package specconv import ( "io/ioutil" "strconv" "github.com/opencontainers/runtime-spec/specs-go" ) // ToRootless converts spec to be compatible with "rootless" runc. // * Remove cgroups (will be supported in separate PR when delegation permission is configured) // * Fix up OOMScoreAdj func ToRootless(spec *specs.Spec) error { return toRootless(spec, getCurrentOOMScoreAdj()) } func getCurrentOOMScoreAdj() int { b, err := ioutil.ReadFile("/proc/self/oom_score_adj") if err != nil { return 0 } i, err := strconv.Atoi(string(b)) if err != nil { return 0 } return i } func toRootless(spec *specs.Spec, currentOOMScoreAdj int) error { // Remove cgroup settings. spec.Linux.Resources = nil spec.Linux.CgroupsPath = "" if spec.Process.OOMScoreAdj != nil && *spec.Process.OOMScoreAdj < currentOOMScoreAdj { *spec.Process.OOMScoreAdj = currentOOMScoreAdj } return nil }