mirror of
https://github.com/moby/moby.git
synced 2022-11-09 12:21:53 -05:00
Update libcontainer to 68ea1234a0b046803aacb2562df
Signed-off-by: Michael Crosby <michael@docker.com>
This commit is contained in:
parent
d48492a12e
commit
22f373aeda
6 changed files with 7 additions and 5 deletions
|
@ -63,4 +63,4 @@ mv tmp-tar src/code.google.com/p/go/src/pkg/archive/tar
|
||||||
|
|
||||||
clone git github.com/godbus/dbus v1
|
clone git github.com/godbus/dbus v1
|
||||||
clone git github.com/coreos/go-systemd v2
|
clone git github.com/coreos/go-systemd v2
|
||||||
clone git github.com/docker/libcontainer bc06326a5e7decdc4191d1367de8439b9d83c450
|
clone git github.com/docker/libcontainer 68ea1234a0b046803aacb2562df0da12eec2b2f9
|
||||||
|
|
|
@ -133,7 +133,7 @@ func DefaultCreateCommand(container *libcontainer.Config, console, rootfs, dataP
|
||||||
}
|
}
|
||||||
*/
|
*/
|
||||||
|
|
||||||
command := exec.Command(init, append([]string{"init"}, args...)...)
|
command := exec.Command(init, append([]string{"init", "--"}, args...)...)
|
||||||
// make sure the process is executed inside the context of the rootfs
|
// make sure the process is executed inside the context of the rootfs
|
||||||
command.Dir = rootfs
|
command.Dir = rootfs
|
||||||
command.Env = append(os.Environ(), env...)
|
command.Env = append(os.Environ(), env...)
|
||||||
|
|
|
@ -5,7 +5,6 @@ package namespaces
|
||||||
import (
|
import (
|
||||||
"fmt"
|
"fmt"
|
||||||
"os"
|
"os"
|
||||||
"runtime"
|
|
||||||
"strings"
|
"strings"
|
||||||
"syscall"
|
"syscall"
|
||||||
|
|
||||||
|
@ -28,6 +27,8 @@ import (
|
||||||
// Move this to libcontainer package.
|
// Move this to libcontainer package.
|
||||||
// Init is the init process that first runs inside a new namespace to setup mounts, users, networking,
|
// Init is the init process that first runs inside a new namespace to setup mounts, users, networking,
|
||||||
// and other options required for the new container.
|
// and other options required for the new container.
|
||||||
|
// The caller of Init function has to ensure that the go runtime is locked to an OS thread
|
||||||
|
// (using runtime.LockOSThread) else system calls like setns called within Init may not work as intended.
|
||||||
func Init(container *libcontainer.Config, uncleanRootfs, consolePath string, syncPipe *syncpipe.SyncPipe, args []string) (err error) {
|
func Init(container *libcontainer.Config, uncleanRootfs, consolePath string, syncPipe *syncpipe.SyncPipe, args []string) (err error) {
|
||||||
defer func() {
|
defer func() {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -87,8 +88,6 @@ func Init(container *libcontainer.Config, uncleanRootfs, consolePath string, syn
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
runtime.LockOSThread()
|
|
||||||
|
|
||||||
if err := apparmor.ApplyProfile(container.AppArmorProfile); err != nil {
|
if err := apparmor.ApplyProfile(container.AppArmorProfile); err != nil {
|
||||||
return fmt.Errorf("set apparmor profile %s: %s", container.AppArmorProfile, err)
|
return fmt.Errorf("set apparmor profile %s: %s", container.AppArmorProfile, err)
|
||||||
}
|
}
|
||||||
|
|
|
@ -3,6 +3,7 @@ package nsinit
|
||||||
import (
|
import (
|
||||||
"log"
|
"log"
|
||||||
"os"
|
"os"
|
||||||
|
"runtime"
|
||||||
"strconv"
|
"strconv"
|
||||||
|
|
||||||
"github.com/codegangsta/cli"
|
"github.com/codegangsta/cli"
|
||||||
|
@ -23,6 +24,8 @@ var (
|
||||||
)
|
)
|
||||||
|
|
||||||
func initAction(context *cli.Context) {
|
func initAction(context *cli.Context) {
|
||||||
|
runtime.LockOSThread()
|
||||||
|
|
||||||
container, err := loadContainer()
|
container, err := loadContainer()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Fatal(err)
|
log.Fatal(err)
|
||||||
|
|
Loading…
Add table
Reference in a new issue