From 8040df4e89c053fc6d3a1896cbcd8c59b0367a6b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kenfe-Micka=C3=ABl=20Laventure?= Date: Thu, 9 Jun 2016 13:33:26 -0700 Subject: [PATCH] New oom sync (#257) * Vendor in runc afaa21f79ade3b2e99a68f3f15e7219155aa4662 This updates the Dockerfile to use go 1.6.2 and install pkg-config are both are now needed by runc. Signed-off-by: Kenfe-Mickael Laventure * Add support for runc create/start operation Signed-off-by: Kenfe-Mickael Laventure * Remove dependency on runc state directory for OOM handler Signed-off-by: Kenfe-Mickael Laventure * Add OOM test Signed-off-by: Kenfe-Mickael Laventure --- Dockerfile | 5 +- containerd-shim/main.go | 9 +- containerd-shim/process.go | 25 +- hack/vendor.sh | 2 +- integration-test/container_utils_test.go | 16 + integration-test/start_test.go | 71 +- runtime/container.go | 10 +- runtime/container_linux.go | 85 +- runtime/process.go | 13 + supervisor/sort_test.go | 4 + supervisor/worker.go | 3 + .../github.com/coreos/go-systemd/dbus/dbus.go | 198 --- .../coreos/go-systemd/dbus/methods.go | 442 ------ .../coreos/go-systemd/dbus/properties.go | 218 --- .../github.com/coreos/go-systemd/dbus/set.go | 47 - .../coreos/go-systemd/dbus/subscription.go | 250 ---- .../go-systemd/dbus/subscription_set.go | 57 - .../github.com/coreos/go-systemd/util/util.go | 270 ---- .../docker/docker/pkg/mount/flags.go | 92 -- .../docker/docker/pkg/mount/flags_freebsd.go | 48 - .../docker/docker/pkg/mount/flags_linux.go | 85 -- .../docker/pkg/mount/flags_unsupported.go | 30 - .../docker/docker/pkg/mount/mount.go | 74 - .../docker/pkg/mount/mounter_freebsd.go | 59 - .../docker/docker/pkg/mount/mounter_linux.go | 21 - .../docker/pkg/mount/mounter_unsupported.go | 11 - .../docker/docker/pkg/mount/mountinfo.go | 40 - .../docker/pkg/mount/mountinfo_freebsd.go | 41 - .../docker/pkg/mount/mountinfo_linux.go | 95 -- .../docker/pkg/mount/mountinfo_unsupported.go | 12 - .../docker/pkg/mount/mountinfo_windows.go | 6 - .../docker/pkg/mount/sharedsubtree_linux.go | 69 - .../docker/docker/pkg/symlink/README.md | 6 - .../docker/docker/pkg/symlink/fs.go | 143 -- .../docker/docker/pkg/symlink/fs_unix.go | 11 - .../docker/docker/pkg/symlink/fs_windows.go | 155 --- .../docker/go-units/CONTRIBUTING.md | 67 - .../github.com/docker/go-units/MAINTAINERS | 27 - .../src/github.com/docker/go-units/README.md | 18 - .../src/github.com/docker/go-units/circle.yml | 11 - .../github.com/docker/go-units/duration.go | 33 - vendor/src/github.com/docker/go-units/size.go | 95 -- .../src/github.com/docker/go-units/ulimit.go | 118 -- .../github.com/godbus/dbus/CONTRIBUTING.md | 50 - vendor/src/github.com/godbus/dbus/MAINTAINERS | 2 - .../github.com/godbus/dbus/README.markdown | 41 - vendor/src/github.com/godbus/dbus/auth.go | 253 ---- .../github.com/godbus/dbus/auth_external.go | 26 - .../src/github.com/godbus/dbus/auth_sha1.go | 102 -- vendor/src/github.com/godbus/dbus/call.go | 36 - vendor/src/github.com/godbus/dbus/conn.go | 636 --------- .../src/github.com/godbus/dbus/conn_darwin.go | 21 - .../src/github.com/godbus/dbus/conn_other.go | 27 - vendor/src/github.com/godbus/dbus/dbus.go | 258 ---- vendor/src/github.com/godbus/dbus/decoder.go | 228 --- vendor/src/github.com/godbus/dbus/doc.go | 63 - vendor/src/github.com/godbus/dbus/encoder.go | 208 --- vendor/src/github.com/godbus/dbus/export.go | 468 ------- vendor/src/github.com/godbus/dbus/homedir.go | 28 - .../github.com/godbus/dbus/homedir_dynamic.go | 15 - .../github.com/godbus/dbus/homedir_static.go | 45 - vendor/src/github.com/godbus/dbus/message.go | 346 ----- vendor/src/github.com/godbus/dbus/object.go | 136 -- vendor/src/github.com/godbus/dbus/sig.go | 257 ---- .../godbus/dbus/transport_darwin.go | 6 - .../godbus/dbus/transport_generic.go | 35 - .../github.com/godbus/dbus/transport_unix.go | 196 --- .../dbus/transport_unixcred_dragonfly.go | 95 -- .../godbus/dbus/transport_unixcred_linux.go | 25 - vendor/src/github.com/godbus/dbus/variant.go | 139 -- .../github.com/godbus/dbus/variant_lexer.go | 284 ---- .../github.com/godbus/dbus/variant_parser.go | 817 ----------- .../runc/libcontainer/README.md | 241 ---- .../opencontainers/runc/libcontainer/SPEC.md | 335 ----- .../runc/libcontainer/apparmor/apparmor.go | 39 - .../apparmor/apparmor_disabled.go | 20 - .../runc/libcontainer/capabilities_linux.go | 69 - .../runc/libcontainer/cgroups/cgroups.go | 64 - .../cgroups/cgroups_unsupported.go | 3 - .../runc/libcontainer/cgroups/fs/apply_raw.go | 400 ------ .../runc/libcontainer/cgroups/fs/blkio.go | 237 ---- .../runc/libcontainer/cgroups/fs/cpu.go | 94 -- .../runc/libcontainer/cgroups/fs/cpuacct.go | 121 -- .../runc/libcontainer/cgroups/fs/cpuset.go | 139 -- .../runc/libcontainer/cgroups/fs/devices.go | 78 -- .../runc/libcontainer/cgroups/fs/freezer.go | 61 - .../libcontainer/cgroups/fs/fs_unsupported.go | 3 - .../runc/libcontainer/cgroups/fs/hugetlb.go | 71 - .../runc/libcontainer/cgroups/fs/memory.go | 290 ---- .../runc/libcontainer/cgroups/fs/name.go | 40 - .../runc/libcontainer/cgroups/fs/net_cls.go | 41 - .../runc/libcontainer/cgroups/fs/net_prio.go | 41 - .../libcontainer/cgroups/fs/perf_event.go | 35 - .../runc/libcontainer/cgroups/fs/pids.go | 73 - .../runc/libcontainer/cgroups/fs/utils.go | 79 -- .../runc/libcontainer/cgroups/stats.go | 106 -- .../cgroups/systemd/apply_nosystemd.go | 55 - .../cgroups/systemd/apply_systemd.go | 471 ------- .../runc/libcontainer/cgroups/utils.go | 397 ------ .../runc/libcontainer/compat_1.5_linux.go | 10 - .../runc/libcontainer/configs/blkio_device.go | 61 - .../runc/libcontainer/configs/cgroup_unix.go | 124 -- .../configs/cgroup_unsupported.go | 6 - .../libcontainer/configs/cgroup_windows.go | 6 - .../runc/libcontainer/configs/config.go | 328 ----- .../runc/libcontainer/configs/config_unix.go | 51 - .../runc/libcontainer/configs/device.go | 57 - .../libcontainer/configs/device_defaults.go | 125 -- .../libcontainer/configs/hugepage_limit.go | 9 - .../configs/interface_priority_map.go | 14 - .../runc/libcontainer/configs/mount.go | 30 - .../runc/libcontainer/configs/namespaces.go | 5 - .../configs/namespaces_syscall.go | 31 - .../configs/namespaces_syscall_unsupported.go | 15 - .../libcontainer/configs/namespaces_unix.go | 127 -- .../configs/namespaces_unsupported.go | 8 - .../runc/libcontainer/configs/network.go | 72 - .../configs/validate/validator.go | 138 -- .../runc/libcontainer/console.go | 15 - .../runc/libcontainer/console_freebsd.go | 13 - .../runc/libcontainer/console_linux.go | 145 -- .../runc/libcontainer/console_solaris.go | 11 - .../runc/libcontainer/console_windows.go | 30 - .../runc/libcontainer/container.go | 144 -- .../runc/libcontainer/container_linux.go | 1228 ----------------- .../runc/libcontainer/container_solaris.go | 20 - .../runc/libcontainer/container_windows.go | 20 - .../runc/libcontainer/criu_opts_unix.go | 37 - .../runc/libcontainer/criu_opts_windows.go | 6 - .../runc/libcontainer/criurpc/Makefile | 2 - .../runc/libcontainer/criurpc/criurpc.pb.go | 822 ----------- .../runc/libcontainer/criurpc/criurpc.proto | 174 --- .../opencontainers/runc/libcontainer/error.go | 70 - .../runc/libcontainer/factory.go | 45 - .../runc/libcontainer/factory_linux.go | 290 ---- .../runc/libcontainer/generic_error.go | 109 -- .../runc/libcontainer/init_linux.go | 367 ----- .../runc/libcontainer/keys/keyctl.go | 66 - .../runc/libcontainer/label/label.go | 80 -- .../runc/libcontainer/label/label_selinux.go | 197 --- .../runc/libcontainer/message_linux.go | 89 -- .../runc/libcontainer/network_linux.go | 259 ---- .../runc/libcontainer/notify_linux.go | 89 -- .../runc/libcontainer/process.go | 121 -- .../runc/libcontainer/process_linux.go | 487 ------- .../runc/libcontainer/restored_process.go | 122 -- .../runc/libcontainer/rootfs_linux.go | 736 ---------- .../runc/libcontainer/seccomp/config.go | 71 - .../libcontainer/seccomp/seccomp_linux.go | 229 --- .../seccomp/seccomp_unsupported.go | 24 - .../runc/libcontainer/selinux/selinux.go | 499 ------- .../runc/libcontainer/setgroups_linux.go | 11 - .../runc/libcontainer/setns_init_linux.go | 53 - .../runc/libcontainer/stacktrace/capture.go | 27 - .../runc/libcontainer/stacktrace/frame.go | 38 - .../libcontainer/stacktrace/stacktrace.go | 5 - .../runc/libcontainer/standard_init_linux.go | 155 --- .../runc/libcontainer/state_linux.go | 228 --- .../opencontainers/runc/libcontainer/stats.go | 15 - .../runc/libcontainer/stats_freebsd.go | 5 - .../runc/libcontainer/stats_linux.go | 8 - .../runc/libcontainer/stats_solaris.go | 7 - .../runc/libcontainer/stats_windows.go | 5 - .../runc/libcontainer/system/sysconfig.go | 17 +- .../runc/libcontainer/utils/utils.go | 102 -- .../runc/libcontainer/utils/utils_unix.go | 33 - .../seccomp/libseccomp-golang/README | 26 - .../seccomp/libseccomp-golang/seccomp.go | 827 ----------- .../libseccomp-golang/seccomp_internal.go | 461 ------- .../gocapability/capability/capability.go | 72 - .../capability/capability_linux.go | 608 -------- .../capability/capability_noop.go | 19 - .../syndtr/gocapability/capability/enum.go | 264 ---- .../gocapability/capability/enum_gen.go | 129 -- .../gocapability/capability/syscall_linux.go | 145 -- .../vishvananda/netlink/.travis.yml | 8 - .../github.com/vishvananda/netlink/Makefile | 29 - .../github.com/vishvananda/netlink/README.md | 89 -- .../github.com/vishvananda/netlink/addr.go | 45 - .../vishvananda/netlink/addr_linux.go | 209 --- .../vishvananda/netlink/bpf_linux.go | 60 - .../github.com/vishvananda/netlink/class.go | 111 -- .../vishvananda/netlink/class_linux.go | 186 --- .../github.com/vishvananda/netlink/filter.go | 190 --- .../vishvananda/netlink/filter_linux.go | 424 ------ .../github.com/vishvananda/netlink/link.go | 560 -------- .../vishvananda/netlink/link_linux.go | 1213 ---------------- .../vishvananda/netlink/link_tuntap_linux.go | 14 - .../github.com/vishvananda/netlink/neigh.go | 22 - .../vishvananda/netlink/neigh_linux.go | 190 --- .../github.com/vishvananda/netlink/netlink.go | 42 - .../netlink/netlink_unspecified.go | 143 -- .../vishvananda/netlink/nl/addr_linux.go | 47 - .../vishvananda/netlink/nl/link_linux.go | 396 ------ .../vishvananda/netlink/nl/nl_linux.go | 424 ------ .../vishvananda/netlink/nl/route_linux.go | 42 - .../vishvananda/netlink/nl/syscall.go | 37 - .../vishvananda/netlink/nl/tc_linux.go | 686 --------- .../vishvananda/netlink/nl/xfrm_linux.go | 258 ---- .../netlink/nl/xfrm_policy_linux.go | 119 -- .../netlink/nl/xfrm_state_linux.go | 221 --- .../vishvananda/netlink/protinfo.go | 53 - .../vishvananda/netlink/protinfo_linux.go | 60 - .../github.com/vishvananda/netlink/qdisc.go | 295 ---- .../vishvananda/netlink/qdisc_linux.go | 415 ------ .../github.com/vishvananda/netlink/route.go | 80 -- .../vishvananda/netlink/route_linux.go | 328 ----- .../github.com/vishvananda/netlink/rule.go | 43 - .../vishvananda/netlink/rule_linux.go | 198 --- .../github.com/vishvananda/netlink/xfrm.go | 64 - .../vishvananda/netlink/xfrm_policy.go | 59 - .../vishvananda/netlink/xfrm_policy_linux.go | 127 -- .../vishvananda/netlink/xfrm_state.go | 53 - .../vishvananda/netlink/xfrm_state_linux.go | 178 --- 214 files changed, 215 insertions(+), 30135 deletions(-) delete mode 100644 vendor/src/github.com/coreos/go-systemd/dbus/dbus.go delete mode 100644 vendor/src/github.com/coreos/go-systemd/dbus/methods.go delete mode 100644 vendor/src/github.com/coreos/go-systemd/dbus/properties.go delete mode 100644 vendor/src/github.com/coreos/go-systemd/dbus/set.go delete mode 100644 vendor/src/github.com/coreos/go-systemd/dbus/subscription.go delete mode 100644 vendor/src/github.com/coreos/go-systemd/dbus/subscription_set.go delete mode 100644 vendor/src/github.com/coreos/go-systemd/util/util.go delete mode 100644 vendor/src/github.com/docker/docker/pkg/mount/flags.go delete mode 100644 vendor/src/github.com/docker/docker/pkg/mount/flags_freebsd.go delete mode 100644 vendor/src/github.com/docker/docker/pkg/mount/flags_linux.go delete mode 100644 vendor/src/github.com/docker/docker/pkg/mount/flags_unsupported.go delete mode 100644 vendor/src/github.com/docker/docker/pkg/mount/mount.go delete mode 100644 vendor/src/github.com/docker/docker/pkg/mount/mounter_freebsd.go delete mode 100644 vendor/src/github.com/docker/docker/pkg/mount/mounter_linux.go delete mode 100644 vendor/src/github.com/docker/docker/pkg/mount/mounter_unsupported.go delete mode 100644 vendor/src/github.com/docker/docker/pkg/mount/mountinfo.go delete mode 100644 vendor/src/github.com/docker/docker/pkg/mount/mountinfo_freebsd.go