2016-03-18 14:50:19 -04:00
|
|
|
package libcontainerd
|
|
|
|
|
|
|
|
import (
|
2016-06-07 03:45:21 -04:00
|
|
|
"syscall"
|
|
|
|
|
2017-05-09 10:39:23 -04:00
|
|
|
containerd "github.com/containerd/containerd/api/grpc/types"
|
2016-08-17 12:38:34 -04:00
|
|
|
"github.com/opencontainers/runtime-spec/specs-go"
|
2017-05-23 10:22:32 -04:00
|
|
|
"golang.org/x/sys/unix"
|
2016-03-18 14:50:19 -04:00
|
|
|
)
|
|
|
|
|
|
|
|
func getRootIDs(s specs.Spec) (int, int, error) {
|
|
|
|
var hasUserns bool
|
|
|
|
for _, ns := range s.Linux.Namespaces {
|
|
|
|
if ns.Type == specs.UserNamespace {
|
|
|
|
hasUserns = true
|
|
|
|
break
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if !hasUserns {
|
|
|
|
return 0, 0, nil
|
|
|
|
}
|
|
|
|
uid := hostIDFromMap(0, s.Linux.UIDMappings)
|
|
|
|
gid := hostIDFromMap(0, s.Linux.GIDMappings)
|
|
|
|
return uid, gid, nil
|
|
|
|
}
|
|
|
|
|
2017-04-27 17:52:47 -04:00
|
|
|
func hostIDFromMap(id uint32, mp []specs.LinuxIDMapping) int {
|
2016-03-18 14:50:19 -04:00
|
|
|
for _, m := range mp {
|
|
|
|
if id >= m.ContainerID && id <= m.ContainerID+m.Size-1 {
|
|
|
|
return int(m.HostID + id - m.ContainerID)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return 0
|
|
|
|
}
|
|
|
|
|
|
|
|
func systemPid(ctr *containerd.Container) uint32 {
|
|
|
|
var pid uint32
|
|
|
|
for _, p := range ctr.Processes {
|
|
|
|
if p.Pid == InitFriendlyName {
|
|
|
|
pid = p.SystemPid
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return pid
|
|
|
|
}
|
2016-03-23 22:54:32 -04:00
|
|
|
|
2017-08-01 11:51:24 -04:00
|
|
|
func convertRlimits(sr []specs.POSIXRlimit) (cr []*containerd.Rlimit) {
|
2016-03-23 22:54:32 -04:00
|
|
|
for _, r := range sr {
|
|
|
|
cr = append(cr, &containerd.Rlimit{
|
|
|
|
Type: r.Type,
|
|
|
|
Hard: r.Hard,
|
|
|
|
Soft: r.Soft,
|
|
|
|
})
|
|
|
|
}
|
|
|
|
return
|
|
|
|
}
|
2016-06-07 03:45:21 -04:00
|
|
|
|
|
|
|
// setPDeathSig sets the parent death signal to SIGKILL
|
|
|
|
func setSysProcAttr(sid bool) *syscall.SysProcAttr {
|
|
|
|
return &syscall.SysProcAttr{
|
|
|
|
Setsid: sid,
|
2017-05-23 10:22:32 -04:00
|
|
|
Pdeathsig: unix.SIGKILL,
|
2016-06-07 03:45:21 -04:00
|
|
|
}
|
|
|
|
}
|