From 87f94bf79b95f845d8e6b7091d7c3ecffde7bfab Mon Sep 17 00:00:00 2001 From: Ophir Sneh Date: Tue, 21 Mar 2017 14:12:23 -0700 Subject: [PATCH] Update shim exec rpc to take fewer args Signed-off-by: Ophir Sneh --- api/services/shim/shim.pb.go | 550 ++++++----------------------------- api/services/shim/shim.proto | 11 +- cmd/ctr/shim.go | 18 +- linux/shim/exec.go | 32 +- 4 files changed, 115 insertions(+), 496 deletions(-) diff --git a/api/services/shim/shim.pb.go b/api/services/shim/shim.pb.go index 2998254..9c349cf 100644 --- a/api/services/shim/shim.pb.go +++ b/api/services/shim/shim.pb.go @@ -30,7 +30,8 @@ package shim import proto "github.com/gogo/protobuf/proto" import fmt "fmt" import math "math" -import google_protobuf "github.com/golang/protobuf/ptypes/empty" +import google_protobuf "github.com/gogo/protobuf/types" +import google_protobuf1 "github.com/golang/protobuf/ptypes/empty" import _ "github.com/gogo/protobuf/gogoproto" import containerd_v1_types "github.com/docker/containerd/api/types/mount" import containerd_v1_types1 "github.com/docker/containerd/api/types/container" @@ -104,19 +105,11 @@ func (*DeleteResponse) ProtoMessage() {} func (*DeleteResponse) Descriptor() ([]byte, []int) { return fileDescriptorShim, []int{4} } type ExecRequest struct { - Terminal bool `protobuf:"varint,1,opt,name=terminal,proto3" json:"terminal,omitempty"` - Stdin string `protobuf:"bytes,2,opt,name=stdin,proto3" json:"stdin,omitempty"` - Stdout string `protobuf:"bytes,3,opt,name=stdout,proto3" json:"stdout,omitempty"` - Stderr string `protobuf:"bytes,4,opt,name=stderr,proto3" json:"stderr,omitempty"` - SelinuxLabel string `protobuf:"bytes,5,opt,name=selinux_label,json=selinuxLabel,proto3" json:"selinux_label,omitempty"` - User *containerd_v1_types1.User `protobuf:"bytes,6,opt,name=user" json:"user,omitempty"` - Args []string `protobuf:"bytes,7,rep,name=args" json:"args,omitempty"` - Env []string `protobuf:"bytes,8,rep,name=env" json:"env,omitempty"` - Cwd string `protobuf:"bytes,9,opt,name=cwd,proto3" json:"cwd,omitempty"` - Capabilities []string `protobuf:"bytes,10,rep,name=capabilities" json:"capabilities,omitempty"` - Rlimits []*Rlimit `protobuf:"bytes,11,rep,name=rlimits" json:"rlimits,omitempty"` - NoNewPrivileges bool `protobuf:"varint,12,opt,name=no_new_privileges,json=noNewPrivileges,proto3" json:"no_new_privileges,omitempty"` - ApparmorProfile string `protobuf:"bytes,13,opt,name=apparmor_profile,json=apparmorProfile,proto3" json:"apparmor_profile,omitempty"` + Terminal bool `protobuf:"varint,1,opt,name=terminal,proto3" json:"terminal,omitempty"` + Stdin string `protobuf:"bytes,2,opt,name=stdin,proto3" json:"stdin,omitempty"` + Stdout string `protobuf:"bytes,3,opt,name=stdout,proto3" json:"stdout,omitempty"` + Stderr string `protobuf:"bytes,4,opt,name=stderr,proto3" json:"stderr,omitempty"` + Spec *google_protobuf.Any `protobuf:"bytes,5,opt,name=spec" json:"spec,omitempty"` } func (m *ExecRequest) Reset() { *m = ExecRequest{} } @@ -228,15 +221,15 @@ const _ = grpc.SupportPackageIsVersion4 type ShimClient interface { Create(ctx context.Context, in *CreateRequest, opts ...grpc.CallOption) (*CreateResponse, error) - Start(ctx context.Context, in *StartRequest, opts ...grpc.CallOption) (*google_protobuf.Empty, error) + Start(ctx context.Context, in *StartRequest, opts ...grpc.CallOption) (*google_protobuf1.Empty, error) Delete(ctx context.Context, in *DeleteRequest, opts ...grpc.CallOption) (*DeleteResponse, error) Exec(ctx context.Context, in *ExecRequest, opts ...grpc.CallOption) (*ExecResponse, error) - Pty(ctx context.Context, in *PtyRequest, opts ...grpc.CallOption) (*google_protobuf.Empty, error) + Pty(ctx context.Context, in *PtyRequest, opts ...grpc.CallOption) (*google_protobuf1.Empty, error) Events(ctx context.Context, in *EventsRequest, opts ...grpc.CallOption) (Shim_EventsClient, error) State(ctx context.Context, in *StateRequest, opts ...grpc.CallOption) (*StateResponse, error) - Pause(ctx context.Context, in *PauseRequest, opts ...grpc.CallOption) (*google_protobuf.Empty, error) - Resume(ctx context.Context, in *ResumeRequest, opts ...grpc.CallOption) (*google_protobuf.Empty, error) - Exit(ctx context.Context, in *ExitRequest, opts ...grpc.CallOption) (*google_protobuf.Empty, error) + Pause(ctx context.Context, in *PauseRequest, opts ...grpc.CallOption) (*google_protobuf1.Empty, error) + Resume(ctx context.Context, in *ResumeRequest, opts ...grpc.CallOption) (*google_protobuf1.Empty, error) + Exit(ctx context.Context, in *ExitRequest, opts ...grpc.CallOption) (*google_protobuf1.Empty, error) } type shimClient struct { @@ -256,8 +249,8 @@ func (c *shimClient) Create(ctx context.Context, in *CreateRequest, opts ...grpc return out, nil } -func (c *shimClient) Start(ctx context.Context, in *StartRequest, opts ...grpc.CallOption) (*google_protobuf.Empty, error) { - out := new(google_protobuf.Empty) +func (c *shimClient) Start(ctx context.Context, in *StartRequest, opts ...grpc.CallOption) (*google_protobuf1.Empty, error) { + out := new(google_protobuf1.Empty) err := grpc.Invoke(ctx, "/containerd.v1.services.shim.Shim/Start", in, out, c.cc, opts...) if err != nil { return nil, err @@ -283,8 +276,8 @@ func (c *shimClient) Exec(ctx context.Context, in *ExecRequest, opts ...grpc.Cal return out, nil } -func (c *shimClient) Pty(ctx context.Context, in *PtyRequest, opts ...grpc.CallOption) (*google_protobuf.Empty, error) { - out := new(google_protobuf.Empty) +func (c *shimClient) Pty(ctx context.Context, in *PtyRequest, opts ...grpc.CallOption) (*google_protobuf1.Empty, error) { + out := new(google_protobuf1.Empty) err := grpc.Invoke(ctx, "/containerd.v1.services.shim.Shim/Pty", in, out, c.cc, opts...) if err != nil { return nil, err @@ -333,8 +326,8 @@ func (c *shimClient) State(ctx context.Context, in *StateRequest, opts ...grpc.C return out, nil } -func (c *shimClient) Pause(ctx context.Context, in *PauseRequest, opts ...grpc.CallOption) (*google_protobuf.Empty, error) { - out := new(google_protobuf.Empty) +func (c *shimClient) Pause(ctx context.Context, in *PauseRequest, opts ...grpc.CallOption) (*google_protobuf1.Empty, error) { + out := new(google_protobuf1.Empty) err := grpc.Invoke(ctx, "/containerd.v1.services.shim.Shim/Pause", in, out, c.cc, opts...) if err != nil { return nil, err @@ -342,8 +335,8 @@ func (c *shimClient) Pause(ctx context.Context, in *PauseRequest, opts ...grpc.C return out, nil } -func (c *shimClient) Resume(ctx context.Context, in *ResumeRequest, opts ...grpc.CallOption) (*google_protobuf.Empty, error) { - out := new(google_protobuf.Empty) +func (c *shimClient) Resume(ctx context.Context, in *ResumeRequest, opts ...grpc.CallOption) (*google_protobuf1.Empty, error) { + out := new(google_protobuf1.Empty) err := grpc.Invoke(ctx, "/containerd.v1.services.shim.Shim/Resume", in, out, c.cc, opts...) if err != nil { return nil, err @@ -351,8 +344,8 @@ func (c *shimClient) Resume(ctx context.Context, in *ResumeRequest, opts ...grpc return out, nil } -func (c *shimClient) Exit(ctx context.Context, in *ExitRequest, opts ...grpc.CallOption) (*google_protobuf.Empty, error) { - out := new(google_protobuf.Empty) +func (c *shimClient) Exit(ctx context.Context, in *ExitRequest, opts ...grpc.CallOption) (*google_protobuf1.Empty, error) { + out := new(google_protobuf1.Empty) err := grpc.Invoke(ctx, "/containerd.v1.services.shim.Shim/Exit", in, out, c.cc, opts...) if err != nil { return nil, err @@ -364,15 +357,15 @@ func (c *shimClient) Exit(ctx context.Context, in *ExitRequest, opts ...grpc.Cal type ShimServer interface { Create(context.Context, *CreateRequest) (*CreateResponse, error) - Start(context.Context, *StartRequest) (*google_protobuf.Empty, error) + Start(context.Context, *StartRequest) (*google_protobuf1.Empty, error) Delete(context.Context, *DeleteRequest) (*DeleteResponse, error) Exec(context.Context, *ExecRequest) (*ExecResponse, error) - Pty(context.Context, *PtyRequest) (*google_protobuf.Empty, error) + Pty(context.Context, *PtyRequest) (*google_protobuf1.Empty, error) Events(*EventsRequest, Shim_EventsServer) error State(context.Context, *StateRequest) (*StateResponse, error) - Pause(context.Context, *PauseRequest) (*google_protobuf.Empty, error) - Resume(context.Context, *ResumeRequest) (*google_protobuf.Empty, error) - Exit(context.Context, *ExitRequest) (*google_protobuf.Empty, error) + Pause(context.Context, *PauseRequest) (*google_protobuf1.Empty, error) + Resume(context.Context, *ResumeRequest) (*google_protobuf1.Empty, error) + Exit(context.Context, *ExitRequest) (*google_protobuf1.Empty, error) } func RegisterShimServer(s *grpc.Server, srv ShimServer) { @@ -829,101 +822,16 @@ func (m *ExecRequest) MarshalTo(dAtA []byte) (int, error) { i = encodeVarintShim(dAtA, i, uint64(len(m.Stderr))) i += copy(dAtA[i:], m.Stderr) } - if len(m.SelinuxLabel) > 0 { + if m.Spec != nil { dAtA[i] = 0x2a i++ - i = encodeVarintShim(dAtA, i, uint64(len(m.SelinuxLabel))) - i += copy(dAtA[i:], m.SelinuxLabel) - } - if m.User != nil { - dAtA[i] = 0x32 - i++ - i = encodeVarintShim(dAtA, i, uint64(m.User.Size())) - n1, err := m.User.MarshalTo(dAtA[i:]) + i = encodeVarintShim(dAtA, i, uint64(m.Spec.Size())) + n1, err := m.Spec.MarshalTo(dAtA[i:]) if err != nil { return 0, err } i += n1 } - if len(m.Args) > 0 { - for _, s := range m.Args { - dAtA[i] = 0x3a - i++ - l = len(s) - for l >= 1<<7 { - dAtA[i] = uint8(uint64(l)&0x7f | 0x80) - l >>= 7 - i++ - } - dAtA[i] = uint8(l) - i++ - i += copy(dAtA[i:], s) - } - } - if len(m.Env) > 0 { - for _, s := range m.Env { - dAtA[i] = 0x42 - i++ - l = len(s) - for l >= 1<<7 { - dAtA[i] = uint8(uint64(l)&0x7f | 0x80) - l >>= 7 - i++ - } - dAtA[i] = uint8(l) - i++ - i += copy(dAtA[i:], s) - } - } - if len(m.Cwd) > 0 { - dAtA[i] = 0x4a - i++ - i = encodeVarintShim(dAtA, i, uint64(len(m.Cwd))) - i += copy(dAtA[i:], m.Cwd) - } - if len(m.Capabilities) > 0 { - for _, s := range m.Capabilities { - dAtA[i] = 0x52 - i++ - l = len(s) - for l >= 1<<7 { - dAtA[i] = uint8(uint64(l)&0x7f | 0x80) - l >>= 7 - i++ - } - dAtA[i] = uint8(l) - i++ - i += copy(dAtA[i:], s) - } - } - if len(m.Rlimits) > 0 { - for _, msg := range m.Rlimits { - dAtA[i] = 0x5a - i++ - i = encodeVarintShim(dAtA, i, uint64(msg.Size())) - n, err := msg.MarshalTo(dAtA[i:]) - if err != nil { - return 0, err - } - i += n - } - } - if m.NoNewPrivileges { - dAtA[i] = 0x60 - i++ - if m.NoNewPrivileges { - dAtA[i] = 1 - } else { - dAtA[i] = 0 - } - i++ - } - if len(m.ApparmorProfile) > 0 { - dAtA[i] = 0x6a - i++ - i = encodeVarintShim(dAtA, i, uint64(len(m.ApparmorProfile))) - i += copy(dAtA[i:], m.ApparmorProfile) - } return i, nil } @@ -1279,47 +1187,8 @@ func (m *ExecRequest) Size() (n int) { if l > 0 { n += 1 + l + sovShim(uint64(l)) } - l = len(m.SelinuxLabel) - if l > 0 { - n += 1 + l + sovShim(uint64(l)) - } - if m.User != nil { - l = m.User.Size() - n += 1 + l + sovShim(uint64(l)) - } - if len(m.Args) > 0 { - for _, s := range m.Args { - l = len(s) - n += 1 + l + sovShim(uint64(l)) - } - } - if len(m.Env) > 0 { - for _, s := range m.Env { - l = len(s) - n += 1 + l + sovShim(uint64(l)) - } - } - l = len(m.Cwd) - if l > 0 { - n += 1 + l + sovShim(uint64(l)) - } - if len(m.Capabilities) > 0 { - for _, s := range m.Capabilities { - l = len(s) - n += 1 + l + sovShim(uint64(l)) - } - } - if len(m.Rlimits) > 0 { - for _, e := range m.Rlimits { - l = e.Size() - n += 1 + l + sovShim(uint64(l)) - } - } - if m.NoNewPrivileges { - n += 2 - } - l = len(m.ApparmorProfile) - if