delete mode 100644 vendor/src/github.com/docker/docker/pkg/mount/mountinfo_linux.go delete mode 100644 vendor/src/github.com/docker/docker/pkg/mount/mountinfo_unsupported.go delete mode 100644 vendor/src/github.com/docker/docker/pkg/mount/mountinfo_windows.go delete mode 100644 vendor/src/github.com/docker/docker/pkg/mount/sharedsubtree_linux.go delete mode 100644 vendor/src/github.com/docker/docker/pkg/symlink/README.md delete mode 100644 vendor/src/github.com/docker/docker/pkg/symlink/fs.go delete mode 100644 vendor/src/github.com/docker/docker/pkg/symlink/fs_unix.go delete mode 100644 vendor/src/github.com/docker/docker/pkg/symlink/fs_windows.go delete mode 100644 vendor/src/github.com/docker/go-units/CONTRIBUTING.md delete mode 100644 vendor/src/github.com/docker/go-units/MAINTAINERS delete mode 100644 vendor/src/github.com/docker/go-units/README.md delete mode 100644 vendor/src/github.com/docker/go-units/circle.yml delete mode 100644 vendor/src/github.com/docker/go-units/duration.go delete mode 100644 vendor/src/github.com/docker/go-units/size.go delete mode 100644 vendor/src/github.com/docker/go-units/ulimit.go delete mode 100644 vendor/src/github.com/godbus/dbus/CONTRIBUTING.md delete mode 100644 vendor/src/github.com/godbus/dbus/MAINTAINERS delete mode 100644 vendor/src/github.com/godbus/dbus/README.markdown delete mode 100644 vendor/src/github.com/godbus/dbus/auth.go delete mode 100644 vendor/src/github.com/godbus/dbus/auth_external.go delete mode 100644 vendor/src/github.com/godbus/dbus/auth_sha1.go delete mode 100644 vendor/src/github.com/godbus/dbus/call.go delete mode 100644 vendor/src/github.com/godbus/dbus/conn.go delete mode 100644 vendor/src/github.com/godbus/dbus/conn_darwin.go delete mode 100644 vendor/src/github.com/godbus/dbus/conn_other.go delete mode 100644 vendor/src/github.com/godbus/dbus/dbus.go delete mode 100644 vendor/src/github.com/godbus/dbus/decoder.go delete mode 100644 vendor/src/github.com/godbus/dbus/doc.go delete mode 100644 vendor/src/github.com/godbus/dbus/encoder.go delete mode 100644 vendor/src/github.com/godbus/dbus/export.go delete mode 100644 vendor/src/github.com/godbus/dbus/homedir.go delete mode 100644 vendor/src/github.com/godbus/dbus/homedir_dynamic.go delete mode 100644 vendor/src/github.com/godbus/dbus/homedir_static.go delete mode 100644 vendor/src/github.com/godbus/dbus/message.go delete mode 100644 vendor/src/github.com/godbus/dbus/object.go delete mode 100644 vendor/src/github.com/godbus/dbus/sig.go delete mode 100644 vendor/src/github.com/godbus/dbus/transport_darwin.go delete mode 100644 vendor/src/github.com/godbus/dbus/transport_generic.go delete mode 100644 vendor/src/github.com/godbus/dbus/transport_unix.go delete mode 100644 vendor/src/github.com/godbus/dbus/transport_unixcred_dragonfly.go delete mode 100644 vendor/src/github.com/godbus/dbus/transport_unixcred_linux.go delete mode 100644 vendor/src/github.com/godbus/dbus/variant.go delete mode 100644 vendor/src/github.com/godbus/dbus/variant_lexer.go delete mode 100644 vendor/src/github.com/godbus/dbus/variant_parser.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/README.md delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/SPEC.md delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/apparmor/apparmor.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/apparmor/apparmor_disabled.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/capabilities_linux.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/cgroups/cgroups.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/cgroups/cgroups_unsupported.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/cgroups/fs/apply_raw.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/cgroups/fs/blkio.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/cgroups/fs/cpu.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/cgroups/fs/cpuacct.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/cgroups/fs/cpuset.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/cgroups/fs/devices.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/cgroups/fs/freezer.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/cgroups/fs/fs_unsupported.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/cgroups/fs/hugetlb.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/cgroups/fs/memory.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/cgroups/fs/name.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/cgroups/fs/net_cls.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/cgroups/fs/net_prio.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/cgroups/fs/perf_event.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/cgroups/fs/pids.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/cgroups/fs/utils.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/cgroups/stats.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/cgroups/systemd/apply_nosystemd.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/cgroups/systemd/apply_systemd.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/cgroups/utils.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/compat_1.5_linux.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/configs/blkio_device.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/configs/cgroup_unix.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/configs/cgroup_unsupported.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/configs/cgroup_windows.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/configs/config.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/configs/config_unix.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/configs/device.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/configs/device_defaults.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/configs/hugepage_limit.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/configs/interface_priority_map.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/configs/mount.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/configs/namespaces.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/configs/namespaces_syscall.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/configs/namespaces_syscall_unsupported.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/configs/namespaces_unix.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/configs/namespaces_unsupported.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/configs/network.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/configs/validate/validator.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/console.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/console_freebsd.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/console_linux.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/console_solaris.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/console_windows.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/container.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/container_linux.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/container_solaris.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/container_windows.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/criu_opts_unix.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/criu_opts_windows.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/criurpc/Makefile delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/criurpc/criurpc.pb.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/criurpc/criurpc.proto delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/error.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/factory.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/factory_linux.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/generic_error.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/init_linux.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/keys/keyctl.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/label/label.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/label/label_selinux.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/message_linux.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/network_linux.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/notify_linux.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/process.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/process_linux.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/restored_process.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/rootfs_linux.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/seccomp/config.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/seccomp/seccomp_linux.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/seccomp/seccomp_unsupported.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/selinux/selinux.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/setgroups_linux.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/setns_init_linux.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/stacktrace/capture.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/stacktrace/frame.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/stacktrace/stacktrace.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/standard_init_linux.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/state_linux.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/stats.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/stats_freebsd.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/stats_linux.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/stats_solaris.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/stats_windows.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/utils/utils.go delete mode 100644 vendor/src/github.com/opencontainers/runc/libcontainer/utils/utils_unix.go delete mode 100644 vendor/src/github.com/seccomp/libseccomp-golang/README delete mode 100644 vendor/src/github.com/seccomp/libseccomp-golang/seccomp.go delete mode 100644 vendor/src/github.com/seccomp/libseccomp-golang/seccomp_internal.go delete mode 100644 vendor/src/github.com/syndtr/gocapability/capability/capability.go delete mode 100644 vendor/src/github.com/syndtr/gocapability/capability/capability_linux.go delete mode 100644 vendor/src/github.com/syndtr/gocapability/capability/capability_noop.go delete mode 100644 vendor/src/github.com/syndtr/gocapability/capability/enum.go delete mode 100644 vendor/src/github.com/syndtr/gocapability/capability/enum_gen.go delete mode 100644 vendor/src/github.com/syndtr/gocapability/capability/syscall_linux.go delete mode 100644 vendor/src/github.com/vishvananda/netlink/.travis.yml delete mode 100644 vendor/src/github.com/vishvananda/netlink/Makefile delete mode 100644 vendor/src/github.com/vishvananda/netlink/README.md delete mode 100644 vendor/src/github.com/vishvananda/netlink/addr.go delete mode 100644 vendor/src/github.com/vishvananda/netlink/addr_linux.go delete mode 100644 vendor/src/github.com/vishvananda/netlink/bpf_linux.go delete mode 100644 vendor/src/github.com/vishvananda/netlink/class.go delete mode 100644 vendor/src/github.com/vishvananda/netlink/class_linux.go delete mode 100644 vendor/src/github.com/vishvananda/netlink/filter.go delete mode 100644 vendor/src/github.com/vishvananda/netlink/filter_linux.go delete mode 100644 vendor/src/github.com/vishvananda/netlink/link.go delete mode 100644 vendor/src/github.com/vishvananda/netlink/link_linux.go delete mode 100644 vendor/src/github.com/vishvananda/netlink/link_tuntap_linux.go delete mode 100644 vendor/src/github.com/vishvananda/netlink/neigh.go delete mode 100644 vendor/src/github.com/vishvananda/netlink/neigh_linux.go delete mode 100644 vendor/src/github.com/vishvananda/netlink/netlink.go delete mode 100644 vendor/src/github.com/vishvananda/netlink/netlink_unspecified.go delete mode 100644 vendor/src/github.com/vishvananda/netlink/nl/addr_linux.go delete mode 100644 vendor/src/github.com/vishvananda/netlink/nl/link_linux.go delete mode 100644 vendor/src/github.com/vishvananda/netlink/nl/nl_linux.go delete mode 100644 vendor/src/github.com/vishvananda/netlink/nl/route_linux.go delete mode 100644 vendor/src/github.com/vishvananda/netlink/nl/syscall.go delete mode 100644 vendor/src/github.com/vishvananda/netlink/nl/tc_linux.go delete mode 100644 vendor/src/github.com/vishvananda/netlink/nl/xfrm_linux.go delete mode 100644 vendor/src/github.com/vishvananda/netlink/nl/xfrm_policy_linux.go delete mode 100644 vendor/src/github.com/vishvananda/netlink/nl/xfrm_state_linux.go