kotovalexarian-likes-github/moby--moby
1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00
Code Releases Activity

pkg/sysinfo: use containerd/sys to detect UserNamespaces

Browse source 
The implementation in libcontainer/system is quite complicated,
and we only use it to detect if user-namespaces are enabled.

In addition, the implementation in containerd uses a sync.Once,
so that detection (and reading/parsing `/proc/self/uid_map`) is
only performed once.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This commit is contained in:
Sebastiaan van Stijn 2020-06-15 13:07:48 +02:00
parent 9ff990a2b9
commit 66bb1c4644
No known key found for this signature in database
GPG key ID: 76698F39D527CE8C
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
pkg/sysinfo/cgroup2_linux.go
View file

@ -6,7 +6,7 @@ import (
"strings"
cgroupsV2 "github.com/containerd/cgroups/v2"
rsystem "github.com/opencontainers/runc/libcontainer/system"
"github.com/containerd/containerd/sys"
"github.com/sirupsen/logrus"
)
@ -146,6 +146,6 @@ func applyPIDSCgroupInfoV2(info *SysInfo, controllers map[string]struct{}, _ str
}
func applyDevicesCgroupInfoV2(info *SysInfo, controllers map[string]struct{}, _ string) []string {
info.CgroupDevicesEnabled = !rsystem.RunningInUserNS()
info.CgroupDevicesEnabled = !sys.RunningInUserNS()
return nil
}