh 67bd2ab554 Merge pull request #1442 from clnperez/libcontainer-sys-unix
Move libcontainer to x/sys/unix
2017-05-26 12:18:33 +01:00
Qiang Huang d7c264aaf1 Merge pull request #1239 from moypray/cgroup
Fix setup cgroup before prestart hook
2017-05-26 09:22:49 +08:00
Michael Crosby 18cd7e06f7 Merge pull request #1372 from cloudfoundry-incubator/cpuset-mount-root
Handle container creation when cgroups have already been mounted in another location
2017-05-25 09:53:57 -07:00
Christy Perez 9ed7e9b176 shfmt'ing files
Signed-off-by: Christy Perez <christy@linux.vnet.ibm.com>
2017-05-24 16:43:08 -05:00
Christy Perez 187d2d85be Moving the rest of runc to x/sys/unix
Signed-off-by: Christy Perez <christy@linux.vnet.ibm.com>
2017-05-22 17:36:02 -05:00
Christy Perez 3d7cb4293c Move libcontainer to x/sys/unix
Since syscall is outdated and broken for some architectures,
use x/sys/unix instead.

There are still some dependencies on the syscall package that will
remain in syscall for the forseeable future:

Errno
Signal
SysProcAttr

Additionally:
- os still uses syscall, so it needs to be kept for anything
returning *os.ProcessState, such as process.Wait.

Signed-off-by: Christy Perez <christy@linux.vnet.ibm.com>
2017-05-22 17:35:20 -05:00
Justin Cormack 7e3934a339 Allow specification of general Go build flags and ldflags
This is needed if you need to customise the build config for a given platform.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-05-19 11:24:03 +01:00
Wentao Zhang 09c1f5c055 Fix setup cgroup before prestart hook
* User Case:
User could use prestart hook to add block devices to container. so the
hook should have a way to set the permissions of the devices.

Just move cgroup config operation before prestart hook will work.

Signed-off-by: Wentao Zhang <zhangwentao234@huawei.com>
2017-05-19 17:53:43 +08:00
Mrunal Patel 639454475c Merge pull request #1355 from avagin/cr-console
Dump and restore containers with external terminals
2017-05-18 11:22:52 -07:00
Michael Crosby 9a827e90d2 Merge pull request #1451 from runcom/force-delete-not-exists
Ignore error when force deleting a non-existing container
2017-05-18 09:44:26 -07:00
Antonio Murdaca d1a743674a
Ignore error when force deleting a non-existing container
This patch mimics the behavior of "rm -rf" so that if a container
doesn't exist and you force delete it, it won't error out.

Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-05-16 22:23:00 +02:00
Valentin Rothberg 77421139ab libcontainer/user: add supplementary groups only for non-numeric users
Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
2017-05-16 13:54:27 +02:00
Michael Crosby c1287819af Merge pull request #1447 from justincormack/unix-linux
Clean up unix vs linux usage
2017-05-12 10:25:45 -07:00
Justin Cormack 4c67360296 Clean up unix vs linux usage
FreeBSD does not support cgroups or namespaces, which the code suggested, and is not supported
in runc anyway right now. So clean up the file naming to use `_linux` where appropriate.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-05-12 17:22:09 +01:00
Qiang Huang 21ef2e3d12 Merge pull request #1410 from chchliang/statustest
add createdState and runningState status testcase
2017-05-12 16:17:17 +08:00
Michael Crosby 2daa11574b Merge pull request #1438 from hqhq/fix_rootfs_comments
Fix comments about when to pivot_root
2017-05-05 20:15:49 -07:00
Qiang Huang 96e0df7633 Fix comments about when to pivot_root
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
2017-05-06 07:59:03 +08:00
Daniel, Dao Quang Minh d37c558a43 Merge pull request #1433 from avagin/wait_for_container
tests: don't call wait_for_container after synchronous operations
2017-05-05 10:40:20 -05:00
Daniel, Dao Quang Minh 7ffea268d3 Merge pull request #1435 from harche/id_regex
Issue #1429 : Removing check for id string length
2017-05-04 15:45:02 -05:00
Michael Crosby c6fdde7cd1 Merge pull request #1436 from sak0/dev
update man page for `runc  update`
2017-05-04 10:18:36 -07:00
CuiHaozhi da49d3a74c update manpages for `runc update`
Signed-off-by: CuiHaozhi <cuihz@wise2c.com>
2017-05-04 07:41:08 -04:00
Harshal Patil 700c74cb7e Issue #1429 : Removing check for id string length
Signed-off-by: Harshal Patil <harshal.patil@in.ibm.com>
2017-05-04 09:21:29 +05:30
Mrunal Patel 992a5be178 Merge pull request #1428 from harche/dedupe_ns_array
Remove redundant declaration of namespace slice
2017-05-03 08:31:27 -07:00
Andrei Vagin a9e15e7e07 criu: check that stdout, stdin pipes are restore correctly
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
2017-05-03 00:55:24 +03:00