delete mode 100644 vendor/src/github.com/vishvananda/netlink/protinfo.go delete mode 100644 vendor/src/github.com/vishvananda/netlink/protinfo_linux.go delete mode 100644 vendor/src/github.com/vishvananda/netlink/qdisc.go delete mode 100644 vendor/src/github.com/vishvananda/netlink/qdisc_linux.go delete mode 100644 vendor/src/github.com/vishvananda/netlink/route.go delete mode 100644 vendor/src/github.com/vishvananda/netlink/route_linux.go delete mode 100644 vendor/src/github.com/vishvananda/netlink/rule.go delete mode 100644 vendor/src/github.com/vishvananda/netlink/rule_linux.go delete mode 100644 vendor/src/github.com/vishvananda/netlink/xfrm.go delete mode 100644 vendor/src/github.com/vishvananda/netlink/xfrm_policy.go delete mode 100644 vendor/src/github.com/vishvananda/netlink/xfrm_policy_linux.go delete mode 100644 vendor/src/github.com/vishvananda/netlink/xfrm_state.go delete mode 100644 vendor/src/github.com/vishvananda/netlink/xfrm_state_linux.go diff --git a/Dockerfile b/Dockerfile index 1631a49..881c248 100644 --- a/Dockerfile +++ b/Dockerfile @@ -11,13 +11,14 @@ RUN apt-get update && apt-get install -y \ git \ make \ jq \ + pkg-config \ apparmor \ libapparmor-dev \ --no-install-recommends \ && rm -rf /var/lib/apt/lists/* # Install Go -ENV GO_VERSION 1.5.3 +ENV GO_VERSION 1.6.2 RUN curl -sSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar -v -C /usr/local -xz ENV PATH /go/bin:/usr/local/go/bin:$PATH ENV GOPATH /go:/go/src/github.com/docker/containerd/vendor @@ -54,7 +55,7 @@ RUN set -x \ && rm -rf "$SECCOMP_PATH" # Install runc -ENV RUNC_COMMIT d49ece5a83da3dcb820121d6850e2b61bd0a5fbe +ENV RUNC_COMMIT afaa21f79ade3b2e99a68f3f15e7219155aa4662 RUN set -x \ && export GOPATH="$(mktemp -d)" \ && git clone git://github.com/opencontainers/runc.git "$GOPATH/src/github.com/opencontainers/runc" \ diff --git a/containerd-shim/main.go b/containerd-shim/main.go index afff86b..1c1724a 100644 --- a/containerd-shim/main.go +++ b/containerd-shim/main.go @@ -3,6 +3,7 @@ package main import ( "flag" "fmt" + "io/ioutil" "os" "os/signal" "path/filepath" @@ -77,7 +78,7 @@ func start(log *os.File) error { writeMessage(log, "warn", err) } }() - if err := p.start(); err != nil { + if err := p.create(); err != nil { p.delete() return err } @@ -102,6 +103,11 @@ func start(log *os.File) error { Height: uint16(h), } term.SetWinsize(p.console.Fd(), &ws) + case 2: + // tell runtime to execute the init process + if err := p.start(); err != nil { + syscall.Kill(p.pid(), syscall.SIGKILL) + } } } }() @@ -120,6 +126,7 @@ func start(log *os.File) error { } // runtime has exited so the shim can also exit if exitShim { + ioutil.WriteFile(fmt.Sprintf("/tmp/shim-delete-%d", p.pid()), []byte("deleting"), 0600) p.delete() p.Wait() return nil diff --git a/containerd-shim/process.go b/containerd-shim/process.go index 6de7d9b..6a876ed 100644 --- a/containerd-shim/process.go +++ b/containerd-shim/process.go @@ -115,7 +115,7 @@ func loadCheckpoint(checkpointPath string) (*checkpoint, error) { return &cpt, nil } -func (p *process) start() error { +func (p *process) create() error { cwd, err := os.Getwd() if err != nil { return err @@ -127,6 +127,7 @@ func (p *process) start() error { }, p.state.RuntimeArgs...) if p.state.Exec { args = append(args, "exec", + "-d", "--process", filepath.Join(cwd, "process.json"), "--console", p.consolePath, ) @@ -151,7 +152,7 @@ func (p *process) start() error { add("--no-pivot") } } else { - args = append(args, "start", + args = append(args, "create", "--bundle", p.bundle, "--console", p.consolePath, ) @@ -160,7 +161,6 @@ func (p *process) start() error { } } args = append(args, - "-d", "--pid-file", filepath.Join(cwd, "pid"), p.id, ) @@ -200,6 +200,25 @@ func (p *process) start() error { return nil } +func (p *process) start() error { + cwd, err := os.Getwd() + if err != nil { + return err + } + logPath := filepath.Join(cwd, "log.json") + args := append([]string{ + "--log", logPath, + "--log-format", "json", + }, p.state.RuntimeArgs...) + args = append(args, "start", p.id) + cmd := exec.Command(p.runtime, args...) + cmd.Dir = p.bundle + cmd.Stdin = p.stdio.stdin + cmd.Stdout = p.stdio.stdout + cmd.Stderr = p.stdio.stderr + return cmd.Run() +} + func (p *process) pid() int { return p.containerPid } diff --git a/hack/vendor.sh b/hack/vendor.sh index 531aa63..91b2597 100755 --- a/hack/vendor.sh +++ b/hack/vendor.sh @@ -14,7 +14,7 @@ clone git github.com/docker/go-units 5d2041e26a699eaca682e2ea41c8f891e1060444 clone git github.com/godbus/dbus e2cf28118e66a6a63db46cf6088a35d2054d3bb0 clone git github.com/golang/glog 23def4e6c14b4da8ac2ed8007337bc5eb5007998 clone git github.com/golang/protobuf 3c84672111d91bb5ac31719e112f9f7126a0e26e -clone git github.com/opencontainers/runc d49ece5a83da3dcb820121d6850e2b61bd0a5fbe +clone git github.com/opencontainers/runc afaa21f79ade3b2e99a68f3f15e7219155aa4662 clone git github.com/opencontainers/runtime-spec f955d90e70a98ddfb886bd930ffd076da9b67998 clone git github.com/rcrowley/go-metrics eeba7bd0dd01ace6e690fa833b3f22aaec29af43 clone git github.com/satori/go.uuid f9ab0dce87d815821e221626b772e3475a0d2749 diff --git a/integration-test/container_utils_test.go b/integration-test/container_utils_test.go index 17ea4c4..85a7448 100644 --- a/integration-test/container_utils_test.go +++ b/integration-test/container_utils_test.go @@ -4,6 +4,7 @@ import ( "bytes" "fmt" "io" + "io/ioutil" "os" "path/filepath" "sort" @@ -13,6 +14,11 @@ import ( "golang.org/x/net/context" ) +func (cs *ContainerdSuite) GetLogs() string { + b, _ := ioutil.ReadFile(cs.logFile.Name()) + return string(b) +} + func (cs *ContainerdSuite) ListRunningContainers() ([]*types.Container, error) { resp, err := cs.grpcClient.State(context.Background(), &types.StateRequest{}) if err != nil { @@ -38,6 +44,16 @@ func (cs *ContainerdSuite) KillContainer(id string) error { return cs.SignalContainerProcess(id, "init", uint32(syscall.SIGKILL)) } +func (cs *ContainerdSuite) UpdateContainerResource(id string, rs *types.UpdateResource) error { + _, err := cs.grpcClient.UpdateContainer(context.Background(), &types.UpdateContainerRequest{ + Id: id, + Pid: "init", + Status: "", + Resources: rs, + }) + return err +} + func (cs *ContainerdSuite) PauseContainer(id string) error { _, err := cs.grpcClient.UpdateContainer(context.Background(), &types.UpdateContainerRequest{ Id: id, diff --git a/integration-test/start_test.go b/integration-test/start_test.go index 3e8ecf9..5651594 100644 --- a/integration-test/start_test.go +++ b/integration-test/start_test.go @@ -9,6 +9,7 @@ import ( "github.com/docker/containerd/api/grpc/types" "github.com/docker/docker/pkg/integration/checker" "github.com/go-check/check" + ocs "github.com/opencontainers/runtime-spec/specs-go" "google.golang.org/grpc" ) @@ -61,7 +62,8 @@ func (cs *ContainerdSuite) TestStartBusyboxTop(t *check.C) { t.Fatal(err) } - _, err := cs.StartContainer("top", bundleName) + containerID := "start-busybox-top" + _, err := cs.StartContainer(containerID, bundleName) t.Assert(err, checker.Equals, nil) containers, err := cs.ListRunningContainers() @@ -69,7 +71,7 @@ func (cs *ContainerdSuite) TestStartBusyboxTop(t *check.C) { t.Fatal(err) } t.Assert(len(containers), checker.Equals, 1) - t.Assert(containers[0].Id, checker.Equals, "top") + t.Assert(containers[0].Id, checker.Equals, containerID) t.Assert(containers[0].Status, checker.Equals, "running") t.Assert(containers[0].BundlePath, check.Equals, filepath.Join(cs.cwd, GetBundle(bundleName).Path)) } @@ -144,8 +146,8 @@ func (cs *ContainerdSuite) TestStartBusyboxTopKill(t *check.C) { t.Fatal(err) } - containerID := "top" - c, err := cs.StartContainer("top", bundleName) + containerID := "top-kill" + c, err := cs.StartContainer(containerID, bundleName) if err != nil { t.Fatal(err) } @@ -189,8 +191,8 @@ func (cs *ContainerdSuite) TestStartBusyboxTopSignalSigterm(t *check.C) { t.Fatal(err) } - containerID := "top" - c, err := cs.StartContainer("top", bundleName) + containerID := "top-sigterm" + c, err := cs.StartContainer(containerID, bundleName) if err != nil { t.Fatal(err) } @@ -229,7 +231,7 @@ func (cs *ContainerdSuite) TestStartBusyboxTopSignalSigterm(t *check.C) { } func (cs *ContainerdSuite) TestStartBusyboxTrapUSR1(t *check.C) { - if err := CreateBusyboxBundle("busybox-trap-usr1", []string{"sh", "-c", "trap 'echo -n booh!' SIGUSR1 ; sleep 100 & wait"}); err != nil { + if err := CreateBusyboxBundle("busybox-trap-usr1", []string{"sh", "-c", "trap 'echo -n booh!' SIGUSR1 ; sleep 60 & wait"}); err != nil { t.Fatal(err) } @@ -239,6 +241,8 @@ func (cs *ContainerdSuite) TestStartBusyboxTrapUSR1(t *check.C) { t.Fatal(err) } + <-time.After(1 * time.Second) + if err := cs.SignalContainer(containerID, uint32(syscall.SIGUSR1)); err != nil { t.Fatal(err) } @@ -259,7 +263,7 @@ func (cs *ContainerdSuite) TestStartBusyboxTopPauseResume(t *check.C) { t.Fatal(err) } - containerID := "top" + containerID := "top-pause-resume" c, err := cs.StartContainer(containerID, bundleName) if err != nil { t.Fatal(err) @@ -310,10 +314,59 @@ func (cs *ContainerdSuite) TestStartBusyboxTopPauseResume(t *check.C) { t.Fatal(err) } t.Assert(len(containers), checker.Equals, 1) - t.Assert(containers[0].Id, checker.Equals, "top") + t.Assert(containers[0].Id, checker.Equals, containerID) t.Assert(containers[0].Status, checker.Equals, "running") } +func (cs *ContainerdSuite) TestOOM(t *check.C) { + bundleName := "busybox-sh-512k-memlimit" + if err := CreateBundleWithFilter("busybox", bundleName, []string{"sh", "-c", "x=oom-party-time; while true; do x=$x$x$x$x$x$x$x$x$x$x; done"}, func(spec *ocs.Spec) { + // Limit to 512k for quick oom + var limit uint64 = 8 * 1024 * 1024 + spec.Linux.Resources.Memory = &ocs.Memory{ + Limit: &limit, + } + }); err != nil { + t.Fatal(err) + } + + containerID := "sh-oom" + c, err := cs.StartContainer(containerID, bundleName) + if err != nil { + t.Fatal(err) + } + + for _, evt := range []types.Event{ + { + Type: "start-container", + Id: containerID, + Status: 0, + Pid: "", + }, + { + Type: "oom", + Id: containerID, + Status: 0, + Pid: "", + }, + { + Type: "exit", + Id: containerID, + Status: 137, + Pid: "init", + }, + } { + ch := c.GetEventsChannel() + select { + case e := <-ch: + evt.Timestamp = e.Timestamp + t.Assert(*e, checker.Equals, evt) + case <-time.After(60 * time.Second): + t.Fatal("Container took more than 10 seconds to terminate") + } + } +} + func (cs *ContainerdSuite) TestRestart(t *check.C) { bundleName := "busybox-top" if err := CreateBusyboxBundle(bundleName, []string{"top"}); err != nil { diff --git a/runtime/container.go b/runtime/container.go index 4b9fa9a..58c3176 100644 --- a/runtime/container.go +++ b/runtime/container.go @@ -413,7 +413,7 @@ func (c *container) Start(checkpointPath string, s Stdio) (Process, error) { if err != nil { return nil, err } - if err := c.startCmd(InitProcessID, cmd, p); err != nil { + if err := c.createCmd(InitProcessID, cmd, p); err != nil { return nil, err } return p, nil @@ -453,13 +453,13 @@ func (c *container) Exec(pid string, pspec specs.ProcessSpec, s Stdio) (pp Proce if err != nil { return nil, err } - if err := c.startCmd(pid, cmd, p); err != nil { + if err := c.createCmd(pid, cmd, p); err != nil { return nil, err } return p, nil } -func (c *container) startCmd(pid string, cmd *exec.Cmd, p *process) error { +func (c *container) createCmd(pid string, cmd *exec.Cmd, p *process) error { p.cmd = cmd if err := cmd.Start(); err != nil { if exErr, ok := err.