2019-04-10 10:59:33 -04:00
|
|
|
package specconv // import "github.com/docker/docker/rootless/specconv"
|
2018-10-15 03:52:53 -04:00
|
|
|
|
|
|
|
import (
|
|
|
|
"io/ioutil"
|
|
|
|
"strconv"
|
|
|
|
|
2019-08-05 10:37:47 -04:00
|
|
|
specs "github.com/opencontainers/runtime-spec/specs-go"
|
2018-10-15 03:52:53 -04:00
|
|
|
)
|
|
|
|
|
|
|
|
// ToRootless converts spec to be compatible with "rootless" runc.
|
|
|
|
// * Remove cgroups (will be supported in separate PR when delegation permission is configured)
|
|
|
|
// * Fix up OOMScoreAdj
|
|
|
|
func ToRootless(spec *specs.Spec) error {
|
|
|
|
return toRootless(spec, getCurrentOOMScoreAdj())
|
|
|
|
}
|
|
|
|
|
|
|
|
func getCurrentOOMScoreAdj() int {
|
|
|
|
b, err := ioutil.ReadFile("/proc/self/oom_score_adj")
|
|
|
|
if err != nil {
|
|
|
|
return 0
|
|
|
|
}
|
|
|
|
i, err := strconv.Atoi(string(b))
|
|
|
|
if err != nil {
|
|
|
|
return 0
|
|
|
|
}
|
|
|
|
return i
|
|
|
|
}
|
|
|
|
|
|
|
|
func toRootless(spec *specs.Spec, currentOOMScoreAdj int) error {
|
|
|
|
// Remove cgroup settings.
|
|
|
|
spec.Linux.Resources = nil
|
|
|
|
spec.Linux.CgroupsPath = ""
|
|
|
|
|
|
|
|
if spec.Process.OOMScoreAdj != nil && *spec.Process.OOMScoreAdj < currentOOMScoreAdj {
|
|
|
|
*spec.Process.OOMScoreAdj = currentOOMScoreAdj
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|