0ct0pu5/moby
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

dockerd-rootless-setuptool.sh: check RootlessKit functionality

Browse source 
RootlessKit will print hints if something is still unsatisfied.

e.g., `kernel.apparmor_restrict_unprivileged_userns` constraint
rootless-containers/rootlesskit@33c3e7ca6c

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
(cherry picked from commit b32cfc3b3a)
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
This commit is contained in:
Akihiro Suda 2024-03-06 07:43:00 +09:00 committed by Paweł Gronowski
parent 77de535364
commit d27fe2558d
No known key found for this signature in database
GPG key ID: B85EFCFE26DEF92A
1 changed files with 7 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
contrib/dockerd-rootless-setuptool.sh
View file

@ -269,6 +269,13 @@ init() {
# - sysctl: "net.ipv4.ip_unprivileged_port_start"
# - external binary: slirp4netns
# - external binary: fuse-overlayfs
# check RootlessKit functionality. RootlessKit will print hints if something is still unsatisfied.
# (e.g., `kernel.apparmor_restrict_unprivileged_userns` constraint)
if ! rootlesskit true; then
ERROR "RootlessKit failed, see the error messages and https://rootlesscontaine.rs/getting-started/common/ ."
exit 1
fi
}
# CLI subcommand: "check"