(*exec.Error); ok { @@ -469,7 +469,7 @@ func (c *container) startCmd(pid string, cmd *exec.Cmd, p *process) error { } return err } - if err := c.waitForStart(p, cmd); err != nil { + if err := c.waitForCreate(p, cmd); err != nil { return err } c.processes[pid] = p @@ -552,7 +552,7 @@ type waitArgs struct { err error } -func (c *container) waitForStart(p *process, cmd *exec.Cmd) error { +func (c *container) waitForCreate(p *process, cmd *exec.Cmd) error { wc := make(chan error, 1) go func() { for { diff --git a/runtime/container_linux.go b/runtime/container_linux.go index c1b7bcb..cb7d0cb 100644 --- a/runtime/container_linux.go +++ b/runtime/container_linux.go @@ -1,6 +1,7 @@ package runtime import ( + "bufio" "bytes" "encoding/json" "fmt" @@ -11,46 +12,84 @@ import ( "syscall" "github.com/docker/containerd/specs" - "github.com/opencontainers/runc/libcontainer" ocs "github.com/opencontainers/runtime-spec/specs-go" ) -func (c *container) getLibctContainer() (libcontainer.Container, error) { - runtimeRoot := "/run/runc" +func findCgroupMountpointAndRoot(pid int, subsystem string) (string, string, error) { + f, err := os.Open(fmt.Sprintf("/proc/%d/mountinfo", pid)) + if err != nil { + return "", "", err + } + defer f.Close() - // Check that the root wasn't changed - for _, opt := range c.runtimeArgs { - if strings.HasPrefix(opt, "--root=") { - runtimeRoot = strings.TrimPrefix(opt, "--root=") - break + scanner := bufio.NewScanner(f) + for scanner.Scan() { + txt := scanner.Text() + fields := strings.Split(txt, " ") + for _, opt := range strings.Split(fields[len(fields)-1], ",") { + if opt == subsystem { + return fields[4], fields[3], nil + } } } + if err := scanner.Err(); err != nil { + return "", "", err + } - f, err := libcontainer.New(runtimeRoot, libcontainer.Cgroupfs) + return "", "", fmt.Errorf("cgroup path for %s not found", subsystem) +} + +func parseCgroupFile(path string) (map[string]string, error) { + f, err := os.Open(path) if err != nil { return nil, err } - return f.Load(c.id) + defer f.Close() + + s := bufio.NewScanner(f) + cgroups := make(map[string]string) + + for s.Scan() { + if err := s.Err(); err != nil { + return nil, err + } + + text := s.Text() + parts := strings.Split(text, ":") + + for _, subs := range strings.Split(parts[1], ",") { + cgroups[subs] = parts[2] + } + } + return cgroups, nil } func (c *container) OOM() (OOM, error) { - container, err := c.getLibctContainer() - if err != nil { - if lerr, ok := err.(libcontainer.Error); ok { - // with oom registration sometimes the container can run, exit, and be destroyed - // faster than we can get the state back so we can just ignore this - if lerr.Code() == libcontainer.ContainerNotExists { - return nil, ErrContainerExited - } - } - return nil, err + p := c.processes[InitProcessID] + if p == nil { + return nil, fmt.Errorf("no init process found") } - state, err := container.State() + + mountpoint, hostRoot, err := findCgroupMountpointAndRoot(os.Getpid(), "memory") if err != nil { return nil, err } - memoryPath := state.CgroupPaths["memory"] - return c.getMemeoryEventFD(memoryPath) + + cgroups, err := parseCgroupFile(fmt.Sprintf("/proc/%d/cgroup", p.pid)) + if err != nil { + return nil, err + } + + root, ok := cgroups["memory"] + if !ok { + return nil, fmt.Errorf("no memory cgroup for container %s", c.ID()) + } + + // Take care of the case were we're running inside a container + // ourself + root = strings.TrimPrefix(root, hostRoot) + + return c.getMemeoryEventFD(filepath.Join(mountpoint, root)) } func u64Ptr(i uint64) *uint64 { return &i } diff --git a/runtime/process.go b/runtime/process.go index f8d100f..ce7a1c3 100644 --- a/runtime/process.go +++ b/runtime/process.go @@ -23,6 +23,9 @@ type Process interface { // This is either "init" when it is the container's init process or // it is a user provided id for the process similar to the container id ID() string + // Start unblocks the associated container init process. + // This should only be called on the process with ID "init" + Start() error CloseStdin() error Resize(int, int) error // ExitFD returns the fd the provides an event when the process exits @@ -252,3 +255,13 @@ func getControlPipe(path string) (*os.File, error) { func (p *process) Signal(s os.Signal) error { return syscall.Kill(p.pid, s.(syscall.Signal)) } + +// Start unblocks the associated container init process. +// This should only be called on the process with ID "init" +func (p *process) Start() error { + if p.ID() == InitProcessID { + _, err := fmt.Fprintf(p.controlPipe, "%d %d %d\n", 2, 0, 0) + return err + } + return nil +} diff --git a/supervisor/sort_test.go b/supervisor/sort_test.go index 406523b..74a4e08 100644 --- a/supervisor/sort_test.go +++ b/supervisor/sort_test.go @@ -17,6 +17,10 @@ func (p *testProcess) ID() string { return p.id } +func (p *testProcess) Start() error { + return nil +} + func (p *testProcess) CloseStdin() error { return nil } diff --git a/supervisor/worker.go b/supervisor/worker.go index e38c0cb..5c242ca 100644 --- a/supervisor/worker.go +++ b/supervisor/worker.go @@ -63,6 +63,9 @@ func (w *worker) Start() { if err := w.s.monitorProcess(process); err != nil { logrus.WithField("error", err).Error("containerd: add process to monitor") } + if err := process.Start(); err != nil { + logrus.WithField("error", err).Error("containerd: start init process") + } ContainerStartTimer.UpdateSince(started) t.Err <- nil t.StartResponse <- StartResponse{ diff --git a/vendor/src/github.com/coreos/go-systemd/dbus/dbus.go b/vendor/src/github.com/coreos/go-systemd/dbus/dbus.go deleted file mode 100644 index 9404334..0000000 --- a/vendor/src/github.com/coreos/go-systemd/dbus/dbus.go +++ /dev/null @@ -1,198 +0,0 @@ -// Copyright 2015 CoreOS, Inc. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Integration with the systemd D-Bus API. See http://www.freedesktop.org/wiki/Software/systemd/dbus/ -package dbus - -import ( - "fmt" - "os" - "strconv" - "strings" - "sync" - - "github.com/godbus/dbus" -) - -const ( - alpha = `abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ` - num = `0123456789` - alphanum = alpha + num - signalBuffer = 100 -) - -// needsEscape checks whether a byte in a potential dbus ObjectPath needs to be escaped -func needsEscape(i int, b byte) bool { - // Escape everything that is not a-z-A-Z-0-9 - // Also escape 0-9 if it's the first character - return strings.IndexByte(alphanum, b) == -1 || - (i == 0 && strings.IndexByte(num, b) != -1) -} - -// PathBusEscape sanitizes a constituent string of a dbus ObjectPath using the -// rules that systemd uses for serializing special characters. -func PathBusEscape(path string) string { - // Special case the empty string - if len(path) == 0 { - return "_" - } - n := []byte{} - for i := 0; i < len(path); i++ { - c := path[i] - if needsEscape(i, c) { - e := fmt.Sprintf("_%x", c) - n = append(n, []byte(e)...) - } else { - n = append(n, c) - } - } - return string(n) -} - -// Conn is a connection to systemd's dbus endpoint. -type Conn struct { - // sysconn/sysobj are only used to call dbus methods - sysconn *dbus.Conn - sysobj dbus.BusObject - - // sigconn/sigobj are only used to receive dbus signals - sigconn *dbus.Conn - sigobj dbus.BusObject - - jobListener struct { - jobs map[dbus.ObjectPath]chan<- string - sync.Mutex - } - subscriber struct { - updateCh chan<- *SubStateUpdate - errCh chan<- error - sync.Mutex - ignore map[dbus.ObjectPath]int64 - cleanIgnore int64 - } -} - -// New establishes a connection to the system bus and authenticates. -// Callers should call Close() when done with the connection. -func New() (*Conn, error) { - return newConnection(func() (*dbus.Conn, error) { - return dbusAuthHelloConnection(dbus.SystemBusPrivate) - }) -} - -// NewUserConnection establishes a connection to the session bus and -// authenticates. This can be used to connect to systemd user instances. -// Callers should call Close() when done with the connection. -func NewUserConnection() (*Conn, error) { - return newConnection(func() (*dbus.Conn, error) { - return dbusAuthHelloConnection(dbus.SessionBusPrivate) - }) -} - -// NewSystemdConnection establishes a private, direct connection to systemd. -// This can be used for communicating with systemd without a dbus daemon. -// Callers should call Close() when done with the connection. -func NewSystemdConnection() (*Conn, error) { - return newConnection(func() (*dbus.Conn, error) { - // We skip Hello when talking directly to systemd. - return dbusAuthConnection(func() (*dbus.Conn, error) { - return dbus.Dial("unix:path=/run/systemd/private") - }) - }) -} - -// Close closes an established connection -func (c *Conn) Close() { - c.sysconn.Close() - c.sigconn.Close() -} - -func newConnection(createBus func() (*dbus.Conn, error)) (*Conn, error) { - sysconn, err := createBus() - if err != nil { - return nil, err - } - - sigconn, err := createBus() - if err != nil { - sysconn.Close() - return nil, err - } - - c := &Conn{ - sysconn: sysconn, - sysobj: systemdObject(sysconn), - sigconn: sigconn, - sigobj: systemdObject(sigconn), - } - - c.subscriber.ignore = make(map[dbus.ObjectPath]int64) - c.jobListener.jobs = make(map[dbus.ObjectPath]chan<- string) - - // Setup the listeners on jobs so that we can get completions - c.sigconn.BusObject().Call("org.freedesktop.DBus.AddMatch", 0, - "type='signal', interface='org.freedesktop.systemd1.Manager', member='JobRemoved'") - - c.dispatch() - return c, nil -} - -// GetManagerProperty returns the value of a property on the org.freedesktop.systemd1.Manager -// interface. The value is returned in its string representation, as defined at -// https://developer.gnome.org/glib/unstable/gvariant-text.html -func (c *Conn) GetManagerProperty(prop string) (string, error) { - variant, err := c.sysobj.GetProperty("org.freedesktop.systemd1.Manager." + prop) - if err != nil { - return "", err - } - return variant.String(), nil -} - -func dbusAuthConnection(createBus func() (*dbus.Conn, error)) (*dbus.Conn, error) { - conn, err := createBus() - if err != nil { - return nil, err - } - - // Only use EXTERNAL method, and hardcode the uid (not username) - // to avoid a username lookup (which requires a dynamically linked - // libc) - methods := []dbus.Auth{dbus.AuthExternal(strconv.Itoa(os.Getuid()))} - - err = conn.Auth(methods) - if err != nil { - conn.Close() - return nil, err - } - - return conn, nil -} - -func dbusAuthHelloConnection(createBus func() (*dbus.Conn, error)) (*dbus.Conn, error) { - conn, err := dbusAuthConnection(createBus) - if err != nil { - return nil, err - } - - if err = conn.Hello(); err != nil { - conn.Close() - return nil, err - } - - return conn, nil -} - -func systemdObject(conn *dbus.Conn) dbus.BusObject { - return conn.Object("org.freedesktop.systemd1", dbus.ObjectPath("/org/freedesktop/systemd1")) -} diff --git a/vendor/src/github.com/coreos/go-systemd/dbus/methods.go b/vendor/src/github.com/coreos/go-systemd/dbus/methods.go deleted file mode 100644 index f9552a3..0000000 --- a/vendor/src/github.com/coreos/go-systemd/dbus/methods.go +++ /dev/null @@ -1,442 +0,0 @@ -// Copyright 2015 CoreOS, Inc. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package dbus - -import ( - "errors" - "path" - "strconv" - - "github.com/godbus/dbus" -) - -func (c *Conn) jobComplete(signal *dbus.Signal) { - var id uint32 - var job dbus.ObjectPath - var unit string - var result string - dbus.Store(signal.Body, &id, &job, &unit, &result) - c.jobListener.Lock() - out, ok := c.jobListener.jobs[job] - if ok { - out <- result - delete(c.jobListener.jobs, job) - } - c.jobListener.Unlock() -} - -func (c *Conn) startJob(ch chan<- string, job string, args ...interface{}) (int, error) { - if ch != nil { - c.jobListener.Lock() - defer c.jobListener.Unlock() - } - - var p dbus.ObjectPath - err := c.sysobj.Call(job, 0, args...).Store(&p) - if err != nil { - return 0, err - } - - if ch != nil { - c.jobListener.jobs[p] = ch - } - - // ignore error since 0 is fine if conversion fails - jobID, _ := strconv.Atoi(path.Base(string(p))) - - return jobID, nil -} - -// StartUnit enqueues a start job and depending jobs, if any (unless otherwise -// specified by the mode string). -// -// Takes the unit to activate, plus a mode string. The mode needs to be one of -// replace, fail, isolate, ignore-dependencies, ignore-requirements. If -// "replace" the call will start the unit and its dependencies, possibly -// replacing already queued jobs that conflict with this. If "fail" the call -// will start the unit and its dependencies, but will fail if this would change -// an already queued job. If "isolate" the call will start the unit in question -// and terminate all units that aren't dependencies of it. If -// "ignore-dependencies" it will start a unit but ignore all its dependencies. -// If "ignore-requirements" it will start a unit but only ignore the -// requirement dependencies. It is not recommended to make use of the latter -// two options. -// -// If the provided channel is non-nil, a result string will be sent to it upon -// job completion: one of done, canceled, timeout, failed, dependency, skipped. -// done indicates successful execution of a job. canceled indicates that a job -// has been canceled before it finished execution. timeout indicates that the -// job timeout was reached. failed indicates that the job failed. dependency -// indicates that a job this job has been depending on failed and the job hence -// has been removed too. skipped indicates that a job was skipped because it -// didn't apply to the units