l > 0 { + if m.Spec != nil { + l = m.Spec.Size() n += 1 + l + sovShim(uint64(l)) } return n @@ -1500,15 +1369,7 @@ func (this *ExecRequest) String() string { `Stdin:` + fmt.Sprintf("%v", this.Stdin) + `,`, `Stdout:` + fmt.Sprintf("%v", this.Stdout) + `,`, `Stderr:` + fmt.Sprintf("%v", this.Stderr) + `,`, - `SelinuxLabel:` + fmt.Sprintf("%v", this.SelinuxLabel) + `,`, - `User:` + strings.Replace(fmt.Sprintf("%v", this.User), "User", "containerd_v1_types1.User", 1) + `,`, - `Args:` + fmt.Sprintf("%v", this.Args) + `,`, - `Env:` + fmt.Sprintf("%v", this.Env) + `,`, - `Cwd:` + fmt.Sprintf("%v", this.Cwd) + `,`, - `Capabilities:` + fmt.Sprintf("%v", this.Capabilities) + `,`, - `Rlimits:` + strings.Replace(fmt.Sprintf("%v", this.Rlimits), "Rlimit", "Rlimit", 1) + `,`, - `NoNewPrivileges:` + fmt.Sprintf("%v", this.NoNewPrivileges) + `,`, - `ApparmorProfile:` + fmt.Sprintf("%v", this.ApparmorProfile) + `,`, + `Spec:` + strings.Replace(fmt.Sprintf("%v", this.Spec), "Any", "google_protobuf.Any", 1) + `,`, `}`, }, "") return s @@ -2304,36 +2165,7 @@ func (m *ExecRequest) Unmarshal(dAtA []byte) error { iNdEx = postIndex case 5: if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field SelinuxLabel", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowShim - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= (uint64(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthShim - } - postIndex := iNdEx + intStringLen - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.SelinuxLabel = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 6: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field User", wireType) + return fmt.Errorf("proto: wrong wireType = %d for field Spec", wireType) } var msglen int for shift := uint(0); ; shift += 7 { @@ -2357,209 +2189,13 @@ func (m *ExecRequest) Unmarshal(dAtA []byte) error { if postIndex > l { return io.ErrUnexpectedEOF } - if m.User == nil { - m.User = &containerd_v1_types1.User{} + if m.Spec == nil { + m.Spec = &google_protobuf.Any{} } - if err := m.User.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + if err := m.Spec.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { return err } iNdEx = postIndex - case 7: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Args", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowShim - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= (uint64(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthShim - } - postIndex := iNdEx + intStringLen - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Args = append(m.Args, string(dAtA[iNdEx:postIndex])) - iNdEx = postIndex - case 8: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Env", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowShim - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= (uint64(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthShim - } - postIndex := iNdEx + intStringLen - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Env = append(m.Env, string(dAtA[iNdEx:postIndex])) - iNdEx = postIndex - case 9: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Cwd", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowShim - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= (uint64(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthShim - } - postIndex := iNdEx + intStringLen - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Cwd = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 10: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Capabilities", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowShim - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= (uint64(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthShim - } - postIndex := iNdEx + intStringLen - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Capabilities = append(m.Capabilities, string(dAtA[iNdEx:postIndex])) - iNdEx = postIndex - case 11: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Rlimits", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowShim - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= (int(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthShim - } - postIndex := iNdEx + msglen - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Rlimits = append(m.Rlimits, &Rlimit{}) - if err := m.Rlimits[len(m.Rlimits)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - case 12: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field NoNewPrivileges", wireType) - } - var v int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowShim - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - v |= (int(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - m.NoNewPrivileges = bool(v != 0) - case 13: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field ApparmorProfile", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowShim - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= (uint64(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthShim - } - postIndex := iNdEx + intStringLen - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.ApparmorProfile = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipShim(dAtA[iNdEx:]) @@ -3411,64 +3047,56 @@ func init() { } var fileDescriptorShim = []byte{ - // 940 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x94, 0x55, 0xcf, 0x6f, 0xe3, 0x44, - 0x14, 0x5e, 0x27, 0xa9, 0xdb, 0xbc, 0xc4, 0xed, 0x32, 0x5a, 0x55, 0xb3, 0x29, 0xca, 0x06, 0xef, - 0x81, 0xb4, 0x08, 0x87, 0xcd, 0x5e, 0x00, 0x09, 0x09, 0x2d, 0x2d, 0x02, 0x54, 0x50, 0x34, 0x15, - 0x27, 0x24, 0x22, 0x27, 0x9e, 0x26, 0x23, 0x6c, 0x8f, 0x99, 0x19, 0xa7, 0xed, 0x8d, 0x33, 0xff, - 0x0f, 0xff, 0x00, 0xa7, 0x3d, 0x72, 0x41, 0xe2, 0x84, 0xd8, 0xfc, 0x25, 0x68, 0x66, 0xec, 0xa4, - 0x81, 0xfc, 0xe8, 0x5e, 0xac, 0x37, 0x9f, 0xbf, 0x37, 0x3f, 0xbe, 0xf7, 0xcd, 0x1b, 0xf8, 0x64, - 0xc2, 0xd4, 0x34, 0x1f, 0x05, 0x63, 0x9e, 0xf4, 0x22, 0x3e, 0xfe, 0x89, 0x8a, 0xde, 0x98, 0xa7, - 0x2a, 0x64, 0x29, 0x15, 0x51, 0x2f, 0xcc, 0x58, 0x4f, 0x52, 0x31, 0x63, 0x63, 0x2a, 0x7b, 0x72, - 0xca, 0x12, 0xf3, 0x09, 0x32, 0xc1, 0x15, 0x47, 0x27, 0x4b, 0x62, 0x30, 0x7b, 0x11, 0x94, 0xbc, - 0x40, 0x53, 0x5a, 0x27, 0x13, 0xce, 0x27, 0x31, 0xed, 0x19, 0xea, 0x28, 0xbf, 0xee, 0xd1, 0x24, - 0x53, 0x77, 0x36, 0xb3, 0xf5, 0x64, 0xc2, 0x27, 0xdc, 0x84, 0x3d, 0x1d, 0x15, 0xe8, 0xc7, 0x3b, - 0xb7, 0xa2, 0xee, 0x32, 0x2a, 0x7b, 0x09, 0xcf, 0x53, 0x65, 0xbf, 0x45, 0xe6, 0xe7, 0x0f, 0xcc, - 0x5c, 0x80, 0xcb, 0xc8, 0xce, 0xe0, 0xff, 0x5a, 0x01, 0xef, 0x0b, 0x41, 0x43, 0x45, 0x09, 0xfd, - 0x39, 0xa7, 0x52, 0xa1, 0x63, 0xa8, 0xb0, 0x08, 0x3b, 0x1d, 0xa7, 0x5b, 0x7f, 0xe5, 0xce, 0xff, - 0x7e, 0x56, 0xf9, 0xfa, 0x9c, 0x54, 0x58, 0x84, 0x8e, 0xc1, 0x1d, 0xe5, 0x69, 0x14, 0x53, 0x5c, - 0xd1, 0xff, 0x48, 0x31, 0x42, 0x18, 0xf6, 0x45, 0x9e, 0x2a, 0x96, 0x50, 0x5c, 0x35, 0x3f, 0xca, - 0x21, 0x7a, 0x0a, 0x07, 0x29, 0x1f, 0x66, 0x6c, 0xc6, 0x15, 0xae, 0x75, 0x9c, 0xee, 0x01, 0xd9, - 0x4f, 0xf9, 0x40, 0x0f, 0x51, 0x0b, 0x0e, 0x14, 0x15, 0x09, 0x4b, 0xc3, 0x18, 0xef, 0x99, 0x5f, - 0x8b, 0x31, 0x7a, 0x02, 0x7b, 0x52, 0x45, 0x2c, 0xc5, 0xae, 0x99, 0xce, 0x0e, 0xf4, 0xf2, 0x52, - 0x45, 0x3c, 0x57, 0x78, 0xdf, 0x2e, 0x6f, 0x47, 0x05, 0x4e, 0x85, 0xc0, 0x07, 0x0b, 0x9c, 0x0a, - 0x81, 0xfa, 0xe0, 0x0a, 0xce, 0xd5, 0xb5, 0xc4, 0xf5, 0x4e, 0xb5, 0xdb, 0xe8, 0xb7, 0x82, 0xd5, - 0xaa, 0x19, 0x61, 0x82, 0x6f, 0xb5, 0x98, 0xa4, 0x60, 0xfa, 0x3e, 0x1c, 0x96, 0x5a, 0xc8, 0x8c, - 0xa7, 0x92, 0xa2, 0xc7, 0x50, 0xcd, 0x0a, 0x35, 0x3c, 0xa2, 0x43, 0xff, 0x10, 0x9a, 0x57, 0x2a, - 0x14, 0xaa, 0x90, 0xcb, 0x7f, 0x0f, 0xbc, 0x73, 0x1a, 0xd3, 0xa5, 0x7e, 0xff, 0x4f, 0x79, 0x01, - 0x87, 0x25, 0xa5, 0x98, 0xf6, 0x19, 0x34, 0xe8, 0x2d, 0x53, 0x43, 0xa9, 0x42, 0x95, 0xcb, 0x82, - 0x0b, 0x1a, 0xba, 