Commit Graph

6 Commits

Author SHA1 Message Date
Steve Powell 67e4c76c16 Inject errors into ioutil.ReadDir calls from devices.go
Added ioutilReadDir variable and test following the pattern
established by osLstat.

Signed-off-by: Steve Powell <spowell@pivotal.io>
2014-09-04 17:00:09 -07:00
Steve Powell 28e964bac6 Inject errors into os.Lstat call from devices.go
Since the caller of os.Lstat in devices.go is a function (not a method),
we use a variable to allow os.Lstat to be substituted during testing.

In this case the variable osLstat is private to the devices package to
prevent abuse. So the testcase needs to reside in the same package.

This commit includes a simple test of GetDevices() using osLstat to
simulate an error being returned from os.Lstat. In this case, the
behaviour of GetDevices() in the error case is trivial, but this may
change.

This is just the beginning of error injection. In future, it may be
necessary to pull out repetitive code sequences into a common file.

Signed-off-by: Steve Powell <spowell@pivotal.io>
2014-09-04 16:34:51 -07:00
Michael Crosby 55f3560c3e Get UID and GID for device nodes
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2014-09-01 17:29:50 -07:00
Michael Crosby bbb502c8db Use lstat to check device symlinks
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@docker.com> (github: crosbymichael)
2014-06-16 14:51:02 -07:00
Michael Crosby c2a80eb59f Ensure all dev nodes are copied for privileged
This also makes sure that devices are pointers to avoid copies
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
2014-05-30 18:39:11 -07:00
Timothy Hobbs 18f6a5aaf4 Refactor device handling code
We now have one place that keeps track of (most) devices that are allowed and created within the container.  That place is pkg/libcontainer/devices/devices.go

This fixes several inconsistencies between which devices were created in the lxc backend and the native backend.  It also fixes inconsistencies between wich devices were created and which were allowed.  For example, /dev/full was being created but it was not allowed within the cgroup.  It also declares the file modes and permissions of the default devices, rather than copying them from the host.  This is in line with docker's philosphy of not being host dependent.

Docker-DCO-1.1-Signed-off-by: Timothy Hobbs <timothyhobbs@seznam.cz> (github: https://github.com/timthelion)
2014-05-30 19:21:29 +00:00