current state. -// -// If no error occurs, the ID of the underlying systemd job will be returned. There -// does exist the possibility for no error to be returned, but for the returned job -// ID to be 0. In this case, the actual underlying ID is not 0 and this datapoint -// should not be considered authoritative. -// -// If an error does occur, it will be returned to the user alongside a job ID of 0. -func (c *Conn) StartUnit(name string, mode string, ch chan<- string) (int, error) { - return c.startJob(ch, "org.freedesktop.systemd1.Manager.StartUnit", name, mode) -} - -// StopUnit is similar to StartUnit but stops the specified unit rather -// than starting it. -func (c *Conn) StopUnit(name string, mode string, ch chan<- string) (int, error) { - return c.startJob(ch, "org.freedesktop.systemd1.Manager.StopUnit", name, mode) -} - -// ReloadUnit reloads a unit. Reloading is done only if the unit is already running and fails otherwise. -func (c *Conn) ReloadUnit(name string, mode string, ch chan<- string) (int, error) { - return c.startJob(ch, "org.freedesktop.systemd1.Manager.ReloadUnit", name, mode) -} - -// RestartUnit restarts a service. If a service is restarted that isn't -// running it will be started. -func (c *Conn) RestartUnit(name string, mode string, ch chan<- string) (int, error) { - return c.startJob(ch, "org.freedesktop.systemd1.Manager.RestartUnit", name, mode) -} - -// TryRestartUnit is like RestartUnit, except that a service that isn't running -// is not affected by the restart. -func (c *Conn) TryRestartUnit(name string, mode string, ch chan<- string) (int, error) { - return c.startJob(ch, "org.freedesktop.systemd1.Manager.TryRestartUnit", name, mode) -} - -// ReloadOrRestart attempts a reload if the unit supports it and use a restart -// otherwise. -func (c *Conn) ReloadOrRestartUnit(name string, mode string, ch chan<- string) (int, error) { - return c.startJob(ch, "org.freedesktop.systemd1.Manager.ReloadOrRestartUnit", name, mode) -} - -// ReloadOrTryRestart attempts a reload if the unit supports it and use a "Try" -// flavored restart otherwise. -func (c *Conn) ReloadOrTryRestartUnit(name string, mode string, ch chan<- string) (int, error) { - return c.startJob(ch, "org.freedesktop.systemd1.Manager.ReloadOrTryRestartUnit", name, mode) -} - -// StartTransientUnit() may be used to create and start a transient unit, which -// will be released as soon as it is not running or referenced anymore or the -// system is rebooted. name is the unit name including suffix, and must be -// unique. mode is the same as in StartUnit(), properties contains properties -// of the unit. -func (c *Conn) StartTransientUnit(name string, mode string, properties []Property, ch chan<- string) (int, error) { - return c.startJob(ch, "org.freedesktop.systemd1.Manager.StartTransientUnit", name, mode, properties, make([]PropertyCollection, 0)) -} - -// KillUnit takes the unit name and a UNIX signal number to send. All of the unit's -// processes are killed. -func (c *Conn) KillUnit(name string, signal int32) { - c.sysobj.Call("org.freedesktop.systemd1.Manager.KillUnit", 0, name, "all", signal).Store() -} - -// ResetFailedUnit resets the "failed" state of a specific unit. -func (c *Conn) ResetFailedUnit(name string) error { - return c.sysobj.Call("org.freedesktop.systemd1.Manager.ResetFailedUnit", 0, name).Store() -} - -// getProperties takes the unit name and returns all of its dbus object properties, for the given dbus interface -func (c *Conn) getProperties(unit string, dbusInterface string) (map[string]interface{}, error) { - var err error - var props map[string]dbus.Variant - - path := unitPath(unit) - if !path.IsValid() { - return nil, errors.New("invalid unit name: " + unit) - } - - obj := c.sysconn.Object("org.freedesktop.systemd1", path) - err = obj.Call("org.freedesktop.DBus.Properties.GetAll", 0, dbusInterface).Store(&props) - if err != nil { - return nil, err - } - - out := make(map[string]interface{}, len(props)) - for k, v := range props { - out[k] = v.Value() - } - - return out, nil -} - -// GetUnitProperties takes the unit name and returns all of its dbus object properties. -func (c *Conn) GetUnitProperties(unit string) (map[string]interface{}, error) { - return c.getProperties(unit, "org.freedesktop.systemd1.Unit") -} - -func (c *Conn) getProperty(unit string, dbusInterface string, propertyName string) (*Property, error) { - var err error - var prop dbus.Variant - - path := unitPath(unit) - if !path.IsValid() { - return nil, errors.New("invalid unit name: " + unit) - } - - obj := c.sysconn.Object("org.freedesktop.systemd1", path) - err = obj.Call("org.freedesktop.DBus.Properties.Get", 0, dbusInterface, propertyName).Store(&prop) - if err != nil { - return nil, err - } - - return &Property{Name: propertyName, Value: prop}, nil -} - -func (c *Conn) GetUnitProperty(unit string, propertyName string) (*Property, error) { - return c.getProperty(unit, "org.freedesktop.systemd1.Unit", propertyName) -} - -// GetUnitTypeProperties returns the extra properties for a unit, specific to the unit type. -// Valid values for unitType: Service, Socket, Target, Device, Mount, Automount, Snapshot, Timer, Swap, Path, Slice, Scope -// return "dbus.Error: Unknown interface" if the unitType is not the correct type of the unit -func (c *Conn) GetUnitTypeProperties(unit string, unitType string) (map[string]interface{}, error) { - return c.getProperties(unit, "org.freedesktop.systemd1."+unitType) -} - -// SetUnitProperties() may be used to modify certain unit properties at runtime. -// Not all properties may be changed at runtime, but many resource management -// settings (primarily those in systemd.cgroup(5)) may. The changes are applied -// instantly, and stored on disk for future boots, unless runtime is true, in which -// case the settings only apply until the next reboot. name is the name of the unit -// to modify. properties are the settings to set, encoded as an array of property -// name and value pairs. -func (c *Conn) SetUnitProperties(name string, runtime bool, properties ...Property) error { - return c.sysobj.Call("org.freedesktop.systemd1.Manager.SetUnitProperties", 0, name, runtime, properties).Store() -} - -func (c *Conn) GetUnitTypeProperty(unit string, unitType string, propertyName string) (*Property, error) { - return c.getProperty(unit, "org.freedesktop.systemd1."+unitType, propertyName) -} - -type UnitStatus struct { - Name string // The primary unit name as string - Description string // The human readable description string - LoadState string // The load state (i.e. whether the unit file has been loaded successfully) - ActiveState string // The active state (i.e. whether the unit is currently started or not) - SubState string // The sub state (a more fine-grained version of the active state that is specific to the unit type, which the active state is not) - Followed string // A unit that is being followed in its state by this unit, if there is any, otherwise the empty string. - Path dbus.ObjectPath // The unit object path - JobId uint32 // If there is a job queued for the job unit the numeric job id, 0 otherwise - JobType string // The job type as string - JobPath dbus.ObjectPath // The job object path -} - -// ListUnits returns an array with all currently loaded units. Note that -// units may be known by multiple names at the same time, and hence there might -// be more unit names loaded than actual units behind them. -func (c *Conn) ListUnits() ([]UnitStatus, error) { - result := make([][]interface{}, 0) - err := c.sysobj.Call("org.freedesktop.systemd1.Manager.ListUnits", 0).Store(&result) - if err != nil { - return nil, err - } - - resultInterface := make([]interface{}, len(result)) - for i := range result { - resultInterface[i] = result[i] - } - - status := make([]UnitStatus, len(result)) - statusInterface := make([]interface{}, len(status)) - for i := range status { - statusInterface[i] = &status[i] - } - - err = dbus.Store(resultInterface, statusInterface...) - if err != nil { - return nil, err - } - - return status, nil -} - -type UnitFile struct { - Path string - Type string -} - -// ListUnitFiles returns an array of all available units on disk. -func (c *Conn) ListUnitFiles() ([]UnitFile, error) { - result := make([][]interface{}, 0) - err := c.sysobj.Call("org.freedesktop.systemd1.Manager.ListUnitFiles", 0).Store(&result) - if err != nil { - return nil, err - } - - resultInterface := make([]interface{}, len(result)) - for i := range result { - resultInterface[i] = result[i] - } - - files := make([]UnitFile, len(result)) - fileInterface := make([]interface{}, len(files)) - for i := range files { - fileInterface[i] = &files[i] - } - - err = dbus.Store(resultInterface, fileInterface...) - if err != nil { - return nil, err - } - - return files, nil -} - -type LinkUnitFileChange EnableUnitFileChange - -// LinkUnitFiles() links unit files (that are located outside of the -// usual unit search paths) into the unit search path. -// -// It takes a list of absolute paths to unit files to link and two -// booleans. The first boolean controls whether the unit shall be -// enabled for runtime only (true, /run), or persistently (false, -// /etc). -// The second controls whether symlinks pointing to other units shall -// be replaced if necessary. -// -// This call returns a list of the changes made. The list consists of -// structures with three strings: the type of the change (one of symlink -// or unlink), the file name of the symlink and the destination of the -// symlink. -func (c *Conn) LinkUnitFiles(files []string, runtime bool, force bool) ([]LinkUnitFileChange, error) { - result := make([][]interface{}, 0) - err := c.sysobj.Call("org.freedesktop.systemd1.Manager.LinkUnitFiles", 0, files, runtime, force).Store(&result) - if err != nil { - return nil, err - } - - resultInterface := make([]interface{}, len(result)) - for i := range result { - resultInterface[i] = result[i] - } - - changes := make([]LinkUnitFileChange, len(result)) - changesInterface := make([]interface{}, len(changes)) - for i := range changes { - changesInterface[i] = &changes[i] - } - - err = dbus.Store(resultInterface, changesInterface...) - if err != nil { - return nil, err - } - - return changes, nil -} - -// EnableUnitFiles() may be used to enable one or more units in the system (by -// creating symlinks to them in /etc or /run). -// -// It takes a list of unit files to enable (either just file names or full -// absolute paths if the unit files are residing outside the usual unit -// search paths), and two booleans: the first controls whether the unit shall -// be enabled for runtime only (true, /run), or persistently (false, /etc). -// The second one controls whether symlinks pointing to other units shall -// be replaced if necessary. -// -// This call returns one boolean and an array with the changes made. The -// boolean signals whether the unit files contained any enablement -// information (i.e. an [Install]) section. The changes list consists of -// structures with three strings: the type of the change (one of symlink -// or unlink), the file name of the symlink and the destination of the -// symlink. -func (c *Conn) EnableUnitFiles(files []string, runtime bool, force bool) (bool, []EnableUnitFileChange, error) { - var carries_install_info bool - - result := make([][]interface{}, 0) - err := c.sysobj.Call("org.freedesktop.systemd1.Manager.EnableUnitFiles", 0, files, runtime, force).Store(&carries_install_info, &result) - if err != nil { - return false, nil, err - } - - resultInterface := make([]interface{}, len(result)) - for i := range result { - resultInterface[i] = result[i] - } - - changes := make([]EnableUnitFileChange, len(result)) - changesInterface := make([]interface{}, len(changes)) - for i := range changes { - changesInterface[i] = &changes[i] - } - - err = dbus.Store(resultInterface, changesInterface...) - if err != nil { - return false, nil, err - } - - return carries_install_info, changes, nil -} - -type EnableUnitFileChange struct { - Type string // Type of the change (one of symlink or unlink) - Filename string // File name of the symlink - Destination string // Destination of the symlink -} - -// DisableUnitFiles() may be used to disable one or more units in the system (by -// removing symlinks to them from /etc or /run). -// -// It takes a list of unit files to disable (either just file names or full -// absolute paths if the unit files are residing outside the usual unit -// search paths), and one