0x32, 0x88, 0xff, 0x5b, 0x15, 0x1a, 0x17, 0xb7, 0x74, 0x5c, 0x4e, 0x7a, 0x5f, - 0x2f, 0x67, 0x93, 0x5e, 0x95, 0xf5, 0x7a, 0x55, 0x37, 0xe8, 0x55, 0x5b, 0xd1, 0xeb, 0x39, 0x78, - 0x92, 0xc6, 0x2c, 0xcd, 0x6f, 0x87, 0x71, 0x38, 0xa2, 0xb6, 0x2c, 0x75, 0xd2, 0x2c, 0xc0, 0x4b, - 0x8d, 0xa1, 0x0f, 0xa1, 0x96, 0x4b, 0x2a, 0x4c, 0x65, 0x1a, 0xfd, 0xa7, 0x6b, 0x25, 0xfd, 0x5e, - 0x52, 0x41, 0x0c, 0x0d, 0x21, 0xa8, 0x85, 0x62, 0x22, 0xf1, 0x7e, 0xa7, 0xda, 0xad, 0x13, 0x13, - 0x6b, 0x79, 0x68, 0x3a, 0xc3, 0x07, 0x06, 0xd2, 0xa1, 0x46, 0xc6, 0x37, 0x11, 0xae, 0x9b, 0xf5, - 0x74, 0x88, 0x7c, 0x68, 0x8e, 0xc3, 0x2c, 0x1c, 0xb1, 0x98, 0x29, 0x46, 0x25, 0x06, 0x43, 0x5e, - 0xc1, 0xd0, 0x67, 0xb0, 0x2f, 0x62, 0x96, 0x30, 0x25, 0x71, 0xc3, 0x14, 0xf8, 0x79, 0xb0, 0xe5, - 0x5a, 0x06, 0xc4, 0x70, 0x49, 0x99, 0x83, 0xce, 0xe0, 0x9d, 0x94, 0x0f, 0x53, 0x7a, 0x33, 0xcc, - 0x04, 0x9b, 0xb1, 0x98, 0x4e, 0xa8, 0xc4, 0x4d, 0xa3, 0xec, 0x51, 0xca, 0xbf, 0xa3, 0x37, 0x83, - 0x05, 0x8c, 0x4e, 0xe1, 0x71, 0x98, 0x65, 0xa1, 0x48, 0xb8, 0x18, 0x66, 0x82, 0x5f, 0xb3, 0x98, - 0x62, 0xcf, 0xec, 0xf6, 0xa8, 0xc4, 0x07, 0x16, 0xf6, 0xcf, 0xc1, 0xb5, 0x2b, 0xe9, 0xb3, 0x6b, - 0x3d, 0xec, 0x45, 0x22, 0x26, 0xd6, 0xd8, 0x34, 0x14, 0x91, 0x29, 0x54, 0x8d, 0x98, 0x58, 0x63, - 0x92, 0x5f, 0xdb, 0x2a, 0xd5, 0x88, 0x89, 0xfd, 0x0e, 0x34, 0x6d, 0xf1, 0x37, 0xba, 0xf0, 0x12, - 0x60, 0xa0, 0xee, 0x36, 0x5a, 0x4e, 0x7b, 0xe2, 0x86, 0x45, 0x6a, 0x6a, 0x96, 0xf2, 0x88, 0x1d, - 0xe8, 0xda, 0x4f, 0x29, 0x9b, 0x4c, 0xed, 0x6a, 0x1e, 0x29, 0x46, 0xfe, 0x11, 0x78, 0x17, 0x33, - 0x9a, 0x2a, 0x59, 0x9a, 0xda, 0x9a, 0x7c, 0xe1, 0x69, 0xff, 0x77, 0x07, 0xbc, 0x02, 0x28, 0xb6, - 0xf4, 0xb6, 0x5d, 0xa2, 0xd8, 0x62, 0x75, 0xb9, 0xc5, 0x97, 0xda, 0x88, 0xc6, 0xfe, 0xda, 0x88, - 0x87, 0xfd, 0x93, 0xb5, 0x6e, 0xb2, 0xf7, 0x81, 0x14, 0x54, 0xf4, 0x29, 0xd4, 0x33, 0xc1, 0xc7, - 0x54, 0x4a, 0x2a, 0xf1, 0x9e, 0xa9, 0xfb, 0xbb, 0x6b, 0xf3, 0x06, 0x96, 0x45, 0x96, 0x74, 0x7d, - 0xa8, 0x41, 0x98, 0xcb, 0xc5, 0xa1, 0x8e, 0xc0, 0x23, 0x54, 0xe6, 0xc9, 0x02, 0xf0, 0xf4, 0x9d, - 0x63, 0xe5, 0xcd, 0xee, 0xff, 0xe9, 0x42, 0xed, 0x6a, 0xca, 0x12, 0x14, 0x82, 0x6b, 0xdb, 0x02, - 0x3a, 0xdb, 0xea, 0xb1, 0x95, 0x3e, 0xda, 0xfa, 0xe0, 0x41, 0xdc, 0x42, 0xce, 0x6f, 0x60, 0xcf, - 0x74, 0x15, 0x74, 0xba, 0x35, 0xeb, 0x7e, 0xe7, 0x69, 0x1d, 0x07, 0xf6, 0xa9, 0x09, 0xca, 0xa7, - 0x26, 0xb8, 0xd0, 0x4f, 0x8d, 0xde, 0xae, 0x6d, 0x37, 0x3b, 0xb6, 0xbb, 0xd2, 0xb6, 0x76, 0x6c, - 0xf7, 0x3f, 0xfd, 0xeb, 0x07, 0xa8, 0x69, 0x83, 0xa2, 0xee, 0xd6, 0xa4, 0x7b, 0x0d, 0xac, 0x75, - 0xfa, 0x00, 0x66, 0x31, 0xf9, 0x97, 0x50, 0x1d, 0xa8, 0x3b, 0xf4, 0xfe, 0xd6, 0x8c, 0xa5, 0xfb, - 0x37, 0xea, 0x40, 0xc0, 0xb5, 0xae, 0xde, 0xa1, 0xc3, 0x8a, 0xf5, 0x5b, 0xeb, 0xdf, 0x09, 0xc3, - 0xf9, 0xc8, 0x41, 0x3f, 0x9a, 0x3a, 0x29, 0xba, 0xbb, 0x4e, 0x4b, 0x65, 0xcf, 0x1e, 0x42, 0x5d, - 0xfa, 0xc0, 0x78, 0x74, 0xc7, 0xfc, 0xf7, 0x7d, 0xbc, 0xf1, 0xfc, 0x97, 0xe0, 0x5a, 0x7f, 0xef, - 0x38, 0xff, 0xca, 0x25, 0xd8, 0x38, 0xdb, 0x57, 0xba, 0xe4, 0x4c, 0xed, 0x2c, 0x39, 0xdb, 0xe5, - 0xcf, 0x57, 0xf8, 0xf5, 0x9b, 0xf6, 0xa3, 0xbf, 0xde, 0xb4, 0x1f, 0xfd, 0x32, 0x6f, 0x3b, 0xaf, - 0xe7, 0x6d, 0xe7, 0x8f, 0x79, 0xdb, 0xf9, 0x67, 0xde, 0x76, 0x46, 0xae, 0x61, 0xbe, 0xfc, 0x37, - 0x00, 0x00, 0xff, 0xff, 0x76, 0x3b, 0x6e, 0x21, 0x9c, 0x09, 0x00, 0x00, + // 804 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x94, 0x54, 0x4f, 0x8f, 0xdb, 0x44, + 0x14, 0xaf, 0x13, 0xaf, 0x77, 0xf7, 0xa5, 0x4e, 0xd1, 0x68, 0xb5, 0x72, 0xbd, 0x28, 0x0d, 0xbe, + 0x90, 0x16, 0xc9, 0xa6, 0xe9, 0x05, 0x38, 0x41, 0xd9, 0x45, 0x80, 0x8a, 0x14, 0xcd, 0x1e, 0x91, + 0xa8, 0x9c, 0x78, 0x36, 0x19, 0x11, 0x7b, 0x8c, 0x67, 0x1c, 0x9a, 0x1b, 0x67, 0xbe, 0x01, 0x5f, + 0x87, 0x53, 0x8f, 0x5c, 0x90, 0x38, 0x21, 0x9a, 0x4f, 0x82, 0xe6, 0x8f, 0xe3, 0xa4, 0x4d, 0xe2, + 0xf4, 0x62, 0xcd, 0x7b, 0xf3, 0x7b, 0xcf, 0xef, 