There is no reason to duplicate efforts and tini is well built and
better than grimes. It is a much stronger option for the default init
and @krallin has done a great job maintaining it and helping make
changes so that it will work with Docker.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
This version:
- properly follow context cancellation on Start and Exec
- add support for Solaris
- ensure exec exit events are always seen before init's
Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
Until we can support existing behaviour with `sudo` disable
ambient capabilities in runc build.
Add tests that non root user cannot use default capabilities,
and that capabilities are working as expected.
Test for #27590
Update runc.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
diff:
```patch
diff --git a/Makefile b/Makefile
index 0b2b063..70df01b 100644
--- a/Makefile
+++ b/Makefile
@@ -1,3 +1,4 @@
+GIT_VERSION := $(shell git describe --abbrev=40 --long --dirty --always --tags)
all:
- gcc -O2 -o init -static grimes.c
+ gcc -O2 -DVERSION=\"$(GIT_VERSION)\" -o init -static grimes.c
diff --git a/grimes.c b/grimes.c
index d0f836b..ffeea98 100644
--- a/grimes.c
+++ b/grimes.c
@@ -29,7 +29,7 @@ typedef struct reaper_t {
} reaper_t;
// reaper_new initializes the reaper with the provided process.
-// it also sets up the signal handlers and child handlers for restore
+// it also sets up the signal handlers and child handlers for restore
// when the child is execed
int reaper_new(reaper_t * reaper, process_t * process)
{
@@ -57,7 +57,7 @@ int reaper_new(reaper_t * reaper, process_t * process)
return 0;
}
-// reaper_exit closes the reaper's signalfd and exits with the
+// reaper_exit closes the reaper's signalfd and exits with the
// child's exit status
void reaper_exit(reaper_t * reaper, int status)
{
@@ -68,11 +68,11 @@ void reaper_exit(reaper_t * reaper, int status)
exit(WEXITSTATUS(status));
}
-// reaper_reap reaps any dead processes. If the process that is reaped
+// reaper_reap reaps any dead processes. If the process that is reaped
// is the child process that we spawned get its exit status and exit this program
int reaper_reap(reaper_t * reaper)
{
- int status, child_exited, child_status = 0;
+ int status = 0, child_exited = 0, child_status = 0;
for (;;) {
pid_t pid = waitpid(-1, &status, WNOHANG);
switch (pid) {
@@ -140,6 +140,12 @@ int main(int argc, char **argv)
{
process_t process;
reaper_t reaper;
+
+ if (argc == 2 && !strcmp(argv[1], "--version")) {
+ printf("grimes version %s\n", VERSION);
+ exit(0);
+ }
+
if (reaper_new(&reaper, &process) != 0) {
bail("initialize reaper %s", strerror(errno));
}
```
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
* change workdir for accessing install-binaries.sh
* use other gopath for binaries to preserve sources
* add sources of proxy and grimes to rpc spec
* use dynamic proxy with -linkmode external in deb and rpm
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
This means we can vendor libnetwork without special casing, and
it is built the same way as the other external binaries.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
This fixes an issue when wait4 returns a 0 return status causing the
reaping loop to continue to run.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
