kotovalexarian-likes-github/moby--moby
1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00
Code Releases Activity

Adds support for specifying additional groups.

Browse source 
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
This commit is contained in:
Mrunal Patel 2015-06-17 14:39:17 -04:00
parent 4ef67b79bc
commit e0d96fb3ef
5 changed files with 11 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
daemon/container_unix.go
View file

@ -301,6 +301,10 @@ func populateCommand(c *Container, env []string) error {
AutoCreatedDevices: autoCreatedDevices,
CapAdd: c.hostConfig.CapAdd.Slice(),
CapDrop: c.hostConfig.CapDrop.Slice(),
GroupAdd: c.hostConfig.GroupAdd.Slice(),
CapAdd: c.hostConfig.CapAdd,
CapDrop: c.hostConfig.CapDrop,
GroupAdd: c.hostConfig.GroupAdd,
ProcessConfig: processConfig,
ProcessLabel: c.GetProcessLabel(),
MountLabel: c.GetMountLabel(),

1
daemon/execdriver/driver.go
View file

@ -170,6 +170,7 @@ type Command struct {
AutoCreatedDevices []*configs.Device `json:"autocreated_devices"`
CapAdd []string `json:"cap_add"`
CapDrop []string `json:"cap_drop"`
GroupAdd []string `json:"group_add"`
ContainerPid int `json:"container_pid"` // the pid for the process inside a container
ProcessConfig ProcessConfig `json:"process_config"` // Describes the init process of the container.
ProcessLabel string `json:"process_label"`

2
daemon/execdriver/native/create.go
View file

@ -58,6 +58,8 @@ func (d *driver) createContainer(c *execdriver.Command) (*configs.Config, error)
}
}
container.AdditionalGroups = c.GroupAdd
if c.AppArmorProfile != "" {
container.AppArmorProfile = c.AppArmorProfile
}

1
runconfig/hostconfig.go
View file

@ -249,6 +249,7 @@ type HostConfig struct {
UTSMode UTSMode
CapAdd *CapList
CapDrop *CapList
GroupAdd []string
RestartPolicy RestartPolicy
SecurityOpt []string
ReadonlyRootfs bool

3
runconfig/parse.go
View file

@ -60,6 +60,7 @@ func Parse(cmd *flag.FlagSet, args []string) (*Config, *HostConfig, *flag.FlagSe
flEnvFile = opts.NewListOpts(nil)
flCapAdd = opts.NewListOpts(nil)
flCapDrop = opts.NewListOpts(nil)
flGroupAdd = opts.NewListOpts(nil)
flSecurityOpt = opts.NewListOpts(nil)
flLabelsFile = opts.NewListOpts(nil)
flLoggingOpts = opts.NewListOpts(nil)
@ -112,6 +113,7 @@ func Parse(cmd *flag.FlagSet, args []string) (*Config, *HostConfig, *flag.FlagSe
cmd.Var(&flLxcOpts, []string{"#lxc-conf", "-lxc-conf"}, "Add custom lxc options")
cmd.Var(&flCapAdd, []string{"-cap-add"}, "Add Linux capabilities")
cmd.Var(&flCapDrop, []string{"-cap-drop"}, "Drop Linux capabilities")
cmd.Var(&flGroupAdd, []string{"-group-add"}, "Add additional groups to join")
cmd.Var(&flSecurityOpt, []string{"-security-opt"}, "Security Options")
cmd.Var(flUlimits, []string{"-ulimit"}, "Ulimit options")
cmd.Var(&flLoggingOpts, []string{"-log-opt"}, "Log driver options")
@ -369,6 +371,7 @@ func Parse(cmd *flag.FlagSet, args []string) (*Config, *HostConfig, *flag.FlagSe
Devices: deviceMappings,
CapAdd: NewCapList(flCapAdd.GetAll()),
CapDrop: NewCapList(flCapDrop.GetAll()),
GroupAdd: flGroupAdd.GetAll(),
RestartPolicy: restartPolicy,
SecurityOpt: flSecurityOpt.GetAll(),
ReadonlyRootfs: *flReadonlyRootfs,