boolean: whether the unit was enabled for runtime -// only (true, /run), or persistently (false, /etc). -// -// This call returns an array with the changes made. The changes list -// consists of structures with three strings: the type of the change (one of -// symlink or unlink), the file name of the symlink and the destination of the -// symlink. -func (c *Conn) DisableUnitFiles(files []string, runtime bool) ([]DisableUnitFileChange, error) { - result := make([][]interface{}, 0) - err := c.sysobj.Call("org.freedesktop.systemd1.Manager.DisableUnitFiles", 0, files, runtime).Store(&result) - if err != nil { - return nil, err - } - - resultInterface := make([]interface{}, len(result)) - for i := range result { - resultInterface[i] = result[i] - } - - changes := make([]DisableUnitFileChange, len(result)) - changesInterface := make([]interface{}, len(changes)) - for i := range changes { - changesInterface[i] = &changes[i] - } - - err = dbus.Store(resultInterface, changesInterface...) - if err != nil { - return nil, err - } - - return changes, nil -} - -type DisableUnitFileChange struct { - Type string // Type of the change (one of symlink or unlink) - Filename string // File name of the symlink - Destination string // Destination of the symlink -} - -// Reload instructs systemd to scan for and reload unit files. This is -// equivalent to a 'systemctl daemon-reload'. -func (c *Conn) Reload() error { - return c.sysobj.Call("org.freedesktop.systemd1.Manager.Reload", 0).Store() -} - -func unitPath(name string) dbus.ObjectPath { - return dbus.ObjectPath("/org/freedesktop/systemd1/unit/" + PathBusEscape(name)) -} diff --git a/vendor/src/github.com/coreos/go-systemd/dbus/properties.go b/vendor/src/github.com/coreos/go-systemd/dbus/properties.go deleted file mode 100644 index 7520011..0000000 --- a/vendor/src/github.com/coreos/go-systemd/dbus/properties.go +++ /dev/null @@ -1,218 +0,0 @@ -// Copyright 2015 CoreOS, Inc. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package dbus - -import ( - "github.com/godbus/dbus" -) - -// From the systemd docs: -// -// The properties array of StartTransientUnit() may take many of the settings -// that may also be configured in unit files. Not all parameters are currently -// accepted though, but we plan to cover more properties with future release. -// Currently you may set the Description, Slice and all dependency types of -// units, as well as RemainAfterExit, ExecStart for service units, -// TimeoutStopUSec and PIDs for scope units, and CPUAccounting, CPUShares, -// BlockIOAccounting, BlockIOWeight, BlockIOReadBandwidth, -// BlockIOWriteBandwidth, BlockIODeviceWeight, MemoryAccounting, MemoryLimit, -// DevicePolicy, DeviceAllow for services/scopes/slices. These fields map -// directly to their counterparts in unit files and as normal D-Bus object -// properties. The exception here is the PIDs field of scope units which is -// used for construction of the scope only and specifies the initial PIDs to -// add to the scope object. - -type Property struct { - Name string - Value dbus.Variant -} - -type PropertyCollection struct { - Name string - Properties []Property -} - -type execStart struct { - Path string // the binary path to execute - Args []string // an array with all arguments to pass to the executed command, starting with argument 0 - UncleanIsFailure bool // a boolean whether it should be considered a failure if the process exits uncleanly -} - -// PropExecStart sets the ExecStart service property. The first argument is a -// slice with the binary path to execute followed by the arguments to pass to -// the executed command. See -// http://www.freedesktop.org/software/systemd/man/systemd.service.html#ExecStart= -func PropExecStart(command []string, uncleanIsFailure bool) Property { - execStarts := []execStart{ - execStart{ - Path: command[0], - Args: command, - UncleanIsFailure: uncleanIsFailure, - }, - } - - return Property{ - Name: "ExecStart", - Value: dbus.MakeVariant(execStarts), - } -} - -// PropRemainAfterExit sets the RemainAfterExit service property. See -// http://www.freedesktop.org/software/systemd/man/systemd.service.html#RemainAfterExit= -func PropRemainAfterExit(b bool) Property { - return Property{ - Name: "RemainAfterExit", - Value: dbus.MakeVariant(b), - } -} - -// PropDescription sets the Description unit property. See -// http://www.freedesktop.org/software/systemd/man/systemd.unit#Description= -func PropDescription(desc string) Property { - return Property{ - Name: "Description", - Value: dbus.MakeVariant(desc), - } -} - -func propDependency(name string, units []string) Property { - return Property{ - Name: name, - Value: dbus.MakeVariant(units), - } -} - -// PropRequires sets the Requires unit property. See -// http://www.freedesktop.org/software/systemd/man/systemd.unit.html#Requires= -func PropRequires(units ...string) Property { - return propDependency("Requires", units) -} - -// PropRequiresOverridable sets the RequiresOverridable unit property. See -// http://www.freedesktop.org/software/systemd/man/systemd.unit.html#RequiresOverridable= -func PropRequiresOverridable(units ...string) Property { - return propDependency("RequiresOverridable", units) -} - -// PropRequisite sets the Requisite unit property. See -// http://www.freedesktop.org/software/systemd/man/systemd.unit.html#Requisite= -func PropRequisite(units ...string) Property { - return propDependency("Requisite", units) -} - -// PropRequisiteOverridable sets the RequisiteOverridable unit property. See -// http://www.freedesktop.org/software/systemd/man/systemd.unit.html#RequisiteOverridable= -func PropRequisiteOverridable(units ...string) Property { - return propDependency("RequisiteOverridable", units) -} - -// PropWants sets the Wants unit property. See -// http://www.freedesktop.org/software/systemd/man/systemd.unit.html#Wants= -func PropWants(units ...string) Property { - return propDependency("Wants", units) -} - -// PropBindsTo sets the BindsTo unit property. See -// http://www.freedesktop.org/software/systemd/man/systemd.unit.html#BindsTo= -func PropBindsTo(units ...string) Property { - return propDependency("BindsTo", units) -} - -// PropRequiredBy sets the RequiredBy unit property. See -// http://www.freedesktop.org/software/systemd/man/systemd.unit.html#RequiredBy= -func PropRequiredBy(units ...string) Property { - return propDependency("RequiredBy", units) -} - -// PropRequiredByOverridable sets the RequiredByOverridable unit property. See -// http://www.freedesktop.org/software/systemd/man/systemd.unit.html#RequiredByOverridable= -func PropRequiredByOverridable(units ...string) Property { - return propDependency("RequiredByOverridable", units) -} - -// PropWantedBy sets the WantedBy unit property. See -// http://www.freedesktop.org/software/systemd/man/systemd.unit.html#WantedBy= -func PropWantedBy(units ...string) Property { - return propDependency("WantedBy", units) -} - -// PropBoundBy sets the BoundBy unit property. See -// http://www.freedesktop.org/software/systemd/main/systemd.unit.html#BoundBy= -func PropBoundBy(units ...string) Property { - return propDependency("BoundBy", units) -} - -// PropConflicts sets the Conflicts unit property. See -// http://www.freedesktop.org/software/systemd/man/systemd.unit.html#Conflicts= -func PropConflicts(units ...string) Property { - return propDependency("Conflicts", units) -} - -// PropConflictedBy sets the ConflictedBy unit property. See -// http://www.freedesktop.org/software/systemd/man/systemd.unit.html#ConflictedBy= -func PropConflictedBy(units ...string) Property { - return propDependency("ConflictedBy", units) -} - -// PropBefore sets the Before unit property. See -// http://www.freedesktop.org/software/systemd/man/systemd.unit.html#Before= -func PropBefore(units ...string) Property { - return propDependency("Before", units) -} - -// PropAfter sets the After unit property. See -// http://www.freedesktop.org/software/systemd/man/systemd.unit.html#After= -func PropAfter(units ...string) Property { - return propDependency("After", units) -} - -// PropOnFailure sets the OnFailure unit property. See -// http://www.freedesktop.org/software/systemd/man/systemd.unit.html#OnFailure= -func PropOnFailure(units ...string) Property { - return propDependency("OnFailure", units) -} - -// PropTriggers sets the Triggers unit property. See -// http://www.freedesktop.org/software/systemd/man/systemd.unit.html#Triggers= -func PropTriggers(units ...string) Property { - return propDependency("Triggers", units) -} - -// PropTriggeredBy sets the TriggeredBy unit property. See -// http://www.freedesktop.org/software/systemd/man/systemd.unit.html#TriggeredBy= -func PropTriggeredBy(units ...string) Property { - return propDependency("TriggeredBy", units) -} - -// PropPropagatesReloadTo sets the PropagatesReloadTo unit property. See -// http://www.freedesktop.org/software/systemd/man/systemd.unit.html#PropagatesReloadTo= -func PropPropagatesReloadTo(units ...string) Property { - return propDependency("PropagatesReloadTo", units) -} - -// PropRequiresMountsFor sets the RequiresMountsFor unit property. See -// http://www.freedesktop.org/software/systemd/man/systemd.unit.html#RequiresMountsFor= -func PropRequiresMountsFor(units ...string) Property { - return propDependency("RequiresMountsFor", units) -} - -// PropSlice sets the Slice unit property. See -// http://www.freedesktop.org/software/systemd/man/systemd.resource-control.html#Slice= -func PropSlice(slice string) Property { - return Property{ - Name: "Slice", - Value: dbus.MakeVariant(slice), - } -} diff --git a/vendor/src/github.com/coreos/go-systemd/dbus/set.go b/vendor/src/github.com/coreos/go-systemd/dbus/set.go deleted file mode 100644 index f92e6fb..0000000 --- a/vendor/src/github.com/coreos/go-systemd/dbus/set.go +++ /dev/null @@ -1,47 +0,0 @@ -// Copyright 2015 CoreOS, Inc. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package dbus - -type set struct { - data map[string]bool -} - -func (s *set) Add(value string) { - s.data[value] = true -} - -func (s *set) Remove(value string) { - delete(s.data, value) -} - -func (s *set) Contains(value string) (exists bool) { - _, exists = s.data[value] - return -} - -func (s *set) Length() int { - return len(s.data) -} - -func (s *set) Values() (values []string) { - for val, _ := range s.data { - values = append(values, val) - } - return -} - -func newSet() *set { - return &set{make(map[string]bool)} -} diff --git a/vendor/src/github.com/coreos/go-systemd/dbus/subscription.go b/vendor/src/github.com/coreos/go-systemd/dbus/subscription.go deleted file mode 100644 index 9964514..0000000 --- a/vendor/src/github.com/coreos/go-systemd/dbus/subscription.go +++ /dev/null @@ -1,250 +0,0 @@ -// Copyright 2015 CoreOS, Inc. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package dbus - -import ( - "errors" - "time" - - "github.com/godbus/dbus" -) - -const ( - cleanIgnoreInterval = int64(10 * time.Second) - ignoreInterval = int64(30 * time.Millisecond) -) - -// Subscribe sets up this connection to subscribe to all systemd dbus events. -// This is required before calling SubscribeUnits. When the connection closes -// systemd will automatically stop sending signals so there is no need to -// explicitly call Unsubscribe(). -func (c *Conn) Subscribe() error { - c.sigconn.BusObject().Call("org.freedesktop.DBus.AddMatch", 0, - "type='signal',interface='org.freedesktop.systemd1.Manager',member='UnitNew'") - c.sigconn.BusObject().Call("org.freedesktop.DBus.AddMatch", 0, - "type='signal',interface='org.freedesktop.DBus.Properties',member='PropertiesChanged'") - - err := c.sigobj.Call("org.freedesktop.systemd1.Manager.Subscribe", 0).Store() - if err != nil { - return err - } - - return nil -} - -// Unsubscribe this connection from systemd dbus events. -func (c *Conn) Unsubscribe() error { - err := c.sigobj.Call("org.freedesktop.systemd1.Manager.Unsubscribe", 0).Store() - if err != nil { - return err - } - - return nil -} - -func (c *Conn) dispatch() { - ch := make(chan *dbus.Signal, signalBuffer) - - c.sigconn.Signal(ch) - - go func() { - for { - signal, ok := <-ch - if !ok { - return - } - - if signal.Name == "org.freedesktop.systemd1.Manager.JobRemoved" { - c.jobComplete(signal) - } - - if c.subscriber.updateCh == nil { - continue - } - - var unitPath dbus.ObjectPath - switch signal.Name { - case "org.freedesktop.systemd1.Manager.JobRemoved": - unitName := signal.Body[2].