317d3d10b8
This change was introduced early in the development of rootless support,
before all the kinks were worked out and rootlesskit was built. The
author was testing the daemon by inside a user namespace set up by runc,
observed that the unshare(2) syscall was returning EPERM, and assumed
that it was a fundamental limitation of user namespaces. Seeing as the
kernel documentation (of today) disagrees with that assessment and that
unshare demonstrably works inside user namespaces, I can only assume
that the EPERM was due to a quirk of their test environment, such as a
seccomp filter set up by runc blocking the unshare syscall.
https://github.com/moby/moby/pull/20902#issuecomment-236409406
Mount namespaces are necessary to address #38995 and #43390. Revert the
special-casing so those issues can also be fixed for rootless daemons.
This reverts commit
|
||
---|---|---|
.. | ||
aaparser | ||
archive | ||
authorization | ||
broadcaster | ||
capabilities | ||
chrootarchive | ||
containerfs | ||
devicemapper | ||
directory | ||
dmesg | ||
fileutils | ||
homedir | ||
idtools | ||
ioutils | ||
jsonmessage | ||
longpath | ||
loopback | ||
namesgenerator | ||
parsers | ||
pidfile | ||
platform | ||
plugingetter | ||
plugins | ||
pools | ||
progress | ||
reexec | ||
stack | ||
stdcopy | ||
streamformatter | ||
stringid | ||
sysinfo | ||
system | ||
tailfile | ||
tarsum | ||
useragent | ||
README.md |
pkg/ is a collection of utility packages used by the Moby project without being specific to its internals.
Utility packages are kept separate from the moby core codebase to keep it as small and concise as possible. If some utilities grow larger and their APIs stabilize, they may be moved to their own repository under the Moby organization, to facilitate re-use by other projects. However that is not the priority.
The directory pkg
is named after the same directory in the camlistore project. Since Brad is a core
Go maintainer, we thought it made sense to copy his methods for organizing Go code :) Thanks Brad!
Because utility packages are small and neatly separated from the rest of the codebase, they are a good place to start for aspiring maintainers and contributors. Get in touch if you want to help maintain them!