We use cookies to ensure you get the best experience on our website
Home Explore Help
Register Sign In
0ct0pu5
/
moby
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

pkg/sysinfo: use containerd/sys to detect UserNamespaces

The implementation in libcontainer/system is quite complicated,
and we only use it to detect if user-namespaces are enabled.

In addition, the implementation in containerd uses a sync.Once,
so that detection (and reading/parsing `/proc/self/uid_map`) is
only performed once.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Sebastiaan van Stijn 5 years ago
parent
9ff990a2b9
commit
66bb1c4644
1 changed files with 2 additions and 2 deletions
Unified View Show Diff Stats
  1. 2 2
      pkg/sysinfo/cgroup2_linux.go

+ 2 - 2
pkg/sysinfo/cgroup2_linux.go
View File 

@@ -6,7 +6,7 @@ import (
 
 	"strings"
 
 	"strings"
 
 
 
 	cgroupsV2 "github.com/containerd/cgroups/v2"
 
 	cgroupsV2 "github.com/containerd/cgroups/v2"
 
-	rsystem "github.com/opencontainers/runc/libcontainer/system"
 
+	"github.com/containerd/containerd/sys"
 
 	"github.com/sirupsen/logrus"
 
 	"github.com/sirupsen/logrus"
 
 )
 
 )
 
 
 
@@ -146,6 +146,6 @@ func applyPIDSCgroupInfoV2(info *SysInfo, controllers map[string]struct{}, _ str
 
 }
 
 }
 
 
 
 func applyDevicesCgroupInfoV2(info *SysInfo, controllers map[string]struct{}, _ string) []string {
 
 func applyDevicesCgroupInfoV2(info *SysInfo, controllers map[string]struct{}, _ string) []string {
 
-	info.CgroupDevicesEnabled = !rsystem.RunningInUserNS()
 
+	info.CgroupDevicesEnabled = !sys.RunningInUserNS()
 
 	return nil
 
 	return nil
 
 }
 
 }

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5