0xfd, 0xde, 0xef, 0x0d, 0x7c, 0x3e, 0xa5, 0x62, + 0x56, 0x8e, 0xc3, 0x09, 0x4b, 0xa3, 0x84, 0x4d, 0x7e, 0x26, 0x45, 0x34, 0x61, 0x99, 0x88, 0x69, + 0x46, 0x8a, 0x24, 0x8a, 0x73, 0x1a, 0x71, 0x52, 0x2c, 0xe8, 0x84, 0xf0, 0x88, 0xcf, 0x68, 0xaa, + 0x3e, 0x61, 0x5e, 0x30, 0xc1, 0xd0, 0x55, 0x0d, 0x0c, 0x17, 0x4f, 0xc3, 0x0a, 0x17, 0x4a, 0x88, + 0xff, 0x70, 0xca, 0xd8, 0x74, 0x4e, 0x22, 0x05, 0x1d, 0x97, 0x77, 0x51, 0x9c, 0x2d, 0x75, 0x9c, + 0x7f, 0xf5, 0xf6, 0x15, 0x49, 0x73, 0x51, 0x5d, 0x5e, 0x4c, 0xd9, 0x94, 0xa9, 0x63, 0x24, 0x4f, + 0xc6, 0xfb, 0x59, 0x63, 0x95, 0x62, 0x99, 0x13, 0x1e, 0xa5, 0xac, 0xcc, 0x84, 0xfe, 0x9a, 0xc8, + 0x2f, 0x8f, 0x8c, 0x5c, 0x3b, 0xeb, 0x93, 0xce, 0x10, 0xfc, 0xde, 0x02, 0xf7, 0xeb, 0x82, 0xc4, + 0x82, 0x60, 0xf2, 0x4b, 0x49, 0xb8, 0x40, 0x97, 0xd0, 0xa2, 0x89, 0x67, 0xf5, 0xad, 0xc1, 0xf9, + 0x73, 0x67, 0xf5, 0xef, 0xa3, 0xd6, 0x77, 0xd7, 0xb8, 0x45, 0x13, 0x74, 0x09, 0xce, 0xb8, 0xcc, + 0x92, 0x39, 0xf1, 0x5a, 0xf2, 0x0e, 0x1b, 0x0b, 0x79, 0x70, 0x5a, 0x94, 0x99, 0xa0, 0x29, 0xf1, + 0xda, 0xea, 0xa2, 0x32, 0xd1, 0x43, 0x38, 0xcb, 0xd8, 0xcb, 0x9c, 0x2e, 0x98, 0xf0, 0xec, 0xbe, + 0x35, 0x38, 0xc3, 0xa7, 0x19, 0x1b, 0x49, 0x13, 0xf9, 0x70, 0x26, 0x48, 0x91, 0xd2, 0x2c, 0x9e, + 0x7b, 0x27, 0xea, 0x6a, 0x6d, 0xa3, 0x0b, 0x38, 0xe1, 0x22, 0xa1, 0x99, 0xe7, 0xa8, 0x74, 0xda, + 0x90, 0xbf, 0xe7, 0x22, 0x61, 0xa5, 0xf0, 0x4e, 0xf5, 0xef, 0xb5, 0x65, 0xfc, 0xa4, 0x28, 0xbc, + 0xb3, 0xb5, 0x9f, 0x14, 0x05, 0x1a, 0x82, 0x53, 0x30, 0x26, 0xee, 0xb8, 0x77, 0xde, 0x6f, 0x0f, + 0x3a, 0x43, 0x3f, 0xdc, 0x1e, 0xa8, 0x22, 0x26, 0xfc, 0x41, 0x92, 0x89, 0x0d, 0x32, 0x08, 0xa0, + 0x5b, 0x71, 0xc1, 0x73, 0x96, 0x71, 0x82, 0x3e, 0x80, 0x76, 0x6e, 0xd8, 0x70, 0xb1, 0x3c, 0x06, + 0x5d, 0xb8, 0x7f, 0x2b, 0xe2, 0x42, 0x18, 0xba, 0x82, 0x8f, 0xc0, 0xbd, 0x26, 0x73, 0x52, 0xf3, + 0xf7, 0x6e, 0xc8, 0x53, 0xe8, 0x56, 0x10, 0x93, 0xf6, 0x11, 0x74, 0xc8, 0x2b, 0x2a, 0x5e, 0x72, + 0x11, 0x8b, 0x92, 0x1b, 0x2c, 0x48, 0xd7, 0xad, 0xf2, 0x04, 0x7f, 0x58, 0xd0, 0xb9, 0x79, 0x45, + 0x26, 0x55, 0xd2, 0x4d, 0xbe, 0xac, 0x7d, 0x7c, 0xb5, 0x76, 0xf3, 0xd5, 0xde, 0xc3, 0x97, 0xbd, + 0xc5, 0xd7, 0x00, 0x6c, 0x9e, 0x93, 0x89, 0x9a, 0x46, 0x67, 0x78, 0x11, 0x6a, 0x19, 0x87, 0x95, + 0x8c, 0xc3, 0xaf, 0xb2, 0x25, 0x56, 0x88, 0xe0, 0x1a, 0x1c, 0x3c, 0xa7, 0x29, 0x15, 0x08, 0x81, + 0x2d, 0x69, 0xd4, 0x62, 0xc1, 0xea, 0x2c, 0x7d, 0xb3, 0xb8, 0x48, 0x54, 0x31, 0x36, 0x56, 0x67, + 0xe9, 0xe3, 0xec, 0x4e, 0x57, 0x62, 0x63, 0x75, 0x0e, 0xfa, 0x70, 0x5f, 0x37, 0xb8, 0x97, 0xe9, + 0x17, 0x00, 0x23, 0xb1, 0xdc, 0x4b, 0xab, 0xec, 0xfb, 0x57, 0x9a, 0x88, 0x99, 0xfa, 0x95, 0x8b, + 0xb5, 0x21, 0xfb, 0x9b, 0x11, 0x3a, 0x9d, 0xe9, 0xbf, 0xb9, 0xd8, 0x58, 0xc1, 0x03, 0x70, 0x6f, + 0x16, 0x24, 0x13, 0xbc, 0x1a, 0x9c, 0x1e, 0xe4, 0x7a, 0x6e, 0xc1, 0x9f, 0x16, 0xb8, 0xc6, 0x61, + 0x4a, 0x7a, 0xdf, 0x4d, 0x30, 0x25, 0xb6, 0xeb, 0x12, 0x9f, 0x49, 0xb2, 0xd5, 0x88, 0x25, 0xd9, + 0xdd, 0xe1, 0xd5, 0x4e, 0x11, 0xea, 0x99, 0x63, 0x03, 0x45, 0x5f, 0xc0, 0x79, 0x5e, 0xb0, 0x09, + 0xe1, 0x9c, 0x70, 0xef, 0x44, 0x89, 0xf7, 0xc3, 0x9d, 0x71, 0x23, 0x8d, 0xc2, 0x35, 0x5c, 0x36, + 0x35, 0x8a, 0x4b, 0xbe, 0x6e, 0xea, 0x01, 0xb8, 0x98, 0xf0, 0x32, 0x5d, 0x3b, 0x5c, 0xa9, 0x2b, + 0x5a, 0xa9, 0x77, 0xf8, 0xb7, 0x03, 0xf6, 0xed, 0x8c, 0xa6, 0x28, 0x06, 0x47, 0x4b, 0x1f, 0x3d, + 0x09, 0x0f, 0xbc, 0x7c, 0xe1, 0xd6, 0x5b, 0xe1, 0x7f, 0x72, 0x14, 0xd6, 0xd0, 0xf9, 0x3d, 0x9c, + 0xa8, 0xcd, 0x41, 0x8f, 0x0f, 0x46, 0x6d, 0x6e, 0x97, 0x7f, 0xf9, 0x8e, 0x0e, 0x6f, 0xe4, 0x73, + 0x2a, 0xcb, 0xd5, 0x2b, 0xd5, 0x50, 0xee, 0xd6, 0x6a, 0x36, 0x94, 0xfb, 0xd6, 0x8e, 0xfe, 0x08, + 0xb6, 0x14, 0x28, 0x1a, 0x1c, 0x0c, 0xda, 0x58, 0x52, 0xff, 0xf1, 0x11, 0x48, 0x93, 0xfc, 0x1b, + 0x68, 0x8f, 0xc4, 0x12, 0x7d, 0x7c, 0x30, 0xa2, 0x56, 0xff, 0x5e, 0x1e, 0x30, 0x38, 0x5a, 0xd5, + 0x0d, 0x3c, 0x6c, 0x49, 0xdf, 0xdf, 0xfd, 0x16, 