kotovalexarian-likes-github
/
moby--moby
mirror of https://github.com/moby/moby.git
1
0
Fork 0
Code Releases Activity

Skip further checks for quota in user namespaces 

Commit 7a1618ced3 regresses running Docker
in user namespaces. The new check for whether quota are supported calls
NewControl() which in turn calls makeBackingFsDev() which tries to
mknod(). Skip quota tests when we detect that we are running in a user
namespace and return ErrQuotaNotSupported to the caller. This just
restores the status quo.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
This commit is contained in:
Christian Brauner 2017-11-16 12:54:31 +01:00
parent 7c53e73253
commit 7e35df0e04
No known key found for this signature in database
GPG Key ID: 7B3C391EFEA93624
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
daemon/graphdriver/quota/projectquota.go
View File

@ -58,6 +58,7 @@ import (
"path/filepath"
"unsafe"
rsystem "github.com/opencontainers/runc/libcontainer/system"
"github.com/sirupsen/logrus"
"golang.org/x/sys/unix"
)
@ -98,6 +99,14 @@ type Control struct {
// project ids.
//
func NewControl(basePath string) (*Control, error) {
//
// If we are running in a user namespace quota won't be supported for
// now since makeBackingFsDev() will try to mknod().
//
if rsystem.RunningInUserNS() {
return nil, ErrQuotaNotSupported
}
//
// create backing filesystem device node
//