mirror of
https://github.com/moby/moby.git
synced 2022-11-09 12:21:53 -05:00
b08f071e18
Although having a request ID available throughout the codebase is very valuable, the impact of requiring a Context as an argument to every function in the codepath of an API request, is too significant and was not properly understood at the time of the review. Furthermore, mixing API-layer code with non-API-layer code makes the latter usable only by API-layer code (one that has a notion of Context). This reverts commitde41640435, reversing changes made to7daeecd42d. Signed-off-by: Tibor Vass <tibor@docker.com> Conflicts: api/server/container.go builder/internals.go daemon/container_unix.go daemon/create.go
80 lines
2 KiB
Go
80 lines
2 KiB
Go
// +build linux
|
|
|
|
package native
|
|
|
|
import (
|
|
"fmt"
|
|
"os"
|
|
"os/exec"
|
|
"strings"
|
|
"syscall"
|
|
|
|
"github.com/docker/docker/daemon/execdriver"
|
|
"github.com/opencontainers/runc/libcontainer"
|
|
// Blank import 'nsenter' so that init in that package will call c
|
|
// function 'nsexec()' to do 'setns' before Go runtime take over,
|
|
// it's used for join to exist ns like 'docker exec' command.
|
|
_ "github.com/opencontainers/runc/libcontainer/nsenter"
|
|
"github.com/opencontainers/runc/libcontainer/utils"
|
|
)
|
|
|
|
// Exec implements the exec driver Driver interface,
|
|
// it calls libcontainer APIs to execute a container.
|
|
func (d *Driver) Exec(c *execdriver.Command, processConfig *execdriver.ProcessConfig, pipes *execdriver.Pipes, hooks execdriver.Hooks) (int, error) {
|
|
active := d.activeContainers[c.ID]
|
|
if active == nil {
|
|
return -1, fmt.Errorf("No active container exists with ID %s", c.ID)
|
|
}
|
|
|
|
p := &libcontainer.Process{
|
|
Args: append([]string{processConfig.Entrypoint}, processConfig.Arguments...),
|
|
Env: c.ProcessConfig.Env,
|
|
Cwd: c.WorkingDir,
|
|
User: processConfig.User,
|
|
}
|
|
|
|
if processConfig.Privileged {
|
|
p.Capabilities = execdriver.GetAllCapabilities()
|
|
}
|
|
// add CAP_ prefix to all caps for new libcontainer update to match
|
|
// the spec format.
|
|
for i, s := range p.Capabilities {
|
|
if !strings.HasPrefix(s, "CAP_") {
|
|
p.Capabilities[i] = fmt.Sprintf("CAP_%s", s)
|
|
}
|
|
}
|
|
|
|
config := active.Config()
|
|
if err := setupPipes(&config, processConfig, p, pipes); err != nil {
|
|
return -1, err
|
|
}
|
|
|
|
if err := active.Start(p); err != nil {
|
|
return -1, err
|
|
}
|
|
|
|
if hooks.Start != nil {
|
|
pid, err := p.Pid()
|
|
if err != nil {
|
|
p.Signal(os.Kill)
|
|
p.Wait()
|
|
return -1, err
|
|
}
|
|
|
|
// A closed channel for OOM is returned here as it will be
|
|
// non-blocking and return the correct result when read.
|
|
chOOM := make(chan struct{})
|
|
close(chOOM)
|
|
hooks.Start(&c.ProcessConfig, pid, chOOM)
|
|
}
|
|
|
|
ps, err := p.Wait()
|
|
if err != nil {
|
|
exitErr, ok := err.(*exec.ExitError)
|
|
if !ok {
|
|
return -1, err
|
|
}
|
|
ps = exitErr.ProcessState
|
|
}
|
|
return utils.ExitStatus(ps.Sys().(syscall.WaitStatus)), nil
|
|
}
|