moby/libcontainerd/utils_linux.go
Kenfe-Mickael Laventure 45d85c9913
Update containerd to 06b9cb35161009dcb7123345749fef02f7cea8e0
This also update:
 - runc to 3f2f8b84a77f73d38244dd690525642a72156c64
 - runtime-specs to v1.0.0

Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
2017-08-21 12:04:07 -07:00

63 lines
1.3 KiB
Go

package libcontainerd
import (
"syscall"
containerd "github.com/containerd/containerd/api/grpc/types"
"github.com/opencontainers/runtime-spec/specs-go"
"golang.org/x/sys/unix"
)
func getRootIDs(s specs.Spec) (int, int, error) {
var hasUserns bool
for _, ns := range s.Linux.Namespaces {
if ns.Type == specs.UserNamespace {
hasUserns = true
break
}
}
if !hasUserns {
return 0, 0, nil
}
uid := hostIDFromMap(0, s.Linux.UIDMappings)
gid := hostIDFromMap(0, s.Linux.GIDMappings)
return uid, gid, nil
}
func hostIDFromMap(id uint32, mp []specs.LinuxIDMapping) int {
for _, m := range mp {
if id >= m.ContainerID && id <= m.ContainerID+m.Size-1 {
return int(m.HostID + id - m.ContainerID)
}
}
return 0
}
func systemPid(ctr *containerd.Container) uint32 {
var pid uint32
for _, p := range ctr.Processes {
if p.Pid == InitFriendlyName {
pid = p.SystemPid
}
}
return pid
}
func convertRlimits(sr []specs.POSIXRlimit) (cr []*containerd.Rlimit) {
for _, r := range sr {
cr = append(cr, &containerd.Rlimit{
Type: r.Type,
Hard: r.Hard,
Soft: r.Soft,
})
}
return
}
// setPDeathSig sets the parent death signal to SIGKILL
func setSysProcAttr(sid bool) *syscall.SysProcAttr {
return &syscall.SysProcAttr{
Setsid: sid,
Pdeathsig: unix.SIGKILL,
}
}