1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00
Commit graph

2 commits

Author SHA1 Message Date
Andrea Luzzardi
6de3e8a22d Implemented support to run as a different user (through the -u flag) 2013-02-13 17:24:35 -08:00
Andrea Luzzardi
58a2294260 Implemented a self-injecting process wrapper that runs inside the container
- Before starting the container, docker injects itself inside the container by mount binding the dockerd binary into /sbin/init
- Instead of running the user process directly inside the container, we run /sbin/init targetprocess [args...]
- When docker is run as /sbin/init (e.g. argv[0] == "/sbin/init"), then its own sys init code kicks in
- The sys init code will be responsible for setting up the process environment prior to its execution (setuid, networking, ...).
- Finally, docker's sys init will exec() the container's process, thus replacing itself with the target binary (which will be running as pid 1)
2013-02-13 14:01:44 -08:00