(string) - c.sysobj.Call("org.freedesktop.systemd1.Manager.GetUnit", 0, unitName).Store(&unitPath) - case "org.freedesktop.systemd1.Manager.UnitNew": - unitPath = signal.Body[1].(dbus.ObjectPath) - case "org.freedesktop.DBus.Properties.PropertiesChanged": - if signal.Body[0].(string) == "org.freedesktop.systemd1.Unit" { - unitPath = signal.Path - } - } - - if unitPath == dbus.ObjectPath("") { - continue - } - - c.sendSubStateUpdate(unitPath) - } - }() -} - -// Returns two unbuffered channels which will receive all changed units every -// interval. Deleted units are sent as nil. -func (c *Conn) SubscribeUnits(interval time.Duration) (<-chan map[string]*UnitStatus, <-chan error) { - return c.SubscribeUnitsCustom(interval, 0, func(u1, u2 *UnitStatus) bool { return *u1 != *u2 }, nil) -} - -// SubscribeUnitsCustom is like SubscribeUnits but lets you specify the buffer -// size of the channels, the comparison function for detecting changes and a filter -// function for cutting down on the noise that your channel receives. -func (c *Conn) SubscribeUnitsCustom(interval time.Duration, buffer int, isChanged func(*UnitStatus, *UnitStatus) bool, filterUnit func(string) bool) (<-chan map[string]*UnitStatus, <-chan error) { - old := make(map[string]*UnitStatus) - statusChan := make(chan map[string]*UnitStatus, buffer) - errChan := make(chan error, buffer) - - go func() { - for { - timerChan := time.After(interval) - - units, err := c.ListUnits() - if err == nil { - cur := make(map[string]*UnitStatus) - for i := range units { - if filterUnit != nil && filterUnit(units[i].Name) { - continue - } - cur[units[i].Name] = &units[i] - } - - // add all new or changed units - changed := make(map[string]*UnitStatus) - for n, u := range cur { - if oldU, ok := old[n]; !ok || isChanged(oldU, u) { - changed[n] = u - } - delete(old, n) - } - - // add all deleted units - for oldN := range old { - changed[oldN] = nil - } - - old = cur - - if len(changed) != 0 { - statusChan <- changed - } - } else { - errChan <- err - } - - <-timerChan - } - }() - - return statusChan, errChan -} - -type SubStateUpdate struct { - UnitName string - SubState string -} - -// SetSubStateSubscriber writes to updateCh when any unit's substate changes. -// Although this writes to updateCh on every state change, the reported state -// may be more recent than the change that generated it (due to an unavoidable -// race in the systemd dbus interface). That is, this method provides a good -// way to keep a current view of all units' states, but is not guaranteed to -// show every state transition they go through. Furthermore, state changes -// will only be written to the channel with non-blocking writes. If updateCh -// is full, it attempts to write an error to errCh; if errCh is full, the error -// passes silently. -func (c *Conn) SetSubStateSubscriber(updateCh chan<- *SubStateUpdate, errCh chan<- error) { - c.subscriber.Lock() - defer c.subscriber.Unlock() - c.subscriber.updateCh = updateCh - c.subscriber.errCh = errCh -} - -func (c *Conn) sendSubStateUpdate(path dbus.ObjectPath) { - c.subscriber.Lock() - defer c.subscriber.Unlock() - - if c.shouldIgnore(path) { - return - } - - info, err := c.GetUnitProperties(string(path)) - if err != nil { - select { - case c.subscriber.errCh <- err: - default: - } - } - - name := info["Id"].(string) - substate := info["SubState"].(string) - - update := &SubStateUpdate{name, substate} - select { - case c.subscriber.updateCh <- update: - default: - select { - case c.subscriber.errCh <- errors.New("update channel full!"): - default: - } - } - - c.updateIgnore(path, info) -} - -// The ignore functions work around a wart in the systemd dbus interface. -// Requesting the properties of an unloaded unit will cause systemd to send a -// pair of UnitNew/UnitRemoved signals. Because we need to get a unit's -// properties on UnitNew (as that's the only indication of a new unit coming up -// for the first time), we would enter an infinite loop if we did not attempt -// to detect and ignore these spurious signals. The signal themselves are -// indistinguishable from relevant ones, so we (somewhat hackishly) ignore an -// unloaded unit's signals for a short time after requesting its properties. -// This means that we will miss e.g. a transient unit being restarted -// *immediately* upon failure and also a transient unit being started -// immediately after requesting its status (with systemctl status, for example, -// because this causes a UnitNew signal to be sent which then causes us to fetch -// the properties). - -func (c *Conn) shouldIgnore(path dbus.ObjectPath) bool { - t, ok := c.subscriber.ignore[path] - return ok && t >= time.Now().UnixNano() -} - -func (c *Conn) updateIgnore(path dbus.ObjectPath, info map[string]interface{}) { - c.cleanIgnore() - - // unit is unloaded - it will trigger bad systemd dbus behavior - if info["LoadState"].(string) == "not-found" { - c.subscriber.ignore[path] = time.Now().UnixNano() + ignoreInterval - } -} - -// without this, ignore would grow unboundedly over time -func (c *Conn) cleanIgnore() { - now := time.Now().UnixNano() - if c.subscriber.cleanIgnore < now { - c.subscriber.cleanIgnore = now + cleanIgnoreInterval - - for p, t := range c.subscriber.ignore { - if t < now { - delete(c.subscriber.ignore, p) - } - } - } -} diff --git a/vendor/src/github.com/coreos/go-systemd/dbus/subscription_set.go b/vendor/src/github.com/coreos/go-systemd/dbus/subscription_set.go deleted file mode 100644 index 5b408d5..0000000 --- a/vendor/src/github.com/coreos/go-systemd/dbus/subscription_set.go +++ /dev/null @@ -1,57 +0,0 @@ -// Copyright 2015 CoreOS, Inc. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package dbus - -import ( - "time" -) - -// SubscriptionSet returns a subscription set which is like conn.Subscribe but -// can filter to only return events for a set of units. -type SubscriptionSet struct { - *set - conn *Conn -} - -func (s *SubscriptionSet) filter(unit string) bool { - return !s.Contains(unit) -} - -// Subscribe starts listening for dbus events for all of the units in the set. -// Returns channels identical to conn.SubscribeUnits. -func (s *SubscriptionSet) Subscribe() (<-chan map[string]*UnitStatus, <-chan error) { - // TODO: Make fully evented by using systemd 209 with properties changed values - return s.conn.SubscribeUnitsCustom(time.Second, 0, - mismatchUnitStatus, - func(unit string) bool { return s.filter(unit) }, - ) -} - -// NewSubscriptionSet returns a new subscription set. -func (conn *Conn) NewSubscriptionSet() *SubscriptionSet { - return &SubscriptionSet{newSet(), conn} -} - -// mismatchUnitStatus returns true if the provided UnitStatus objects -// are not equivalent. false is returned if the objects are equivalent. -// Only the Name, Description and state-related fields are used in -// the comparison. -func mismatchUnitStatus(u1, u2 *UnitStatus) bool { - return u1.Name != u2.Name || - u1.Description != u2.Description || - u1.LoadState != u2.LoadState || - u1.ActiveState != u2.ActiveState || - u1.SubState != u2.SubState -} diff --git a/vendor/src/github.com/coreos/go-systemd/util/util.go b/vendor/src/github.com/coreos/go-systemd/util/util.go deleted file mode 100644 index f9f0b2a..0000000 --- a/vendor/src/github.com/coreos/go-systemd/util/util.go +++ /dev/null @@ -1,270 +0,0 @@ -// Copyright 2015 CoreOS, Inc. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Package util contains utility functions related to systemd that applications -// can use to check things like whether systemd is running. Note that some of -// these functions attempt to manually load systemd libraries at runtime rather -// than linking against them. -package util - -// #cgo LDFLAGS: -ldl -// #include -// #include -// #include -// #include -// -// int -// my_sd_pid_get_owner_uid(void *f, pid_t pid, uid_t *uid) -// { -// int (*sd_pid_get_owner_uid)(pid_t, uid_t *); -// -// sd_pid_get_owner_uid = (int (*)(pid_t, uid_t *))f; -// return sd_pid_get_owner_uid(pid, uid); -// } -// -// int -// my_sd_pid_get_unit(void *f, pid_t pid, char **unit) -// { -// int (*sd_pid_get_unit)(pid_t, char **); -// -// sd_pid_get_unit = (int (*)(pid_t, char **))f; -// return sd_pid_get_unit(pid, unit); -// } -// -// int -// my_sd_pid_get_slice(void *f, pid_t pid, char **slice) -// { -// int (*sd_pid_get_slice)(pid_t, char **); -// -// sd_pid_get_slice = (int (*)(pid_t, char **))f; -// return sd_pid_get_slice(pid, slice); -// } -// -// int -// am_session_leader() -// { -// return (getsid(0) == getpid()); -// } -import "C" -import ( - "errors" - "fmt" - "io/ioutil" - "os" - "strings" - "syscall" - "unsafe" -) - -var ErrSoNotFound = errors.New("unable to open a handle to libsystemd") - -// libHandle represents an open handle to the systemd C library -type libHandle struct { - handle unsafe.Pointer - libname string -} - -func (h *libHandle) Close() error { - if r := C.dlclose(h.handle); r != 0 { - return fmt.Errorf("error closing %v: %d", h.libname, r) - } - return nil -} - -// getHandle tries to get a handle to a systemd library (.so), attempting to -// access it by several different names and returning the first that is -// successfully opened. Callers are responsible for closing the handler. -// If no library can be successfully opened, an error is returned. -func getHandle() (*libHandle, error) { - for _, name := range []string{ - // systemd < 209 - "libsystemd-login.so", - "libsystemd-login.so.0", - - // systemd >= 209 merged libsystemd-login into libsystemd proper - "libsystemd.so", - "libsystemd.so.0", - } { - libname := C.CString(name) - defer C.free(unsafe.Pointer(libname)) - handle := C.dlopen(libname, C.RTLD_LAZY) - if handle != nil { - h := &libHandle{ - handle: handle, - libname: name, - } - return h, nil - } - } - return nil, ErrSoNotFound -} - -// GetRunningSlice attempts to retrieve the name of the systemd slice in which -// the current process is running. -// This function is a wrapper around the libsystemd C library; if it cannot be -// opened, an error is returned. -func GetRunningSlice() (slice string, err error) { - var h *libHandle - h, err = getHandle() - if err != nil { - return - } - defer func() { - if err1 := h.Close(); err1 != nil { - err = err1 - } - }() - - sym := C.CString("sd_pid_get_slice") - defer C.free(unsafe.Pointer(sym)) - sd_pid_get_slice := C.dlsym(h.handle, sym) - if sd_pid_get_slice == nil { - err = fmt.Errorf("error resolving sd_pid_get_slice function") - return - } - - var s string - sl := C.CString(s) - defer C.free(unsafe.Pointer(sl)) - - ret := C.my_sd_pid_get_slice(sd_pid_get_slice, 0, &sl) - if ret < 0 { - err = fmt.Errorf("error calling sd_pid_get_slice: %v", syscall.Errno(-ret)) - return - } - - return C.GoString(sl), nil -} - -// RunningFromSystemService tries to detect whether the current process has -// been invoked from a system service. The condition for this is whether the -// process is _not_ a user process. User processes are those running in session -// scopes or under per-user `systemd --user` instances. -// -// To avoid false positives on systems without `pam_systemd` (which is -// responsible for creating user sessions), this function also uses a heuristic -// to detect whether it's being invoked from a session leader process. This is -// the case if the current process is executed directly from a service file -// (e.g. with `ExecStart=/this/cmd`). Note that this heuristic will fail if the -// command is instead launched in a subshell or similar so that it is not -// session leader (e.g. `ExecStart=/bin/bash -c "/this/cmd"`) -// -// This function is a wrapper around the libsystemd C library; if this is -// unable to successfully open a handle to the library for any reason (e.g. it -// cannot be found), an errr will be returned -func RunningFromSystemService() (ret bool, err error) { - var h *libHandle - h, err = getHandle() - if err != nil { - return - } - defer func() { - if err1 := h.Close(); err1 != nil { - err = err1 - } - }() - - sym := C.CString("sd_pid_get_owner_uid") - defer C.free(unsafe.Pointer(sym)) - sd_pid_get_owner_uid := C.dlsym(h.handle, sym) - if sd_pid_get_owner_uid == nil { - err = fmt.Errorf("error resolving sd_pid_get_owner_uid function") - return - } - - var uid C.uid_t - errno := C.my_sd_pid_get_owner_uid(sd_pid_get_owner_uid, 0, &uid) - serrno := syscall.Errno(-errno) - // when we're running from a unit file, sd_pid_get_owner_uid returns - // ENOENT (systemd <220) or ENXIO (systemd >=220) - switch { - case errno >= 0: - ret = false - case serrno == syscall.ENOENT, serrno == syscall.ENXIO: - // Since the implementation of