From 9d9b8e0cf33bf9f452c369af5755660d40ce7acf Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Wed, 1 Dec 2021 12:06:59 +0100 Subject: [PATCH] daemon.WithDevices(): use containerd's HostDevices() Trying to reduce the use of libcontainer/devices, as it's considered to be an "internal" package by runc. Signed-off-by: Sebastiaan van Stijn --- daemon/oci_linux.go | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/daemon/oci_linux.go b/daemon/oci_linux.go index 5136b4097c..02c0cf1f69 100644 --- a/daemon/oci_linux.go +++ b/daemon/oci_linux.go @@ -27,7 +27,6 @@ import ( "github.com/moby/sys/mount" "github.com/moby/sys/mountinfo" "github.com/opencontainers/runc/libcontainer/cgroups" - "github.com/opencontainers/runc/libcontainer/devices" "github.com/opencontainers/runc/libcontainer/user" specs "github.com/opencontainers/runtime-spec/specs-go" "github.com/pkg/errors" @@ -874,13 +873,11 @@ func WithDevices(daemon *Daemon, c *container.Container) coci.SpecOpts { devPermissions := s.Linux.Resources.Devices if c.HostConfig.Privileged && !userns.RunningInUserNS() { - hostDevices, err := devices.HostDevices() + hostDevices, err := coci.HostDevices() if err != nil { return err } - for _, d := range hostDevices { - devs = append(devs, oci.Device(d)) - } + devs = append(devs, hostDevices...) // adding device mappings in privileged containers for _, deviceMapping := range c.HostConfig.Devices {