mirror of
https://github.com/moby/moby.git
synced 2022-11-09 12:21:53 -05:00
c86189d554
Replaced github.com/docker/libcontainer with github.com/opencontainers/runc/libcontaier. Also I moved AppArmor profile generation to docker. Main idea of this update is to fix mounting cgroups inside containers. After updating docker on CI we can even remove dind. Signed-off-by: Alexander Morozov <lk4d4@docker.com>
48 lines
1.1 KiB
Go
48 lines
1.1 KiB
Go
// +build linux
|
|
|
|
package daemon
|
|
|
|
import (
|
|
"errors"
|
|
"fmt"
|
|
"strings"
|
|
|
|
"github.com/docker/docker/runconfig"
|
|
"github.com/opencontainers/runc/libcontainer/selinux"
|
|
)
|
|
|
|
func selinuxSetDisabled() {
|
|
selinux.SetDisabled()
|
|
}
|
|
|
|
func selinuxFreeLxcContexts(label string) {
|
|
selinux.FreeLxcContexts(label)
|
|
}
|
|
|
|
func selinuxEnabled() bool {
|
|
return selinux.SelinuxEnabled()
|
|
}
|
|
|
|
func mergeLxcConfIntoOptions(hostConfig *runconfig.HostConfig) ([]string, error) {
|
|
if hostConfig == nil {
|
|
return nil, nil
|
|
}
|
|
|
|
out := []string{}
|
|
|
|
// merge in the lxc conf options into the generic config map
|
|
if lxcConf := hostConfig.LxcConf; lxcConf != nil {
|
|
lxSlice := lxcConf.Slice()
|
|
for _, pair := range lxSlice {
|
|
// because lxc conf gets the driver name lxc.XXXX we need to trim it off
|
|
// and let the lxc driver add it back later if needed
|
|
if !strings.Contains(pair.Key, ".") {
|
|
return nil, errors.New("Illegal Key passed into LXC Configurations")
|
|
}
|
|
parts := strings.SplitN(pair.Key, ".", 2)
|
|
out = append(out, fmt.Sprintf("%s=%s", parts[1], pair.Value))
|
|
}
|
|
}
|
|
|
|
return out, nil
|
|
}
|