Update the tests to use the test-friendly GetAdditionalGroups API,
rather than making random files for no good reason.
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
The old GetAdditionalGroups* API didn't match the rest of
libcontainer/user, we make functions that take io.Readers and then make
wrappers around them. Otherwise we have to do dodgy stuff when testing
our code.
Fixes: d4ece29c0b ("refactor GetAdditionalGroupsPath")
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
If I provide a path starting with `/` I expect that to be honored;
otherwise I have to explicitly `(cd /; /path/to/runc)`.
Signed-off-by: Colin Walters <walters@redhat.com>
This moves much of the documentation on contributing and maintainer the
codebase from the libcontainer sub directory to the root of the repo.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
1. Remove mention of nsinit (removed from the repo)
2. Make basic usage text a bit more informative; fix typo
3. Fix typo in panic() message (that should never be seen) :)
Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
A directory with a hyphen currently generates an InvalidId error because
of the regex in libcontainer. I don't believe there is any reason a
hyphen should be disallowed.
Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
A couple minor changes to error handling in startup:
1. Don't dump full help/usage text when the only problem is `runc` wasn't started under
root privileges
2. Check for rootfs and make error clear to user when it doesn't exist
3. Change fatal to logrus.Fatal to get nicer output with simple error
message
Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
Set up memory.swappiness in cgroup config so write is not attempted
unless specifically set. Fixes running runc on kernels which still have
the cgroup hierarchy write limitation.
Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
It can happen if newContainer is failed. Now test shows real error from
newContainer instead of trace.
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
Rodrigo
John Howard
Mrunal Patel
Alexander Morozov
Blake La Pierre
Aleksa Sarai
mapk0y
Michael Crosby
Alexander Morozov
Colin Walters
Phil Estes
Michael Timbrook
Doug Davis
Stephen Day
Lei Xue
Zefan Li
unclejack
David Calavera
Jake Teton-Landis