small refactoring
Docker-DCO-1.1-Signed-off-by: Victor Vieux <vieux@docker.com> (github: vieux)
This commit is contained in:
Victor Vieux
parent
8344b6d736
commit
f3ff323fb3
3 changed files with 21 additions and 28 deletions
|
|
@ -13,7 +13,6 @@ import (
|
|||
"github.com/dotcloud/docker/daemon/execdriver"
|
||||
"github.com/dotcloud/docker/daemon/execdriver/native/template"
|
||||
"github.com/dotcloud/docker/pkg/system"
|
||||
utils2 "github.com/dotcloud/docker/utils"
|
||||
)
|
||||
|
||||
func setHostname(hostname string) error {
|
||||
|
|
@ -50,18 +49,7 @@ func finalizeNamespace(args *execdriver.InitArgs) error {
|
|||
return fmt.Errorf("clear keep caps %s", err)
|
||||
}
|
||||
|
||||
var caps []string
|
||||
for _, cap := range container.Capabilities {
|
||||
if !utils2.StringsContains(strings.Split(args.CapDrop, " "), cap) {
|
||||
caps = append(caps, cap)
|
||||
}
|
||||
}
|
||||
|
||||
for _, cap := range strings.Split(args.CapAdd, " ") {
|
||||
if !utils2.StringsContains(caps, cap) {
|
||||
caps = append(caps, cap)
|
||||
}
|
||||
}
|
||||
caps := execdriver.TweakCapabilities(container.Capabilities, strings.Split(args.CapAdd, " "), strings.Split(args.CapDrop, " "))
|
||||
|
||||
// drop all other capabilities
|
||||
if err := capabilities.DropCapabilities(caps); err != nil {
|
||||
|
|
|
|||
|
|
@ -14,7 +14,6 @@ import (
|
|||
"github.com/dotcloud/docker/daemon/execdriver"
|
||||
"github.com/dotcloud/docker/daemon/execdriver/native/configuration"
|
||||
"github.com/dotcloud/docker/daemon/execdriver/native/template"
|
||||
"github.com/dotcloud/docker/utils"
|
||||
)
|
||||
|
||||
// createContainer populates and configures the container type with the
|
||||
|
|
@ -140,20 +139,7 @@ func (d *driver) setPrivileged(container *libcontainer.Config) (err error) {
|
|||
}
|
||||
|
||||
func (d *driver) setCapabilities(container *libcontainer.Config, c *execdriver.Command) {
|
||||
var caps []string
|
||||
for _, cap := range container.Capabilities {
|
||||
if !utils.StringsContains(c.CapDrop, cap) {
|
||||
caps = append(caps, cap)
|
||||
}
|
||||
}
|
||||
|
||||
for _, cap := range c.CapAdd {
|
||||
if !utils.StringsContains(caps, cap) {
|
||||
caps = append(caps, cap)
|
||||
}
|
||||
}
|
||||
|
||||
container.Capabilities = caps
|
||||
container.Capabilities = execdriver.TweakCapabilities(container.Capabilities, c.CapAdd, c.CapDrop)
|
||||
}
|
||||
|
||||
func (d *driver) setupCgroups(container *libcontainer.Config, c *execdriver.Command) error {
|
||||
|
|
|
|||
19
daemon/execdriver/utils.go
Normal file
19
daemon/execdriver/utils.go
Normal file
|
|
@ -0,0 +1,19 @@
|
|||
package execdriver
|
||||
|
||||
import "github.com/dotcloud/docker/utils"
|
||||
|
||||
func TweakCapabilities(basics, adds, drops []string) []string {
|
||||
var caps []string
|
||||
for _, cap := range basics {
|
||||
if !utils.StringsContains(drops, cap) {
|
||||
caps = append(caps, cap)
|
||||
}
|
||||
}
|
||||
|
||||
for _, cap := range adds {
|
||||
if !utils.StringsContains(caps, cap) {
|
||||
caps = append(caps, cap)
|
||||
}
|
||||
}
|
||||
return caps
|
||||
}
|
||||
Loading…
Add table
Reference in a new issue