kotovalexarian-likes-github/moby--moby
1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00
Code Releases Activity

Merge pull request #40931 from AkihiroSuda/rootless-requires-slirp4netns-040

Browse source 
dockerd-rootless.sh: bump up slirp4netns requirement to v0.4.0
This commit is contained in:
Akihiro Suda 2020-05-13 12:19:16 +09:00 committed by GitHub
commit 4e102ab1f0
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
contrib/dockerd-rootless.sh
View file

@ -6,7 +6,7 @@
# External dependencies: # External dependencies:
# * newuidmap and newgidmap needs to be installed. # * newuidmap and newgidmap needs to be installed.
# * /etc/subuid and /etc/subgid needs to be configured for the current user. # * /etc/subuid and /etc/subgid needs to be configured for the current user.
# * Either one of slirp4netns (v0.3+), VPNKit, lxc-user-nic needs to be installed. # * Either one of slirp4netns (>= v0.4.0), VPNKit, lxc-user-nic needs to be installed.
# slirp4netns is used by default if installed. Otherwise fallsback to VPNKit. # slirp4netns is used by default if installed. Otherwise fallsback to VPNKit.
# The default value can be overridden with $DOCKERD_ROOTLESS_ROOTLESSKIT_NET=(slirp4netns|vpnkit|lxc-user-nic) # The default value can be overridden with $DOCKERD_ROOTLESS_ROOTLESSKIT_NET=(slirp4netns|vpnkit|lxc-user-nic)
# #
@ -36,27 +36,27 @@ fi
: "${DOCKERD_ROOTLESS_ROOTLESSKIT_NET:=}" : "${DOCKERD_ROOTLESS_ROOTLESSKIT_NET:=}"
: "${DOCKERD_ROOTLESS_ROOTLESSKIT_MTU:=}" : "${DOCKERD_ROOTLESS_ROOTLESSKIT_MTU:=}"
# if slirp4netns v0.4.0+ is installed, slirp4netns is hardened using sandbox (mount namespace) and seccomp
: "${DOCKERD_ROOTLESS_ROOTLESSKIT_SLIRP4NETNS_SANDBOX:=auto}" : "${DOCKERD_ROOTLESS_ROOTLESSKIT_SLIRP4NETNS_SANDBOX:=auto}"
: "${DOCKERD_ROOTLESS_ROOTLESSKIT_SLIRP4NETNS_SECCOMP:=auto}" : "${DOCKERD_ROOTLESS_ROOTLESSKIT_SLIRP4NETNS_SECCOMP:=auto}"
net=$DOCKERD_ROOTLESS_ROOTLESSKIT_NET net=$DOCKERD_ROOTLESS_ROOTLESSKIT_NET
mtu=$DOCKERD_ROOTLESS_ROOTLESSKIT_MTU mtu=$DOCKERD_ROOTLESS_ROOTLESSKIT_MTU
if [ -z $net ]; then if [ -z $net ]; then
if which slirp4netns > /dev/null 2>&1; then if which slirp4netns > /dev/null 2>&1; then
if slirp4netns --help | grep -- --disable-host-loopback; then # If --netns-type is present in --help, slirp4netns is >= v0.4.0.
if slirp4netns --help | grep -qw -- --netns-type; then
net=slirp4netns net=slirp4netns
if [ -z $mtu ]; then if [ -z $mtu ]; then
mtu=65520 mtu=65520
fi fi
else else
echo "slirp4netns does not support --disable-host-loopback. Falling back to VPNKit." echo "slirp4netns found but seems older than v0.4.0. Falling back to VPNKit."
fi fi
fi fi
if [ -z $net ]; then if [ -z $net ]; then
if which vpnkit > /dev/null 2>&1; then if which vpnkit > /dev/null 2>&1; then
net=vpnkit net=vpnkit
else else
echo "Either slirp4netns (v0.3+) or vpnkit needs to be installed" echo "Either slirp4netns (>= v0.4.0) or vpnkit needs to be installed"
exit 1 exit 1
fi fi
fi fi