mirror of
https://github.com/moby/moby.git
synced 2022-11-09 12:21:53 -05:00
f864421ead
This patch updates all dependencies to match what is used in moby/moby. Making the dependencies match what is used in that repository makes sure we test with the same version as libnetwork is later built with in moby. This also gets rid of some temporary forks that were needed during the migration of Sirupsen/logrus to sirupsen/logrus. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
106 lines
3 KiB
Go
106 lines
3 KiB
Go
package libcontainer
|
|
|
|
import (
|
|
"fmt"
|
|
"io"
|
|
"math"
|
|
"os"
|
|
|
|
"github.com/opencontainers/runc/libcontainer/configs"
|
|
)
|
|
|
|
type processOperations interface {
|
|
wait() (*os.ProcessState, error)
|
|
signal(sig os.Signal) error
|
|
pid() int
|
|
}
|
|
|
|
// Process specifies the configuration and IO for a process inside
|
|
// a container.
|
|
type Process struct {
|
|
// The command to be run followed by any arguments.
|
|
Args []string
|
|
|
|
// Env specifies the environment variables for the process.
|
|
Env []string
|
|
|
|
// User will set the uid and gid of the executing process running inside the container
|
|
// local to the container's user and group configuration.
|
|
User string
|
|
|
|
// AdditionalGroups specifies the gids that should be added to supplementary groups
|
|
// in addition to those that the user belongs to.
|
|
AdditionalGroups []string
|
|
|
|
// Cwd will change the processes current working directory inside the container's rootfs.
|
|
Cwd string
|
|
|
|
// Stdin is a pointer to a reader which provides the standard input stream.
|
|
Stdin io.Reader
|
|
|
|
// Stdout is a pointer to a writer which receives the standard output stream.
|
|
Stdout io.Writer
|
|
|
|
// Stderr is a pointer to a writer which receives the standard error stream.
|
|
Stderr io.Writer
|
|
|
|
// ExtraFiles specifies additional open files to be inherited by the container
|
|
ExtraFiles []*os.File
|
|
|
|
// Capabilities specify the capabilities to keep when executing the process inside the container
|
|
// All capabilities not specified will be dropped from the processes capability mask
|
|
Capabilities *configs.Capabilities
|
|
|
|
// AppArmorProfile specifies the profile to apply to the process and is
|
|
// changed at the time the process is execed
|
|
AppArmorProfile string
|
|
|
|
// Label specifies the label to apply to the process. It is commonly used by selinux
|
|
Label string
|
|
|
|
// NoNewPrivileges controls whether processes can gain additional privileges.
|
|
NoNewPrivileges *bool
|
|
|
|
// Rlimits specifies the resource limits, such as max open files, to set in the container
|
|
// If Rlimits are not set, the container will inherit rlimits from the parent process
|
|
Rlimits []configs.Rlimit
|
|
|
|
// ConsoleSocket provides the masterfd console.
|
|
ConsoleSocket *os.File
|
|
|
|
ops processOperations
|
|
}
|
|
|
|
// Wait waits for the process to exit.
|
|
// Wait releases any resources associated with the Process
|
|
func (p Process) Wait() (*os.ProcessState, error) {
|
|
if p.ops == nil {
|
|
return nil, newGenericError(fmt.Errorf("invalid process"), NoProcessOps)
|
|
}
|
|
return p.ops.wait()
|
|
}
|
|
|
|
// Pid returns the process ID
|
|
func (p Process) Pid() (int, error) {
|
|
// math.MinInt32 is returned here, because it's invalid value
|
|
// for the kill() system call.
|
|
if p.ops == nil {
|
|
return math.MinInt32, newGenericError(fmt.Errorf("invalid process"), NoProcessOps)
|
|
}
|
|
return p.ops.pid(), nil
|
|
}
|
|
|
|
// Signal sends a signal to the Process.
|
|
func (p Process) Signal(sig os.Signal) error {
|
|
if p.ops == nil {
|
|
return newGenericError(fmt.Errorf("invalid process"), NoProcessOps)
|
|
}
|
|
return p.ops.signal(sig)
|
|
}
|
|
|
|
// IO holds the process's STDIO
|
|
type IO struct {
|
|
Stdin io.WriteCloser
|
|
Stdout io.ReadCloser
|
|
Stderr io.ReadCloser
|
|
}
|