1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00
moby--moby/opts
Akihiro Suda 3518383ed9 dockerd: fix rootless detection (alternative to #39024)
The `--rootless` flag had a couple of issues:
* #38702: euid=0, $USER="root" but no access to cgroup ("rootful" Docker in rootless Docker)
* #39009: euid=0 but $USER="docker" (rootful boot2docker)

To fix #38702, XDG dirs are ignored as in rootful Docker, unless the
dockerd is directly running under RootlessKit namespaces.

RootlessKit detection is implemented by checking whether `$ROOTLESSKIT_STATE_DIR` is set.

To fix #39009, the non-robust `$USER` check is now completely removed.

The entire logic can be illustrated as follows:

```
withRootlessKit := getenv("ROOTLESSKIT_STATE_DIR")
rootlessMode := withRootlessKit || cliFlag("--rootless")
honorXDG := withRootlessKit
useRootlessKitDockerProxy := withRootlessKit
removeCgroupSpec := rootlessMode
adjustOOMScoreAdj := rootlessMode
```

Close #39024
Fix #38702 #39009

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2019-04-25 16:47:01 +09:00
..
address_pools.go Various code-cleanup 2018-05-23 17:50:54 +02:00
address_pools_test.go Allow user to control the default address pools 2018-04-30 11:14:08 -04:00
env.go Add canonical import comment 2018-02-05 16:51:57 -05:00
env_test.go Add canonical import comment 2018-02-05 16:51:57 -05:00
hosts.go dockerd: fix rootless detection (alternative to #39024) 2019-04-25 16:47:01 +09:00
hosts_test.go allow running dockerd in an unprivileged user namespace (rootless mode) 2019-02-04 00:24:27 +09:00
hosts_unix.go Add canonical import comment 2018-02-05 16:51:57 -05:00
hosts_windows.go Add canonical import comment 2018-02-05 16:51:57 -05:00
ip.go Add canonical import comment 2018-02-05 16:51:57 -05:00
ip_test.go Add canonical import comment 2018-02-05 16:51:57 -05:00
opts.go Various code-cleanup 2018-05-23 17:50:54 +02:00
opts_test.go Add canonical import comment 2018-02-05 16:51:57 -05:00
opts_unix.go Add canonical import comment 2018-02-05 16:51:57 -05:00
opts_windows.go Add canonical import comment 2018-02-05 16:51:57 -05:00
quotedstring.go Add canonical import comment 2018-02-05 16:51:57 -05:00
quotedstring_test.go Update tests to use gotest.tools 👼 2018-06-13 09:04:30 +02:00
runtime.go Add canonical import comment 2018-02-05 16:51:57 -05:00
ulimit.go Add canonical import comment 2018-02-05 16:51:57 -05:00
ulimit_test.go Add canonical import comment 2018-02-05 16:51:57 -05:00