|
@@ -24,12 +24,12 @@ case "$1" in
|
|
|
exit 1
|
|
exit 1
|
|
|
;;
|
|
;;
|
|
|
esac
|
|
esac
|
|
|
-if ! [ -w $XDG_RUNTIME_DIR ]; then
|
|
|
|
|
|
|
+if ! [ -w "$XDG_RUNTIME_DIR" ]; then
|
|
|
echo "XDG_RUNTIME_DIR needs to be set and writable"
|
|
echo "XDG_RUNTIME_DIR needs to be set and writable"
|
|
|
exit 1
|
|
exit 1
|
|
|
fi
|
|
fi
|
|
|
-if ! [ -w $HOME ]; then
|
|
|
|
|
- echo "HOME needs to be set and writable"
|
|
|
|
|
|
|
+if ! [ -d "$HOME" ]; then
|
|
|
|
|
+ echo "HOME needs to be set and exist."
|
|
|
exit 1
|
|
exit 1
|
|
|
fi
|
|
fi
|
|
|
|
|
|
|
@@ -40,7 +40,7 @@ for f in docker-rootlesskit rootlesskit; do
|
|
|
break
|
|
break
|
|
|
fi
|
|
fi
|
|
|
done
|
|
done
|
|
|
-if [ -z $rootlesskit ]; then
|
|
|
|
|
|
|
+if [ -z "$rootlesskit" ]; then
|
|
|
echo "rootlesskit needs to be installed"
|
|
echo "rootlesskit needs to be installed"
|
|
|
exit 1
|
|
exit 1
|
|
|
fi
|
|
fi
|
|
@@ -52,19 +52,19 @@ fi
|
|
|
: "${DOCKERD_ROOTLESS_ROOTLESSKIT_SLIRP4NETNS_SECCOMP:=auto}"
|
|
: "${DOCKERD_ROOTLESS_ROOTLESSKIT_SLIRP4NETNS_SECCOMP:=auto}"
|
|
|
net=$DOCKERD_ROOTLESS_ROOTLESSKIT_NET
|
|
net=$DOCKERD_ROOTLESS_ROOTLESSKIT_NET
|
|
|
mtu=$DOCKERD_ROOTLESS_ROOTLESSKIT_MTU
|
|
mtu=$DOCKERD_ROOTLESS_ROOTLESSKIT_MTU
|
|
|
-if [ -z $net ]; then
|
|
|
|
|
|
|
+if [ -z "$net" ]; then
|
|
|
if command -v slirp4netns > /dev/null 2>&1; then
|
|
if command -v slirp4netns > /dev/null 2>&1; then
|
|
|
# If --netns-type is present in --help, slirp4netns is >= v0.4.0.
|
|
# If --netns-type is present in --help, slirp4netns is >= v0.4.0.
|
|
|
if slirp4netns --help | grep -qw -- --netns-type; then
|
|
if slirp4netns --help | grep -qw -- --netns-type; then
|
|
|
net=slirp4netns
|
|
net=slirp4netns
|
|
|
- if [ -z $mtu ]; then
|
|
|
|
|
|
|
+ if [ -z "$mtu" ]; then
|
|
|
mtu=65520
|
|
mtu=65520
|
|
|
fi
|
|
fi
|
|
|
else
|
|
else
|
|
|
echo "slirp4netns found but seems older than v0.4.0. Falling back to VPNKit."
|
|
echo "slirp4netns found but seems older than v0.4.0. Falling back to VPNKit."
|
|
|
fi
|
|
fi
|
|
|
fi
|
|
fi
|
|
|
- if [ -z $net ]; then
|
|
|
|
|
|
|
+ if [ -z "$net" ]; then
|
|
|
if command -v vpnkit > /dev/null 2>&1; then
|
|
if command -v vpnkit > /dev/null 2>&1; then
|
|
|
net=vpnkit
|
|
net=vpnkit
|
|
|
else
|
|
else
|
|
@@ -73,11 +73,11 @@ if [ -z $net ]; then
|
|
|
fi
|
|
fi
|
|
|
fi
|
|
fi
|
|
|
fi
|
|
fi
|
|
|
-if [ -z $mtu ]; then
|
|
|
|
|
|
|
+if [ -z "$mtu" ]; then
|
|
|
mtu=1500
|
|
mtu=1500
|
|
|
fi
|
|
fi
|
|
|
|
|
|
|
|
-if [ -z $_DOCKERD_ROOTLESS_CHILD ]; then
|
|
|
|
|
|
|
+if [ -z "$_DOCKERD_ROOTLESS_CHILD" ]; then
|
|
|
_DOCKERD_ROOTLESS_CHILD=1
|
|
_DOCKERD_ROOTLESS_CHILD=1
|
|
|
export _DOCKERD_ROOTLESS_CHILD
|
|
export _DOCKERD_ROOTLESS_CHILD
|
|
|
if [ "$(id -u)" = "0" ]; then
|
|
if [ "$(id -u)" = "0" ]; then
|
|
@@ -107,7 +107,7 @@ if [ -z $_DOCKERD_ROOTLESS_CHILD ]; then
|
|
|
$DOCKERD_ROOTLESS_ROOTLESSKIT_FLAGS \
|
|
$DOCKERD_ROOTLESS_ROOTLESSKIT_FLAGS \
|
|
|
$0 $@
|
|
$0 $@
|
|
|
else
|
|
else
|
|
|
- [ $_DOCKERD_ROOTLESS_CHILD = 1 ]
|
|
|
|
|
|
|
+ [ "$_DOCKERD_ROOTLESS_CHILD" = 1 ]
|
|
|
# remove the symlinks for the existing files in the parent namespace if any,
|
|
# remove the symlinks for the existing files in the parent namespace if any,
|
|
|
# so that we can create our own files in our mount namespace.
|
|
# so that we can create our own files in our mount namespace.
|
|
|
rm -f /run/docker /run/containerd /run/xtables.lock
|
|
rm -f /run/docker /run/containerd /run/xtables.lock
|
Sebastiaan van Stijn