kotovalexarian-likes-github/moby--moby
1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00
Code Releases Activity

make --device works at privileged mode

Browse source 
Signed-off-by: wenlxie <wenlxie@ebay.com>
This commit is contained in:
wenlxie 2018-02-09 16:03:08 +08:00 committed by Akhil Mohan
parent 3ce9258447
commit 03b3ec1dd5
No known key found for this signature in database
GPG key ID: 391F159C7531BD86
2 changed files with 17 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
daemon/container.go
View file

@ -275,6 +275,22 @@ func validateHostConfig(hostConfig *containertypes.HostConfig, platform string)
if hostConfig == nil {
return nil
}
if hostConfig.Privileged {
for _, deviceMapping := range hostConfig.Devices {
if deviceMapping.PathOnHost == deviceMapping.PathInContainer {
continue
}
if _, err := os.Stat(deviceMapping.PathInContainer); err != nil {
if os.IsNotExist(err) {
continue
}
return errors.Wrap(err, "error stating device path in container")
}
return errors.Errorf("container device path: %s must be different from any host device path for privileged mode containers", deviceMapping.PathInContainer)
}
}
if hostConfig.AutoRemove && !hostConfig.RestartPolicy.IsNone() {
return errors.Errorf("can't create 'AutoRemove' container with restart policy")
}

1
daemon/oci_linux.go
View file

@ -16,6 +16,7 @@ import (
containertypes "github.com/docker/docker/api/types/container"
"github.com/docker/docker/container"
daemonconfig "github.com/docker/docker/daemon/config"
"github.com/docker/docker/errdefs"
"github.com/docker/docker/oci"
"github.com/docker/docker/oci/caps"
"github.com/docker/docker/pkg/idtools"