0x2a, 0xcc, 0xa7, 0x16, 0xfa, 0x49, 0xcd, 0x49, + 0x90, 0xe6, 0x39, 0xd5, 0xcc, 0x3e, 0x39, 0x06, 0x5a, 0xeb, 0x40, 0x69, 0xb4, 0x21, 0xff, 0xa6, + 0x8e, 0xf7, 0xf6, 0xff, 0x02, 0x1c, 0xad, 0xef, 0x86, 0xfe, 0xb7, 0x96, 0x60, 0x6f, 0xb6, 0x6f, + 0xe5, 0xc8, 0xa9, 0x68, 0x1c, 0x39, 0x6d, 0xd2, 0xe7, 0x73, 0xef, 0xf5, 0x9b, 0xde, 0xbd, 0x7f, + 0xde, 0xf4, 0xee, 0xfd, 0xb6, 0xea, 0x59, 0xaf, 0x57, 0x3d, 0xeb, 0xaf, 0x55, 0xcf, 0xfa, 0x6f, + 0xd5, 0xb3, 0xc6, 0x8e, 0x42, 0x3e, 0xfb, 0x3f, 0x00, 0x00, 0xff, 0xff, 0x83, 0x97, 0x53, 0x90, + 0x9b, 0x08, 0x00, 0x00, } diff --git a/api/services/shim/shim.proto b/api/services/shim/shim.proto index d3f9ee7..255e6e8 100644 --- a/api/services/shim/shim.proto +++ b/api/services/shim/shim.proto @@ -2,6 +2,7 @@ syntax = "proto3"; package containerd.v1.services.shim; +import "google/protobuf/any.proto"; import "google/protobuf/empty.proto"; import "gogoproto/gogo.proto"; import "github.com/docker/containerd/api/types/mount/mount.proto"; @@ -52,15 +53,7 @@ message ExecRequest { string stdin = 2; string stdout = 3; string stderr = 4; - string selinux_label = 5; - containerd.v1.types.User user = 6; - repeated string args = 7; - repeated string env = 8; - string cwd = 9; - repeated string capabilities = 10; - repeated Rlimit rlimits = 11; - bool no_new_privileges = 12; - string apparmor_profile = 13; + google.protobuf.Any spec = 5; } message Rlimit { diff --git a/cmd/ctr/shim.go b/cmd/ctr/shim.go index 76c5bf7..23ca1c1 100644 --- a/cmd/ctr/shim.go +++ b/cmd/ctr/shim.go @@ -19,8 +19,10 @@ import ( "github.com/Sirupsen/logrus" "github.com/crosbymichael/console" "github.com/docker/containerd/api/services/shim" - "github.com/urfave/cli" + protobuf "github.com/gogo/protobuf/types" + "github.com/opencontainers/runtime-spec/specs-go" "github.com/pkg/errors" + "github.com/urfave/cli" ) var fifoFlags = []cli.Flag{ @@ -214,10 +216,18 @@ var shimExecCommand = cli.Command{ if err != nil { return err } + + // read spec file and extract Any object + spec, err := ioutil.ReadFile(context.String("spec")) + if err != nil { + return err + } + rq := &shim.ExecRequest{ - Args: []string(context.Args()), - Env: context.StringSlice("env"), - Cwd: context.String("cwd"), + Spec: &protobuf.Any{ + TypeUrl: specs.Version, + Value: spec, + }, Stdin: context.String("stdin"), Stdout: context.String("stdout"), Stderr: context.String("stderr"), diff --git a/linux/shim/exec.go b/linux/shim/exec.go index 62e0a2a..0a94ce1 100644 --- a/linux/shim/exec.go +++ b/linux/shim/exec.go @@ -2,6 +2,7 @@ package shim import ( "context" + "encoding/json" "fmt" "os" "path/filepath" @@ -57,7 +58,15 @@ func newExecProcess(context context.Context, r *shimapi.ExecRequest, parent *ini IO: io, Detach: true, } - if err := parent.runc.Exec(context, parent.id, processFromRequest(r), opts); err != nil { + + // process exec request + var spec specs.Process + if err := json.Unmarshal(r.Spec.Value, &spec); err != nil { + return nil, err + } + spec.Terminal = r.Terminal + + if err := parent.runc.Exec(context, parent.id, spec, opts); err != nil { return nil, err } if socket != nil { @@ -82,27 +91,6 @@ func newExecProcess(context context.Context, r *shimapi.ExecRequest, parent *ini return e, nil } -func processFromRequest(r *shimapi.ExecRequest) specs.Process { - var user specs.User - if r.User != nil { - user.UID = r.User.Uid - user.GID = r.User.Gid - user.AdditionalGids = r.User.AdditionalGids - } - return specs.Process{ - Terminal: r.Terminal, - User: user, - Rlimits: rlimits(r.Rlimits), - Args: r.Args, - Env: r.Env, - Cwd: r.Cwd, - Capabilities: r.Capabilities, - NoNewPrivileges: r.NoNewPrivileges, - ApparmorProfile: r.ApparmorProfile, - SelinuxLabel: r.SelinuxLabel, - } -} - func rlimits(rr []*shimapi.Rlimit) (o []specs.LinuxRlimit) { for _, r := range rr { o = append(o, specs.LinuxRlimit{