sessions in systemd relies on - // the `pam_systemd` module, using the sd_pid_get_owner_uid - // heuristic alone can result in false positives if that module - // (or PAM itself) is not present or properly configured on the - // system. As such, we also check if we're the session leader, - // which should be the case if we're invoked from a unit file, - // but not if e.g. we're invoked from the command line from a - // user's login session - ret = C.am_session_leader() == 1 - default: - err = fmt.Errorf("error calling sd_pid_get_owner_uid: %v", syscall.Errno(-errno)) - } - return -} - -// CurrentUnitName attempts to retrieve the name of the systemd system unit -// from which the calling process has been invoked. It wraps the systemd -// `sd_pid_get_unit` call, with the same caveat: for processes not part of a -// systemd system unit, this function will return an error. -func CurrentUnitName() (unit string, err error) { - var h *libHandle - h, err = getHandle() - if err != nil { - return - } - defer func() { - if err1 := h.Close(); err1 != nil { - err = err1 - } - }() - - sym := C.CString("sd_pid_get_unit") - defer C.free(unsafe.Pointer(sym)) - sd_pid_get_unit := C.dlsym(h.handle, sym) - if sd_pid_get_unit == nil { - err = fmt.Errorf("error resolving sd_pid_get_unit function") - return - } - - var s string - u := C.CString(s) - defer C.free(unsafe.Pointer(u)) - - ret := C.my_sd_pid_get_unit(sd_pid_get_unit, 0, &u) - if ret < 0 { - err = fmt.Errorf("error calling sd_pid_get_unit: %v", syscall.Errno(-ret)) - return - } - - unit = C.GoString(u) - return -} - -// IsRunningSystemd checks whether the host was booted with systemd as its init -// system. This functions similarly to systemd's `sd_booted(3)`: internally, it -// checks whether /run/systemd/system/ exists and is a directory. -// http://www.freedesktop.org/software/systemd/man/sd_booted.html -func IsRunningSystemd() bool { - fi, err := os.Lstat("/run/systemd/system") - if err != nil { - return false - } - return fi.IsDir() -} - -// GetMachineID returns a host's 128-bit machine ID as a string. This functions -// similarly to systemd's `sd_id128_get_machine`: internally, it simply reads -// the contents of /etc/machine-id -// http://www.freedesktop.org/software/systemd/man/sd_id128_get_machine.html -func GetMachineID() (string, error) { - machineID, err := ioutil.ReadFile("/etc/machine-id") - if err != nil { - return "", fmt.Errorf("failed to read /etc/machine-id: %v", err) - } - return strings.TrimSpace(string(machineID)), nil -} diff --git a/vendor/src/github.com/docker/docker/pkg/mount/flags.go b/vendor/src/github.com/docker/docker/pkg/mount/flags.go deleted file mode 100644 index d2fb1fb..0000000 --- a/vendor/src/github.com/docker/docker/pkg/mount/flags.go +++ /dev/null @@ -1,92 +0,0 @@ -package mount - -import ( - "fmt" - "strings" -) - -// Parse fstab type mount options into mount() flags -// and device specific data -func parseOptions(options string) (int, string) { - var ( - flag int - data []string - ) - - flags := map[string]struct { - clear bool - flag int - }{ - "defaults": {false, 0}, - "ro": {false, RDONLY}, - "rw": {true, RDONLY}, - "suid": {true, NOSUID}, - "nosuid": {false, NOSUID}, - "dev": {true, NODEV}, - "nodev": {false, NODEV}, - "exec": {true, NOEXEC}, - "noexec": {false, NOEXEC}, - "sync": {false, SYNCHRONOUS}, - "async": {true, SYNCHRONOUS}, - "dirsync": {false, DIRSYNC}, - "remount": {false, REMOUNT}, - "mand": {false, MANDLOCK}, - "nomand": {true, MANDLOCK}, - "atime": {true, NOATIME}, - "noatime": {false, NOATIME}, - "diratime": {true, NODIRATIME}, - "nodiratime": {false, NODIRATIME}, - "bind": {false, BIND}, - "rbind": {false, RBIND}, - "unbindable": {false, UNBINDABLE}, - "runbindable": {false, RUNBINDABLE}, - "private": {false, PRIVATE}, - "rprivate": {false, RPRIVATE}, - "shared": {false, SHARED}, - "rshared": {false, RSHARED}, - "slave": {false, SLAVE}, - "rslave": {false, RSLAVE}, - "relatime": {false, RELATIME}, - "norelatime": {true, RELATIME}, - "strictatime": {false, STRICTATIME}, - "nostrictatime": {true, STRICTATIME}, - } - - for _, o := range strings.Split(options, ",") { - // If the option does not exist in the flags table or the flag - // is not supported on the platform, - // then it is a data value for a specific fs type - if f, exists := flags[o]; exists && f.flag != 0 { - if f.clear { - flag &= ^f.flag - } else { - flag |= f.flag - } - } else { - data = append(data, o) - } - } - return flag, strings.Join(data, ",") -} - -// ParseTmpfsOptions parse fstab type mount options into flags and data -func ParseTmpfsOptions(options string) (int, string, error) { - flags, data := parseOptions(options) - validFlags := map[string]bool{ - "": true, - "size": true, - "mode": true, - "uid": true, - "gid": true, - "nr_inodes": true, - "nr_blocks": true, - "mpol": true, - } - for _, o := range strings.Split(data, ",") { - opt := strings.SplitN(o, "=", 2) - if !validFlags[opt[0]] { - return 0, "", fmt.Errorf("Invalid tmpfs option %q", opt) - } - } - return flags, data, nil -} diff --git a/vendor/src/github.com/docker/docker/pkg/mount/flags_freebsd.go b/vendor/src/github.com/docker/docker/pkg/mount/flags_freebsd.go deleted file mode 100644 index f166cb2..0000000 --- a/vendor/src/github.com/docker/docker/pkg/mount/flags_freebsd.go +++ /dev/null @@ -1,48 +0,0 @@ -// +build freebsd,cgo - -package mount - -/* -#include -*/ -import "C" - -const ( - // RDONLY will mount the filesystem as read-only. - RDONLY = C.MNT_RDONLY - - // NOSUID will not allow set-user-identifier or set-group-identifier bits to - // take effect. - NOSUID = C.MNT_NOSUID - - // NOEXEC will not allow execution of any binaries on the mounted file system. - NOEXEC = C.MNT_NOEXEC - - // SYNCHRONOUS will allow any I/O to the file system to be done synchronously. - SYNCHRONOUS = C.MNT_SYNCHRONOUS - - // NOATIME will not update the file access time when reading from a file. - NOATIME = C.MNT_NOATIME -) - -// These flags are unsupported. -const ( - BIND = 0 - DIRSYNC = 0 - MANDLOCK = 0 - NODEV = 0 - NODIRATIME = 0 - UNBINDABLE = 0 - RUNBINDABLE = 0 - PRIVATE = 0 - RPRIVATE = 0 - SHARED = 0 - RSHARED = 0 - SLAVE = 0 - RSLAVE = 0 - RBIND = 0 - RELATIVE = 0 - RELATIME = 0 - REMOUNT = 0 - STRICTATIME = 0 -) diff --git a/vendor/src/github.com/docker/docker/pkg/mount/flags_linux.go b/vendor/src/github.com/docker/docker/pkg/mount/flags_linux.go deleted file mode 100644 index dc696dc..0000000 --- a/vendor/src/github.com/docker/docker/pkg/mount/flags_linux.go +++ /dev/null @@ -1,85 +0,0 @@ -package mount - -import ( - "syscall" -) - -const ( - // RDONLY will mount the file system read-only. - RDONLY = syscall.MS_RDONLY - - // NOSUID will not allow set-user-identifier or set-group-identifier bits to - // take effect. - NOSUID = syscall.MS_NOSUID - - // NODEV will not interpret character or block special devices on the file - // system. - NODEV = syscall.MS_NODEV - - // NOEXEC will not allow execution of any binaries on the mounted file system. - NOEXEC = syscall.MS_NOEXEC - - // SYNCHRONOUS will allow I/O to the file system to be done synchronously. - SYNCHRONOUS = syscall.MS_SYNCHRONOUS - - // DIRSYNC will force all directory updates within the file system to be done - // synchronously. This affects the following system calls: create, link, - // unlink, symlink, mkdir, rmdir, mknod and rename. - DIRSYNC = syscall.MS_DIRSYNC - - // REMOUNT will attempt to remount an already-mounted file system. This is - // commonly used to change the mount flags for a file system, especially to - // make a readonly file system writeable. It does not change device or mount - // point. - REMOUNT = syscall.MS_REMOUNT - - // MANDLOCK will force mandatory locks on a filesystem. - MANDLOCK = syscall.MS_MANDLOCK - - // NOATIME will not update the file access time when reading from a file. - NOATIME = syscall.MS_NOATIME - - // NODIRATIME will not update the directory access time. - NODIRATIME = syscall.MS_NODIRATIME - - // BIND remounts a subtree somewhere else. - BIND = syscall.MS_BIND - - // RBIND remounts a subtree and all possible submounts somewhere else. - RBIND = syscall.MS_BIND | syscall.MS_REC - - // UNBINDABLE creates a mount which cannot be cloned through a bind operation. - UNBINDABLE = syscall.MS_UNBINDABLE - - // RUNBINDABLE marks the entire mount tree as UNBINDABLE. - RUNBINDABLE = syscall.MS_UNBINDABLE | syscall.MS_REC - - // PRIVATE creates a mount which carries no propagation abilities. - PRIVATE = syscall.MS_PRIVATE - - // RPRIVATE marks the entire mount tree as PRIVATE. - RPRIVATE = syscall.MS_PRIVATE | syscall.MS_REC - - // SLAVE creates a mount which receives propagation from its master, but not - // vice versa. - SLAVE = syscall.MS_SLAVE - - // RSLAVE marks the entire mount tree as SLAVE. - RSLAVE = syscall.MS_SLAVE | syscall.MS_REC - - // SHARED creates a mount which provides the ability to create mirrors of - // that mount such that mounts and unmounts within any of the mirrors - // propagate to the other mirrors. - SHARED = syscall.MS_SHARED - - // RSHARED marks the entire mount tree as SHARED. - RSHARED = syscall.MS_SHARED | syscall.MS_REC - - // RELATIME updates inode access times relative to modify or change time. - RELATIME = syscall.MS_RELATIME - - // STRICTATIME allows to explicitly request full atime updates. This makes - // it possible for the kernel to default to relatime or noatime but still - // allow userspace to override it. - STRICTATIME = syscall.MS_STRICTATIME -) diff --git a/vendor/src/github.com/docker/docker/pkg/mount/flags_unsupported.go b/vendor/src/github.com/docker/docker/pkg/mount/flags_unsupported.go deleted file mode 100644 index a90d3d1..0000000 --- a/vendor/src/github.com/docker/docker/pkg/mount/flags_unsupported.go +++ /dev/null @@ -1,30 +0,0 @@ -// +build !linux,!freebsd freebsd,!cgo - -package mount - -// These flags are unsupported. -const ( - BIND = 0 - DIRSYNC = 0 - MANDLOCK = 0 - NOATIME = 0 - NODEV = 0 - NODIRATIME = 0 - NOEXEC = 0 - NOSUID = 0 - UNBINDABLE = 0 - RUNBINDABLE = 0 - PRIVATE = 0 - RPRIVATE = 0 - SHARED = 0 - RSHARED = 0 - SLAVE = 0 - RSLAVE = 0 - RBIND = 0 - RELATIME = 0 - RELATIVE = 0 - REMOUNT = 0 - STRICTATIME = 0 - SYNCHRONOUS = 0 - RDONLY = 0 -) diff --git a/vendor/src/github.com/docker/docker/pkg/mount/mount.go b/vendor/src/github.com/docker/docker/pkg/mount/mount.go deleted file mode 100644 index ed7216e..0000000 --- a/vendor/src/github.com/docker/docker/pkg/mount/mount.go +++ /dev/null @@ -1,74 +0,0 @@ -package mount - -import ( - "time" -) - -// GetMounts retrieves a list of mounts for the current running process. -func GetMounts() ([]*Info, error) { - return parseMountTable() -} - -// Mounted looks at /proc/self/mountinfo to determine of the specified -// mountpoint has been mounted -func Mounted(mountpoint string) (bool, error) { - entries, err := parseMountTable() - if err != nil { - return false, err - } - - // Search the table for the mountpoint - for _, e := range entries { - if e.Mountpoint == mountpoint { - return true, nil - } - } - return false, nil -} - -// Mount will mount filesystem according to the specified configuration, on the -// condition that the target path is *not* already mounted. Options must be -// specified like the mount or fstab unix commands: "opt1=val1,opt2=val2". See -// flags.go for supported option flags. -func Mount(device, target, mType, options string) error { - flag, _ := parseOptions(options) - if flag&REMOUNT != REMOUNT { - if mounted, err := Mounted(target); err != nil || mounted { - return err - } - } - return ForceMount(device, target, mType, options) -} - -// ForceMount will mount a filesystem according to the specified configuration, -// *regardless* if the target path is not already mounted. Options must be -// specified like the mount or fstab unix commands: "opt1=val1,opt2=val2". See -// flags.go for supported option flags. -func ForceMount(device, target, mType, options string) error { - flag, data := parseOptions(options) - if err := mount(device, target, mType, uintptr(flag), data); err != nil { - return err - } - return nil -} - -// Unmount will unmount the target filesystem, so long as it is mounted. -func Unmount(target string) error { - if mounted, err := Mounted(target); err != nil || !mounted { - return err - } - return ForceUnmount(target) -} - -// ForceUnmount will force an unmount of the target filesystem, regardless if -// it is mounted or not. -func ForceUnmount(target string) (err error) { - // Simple retry logic for unmount - for i := 0; i < 10; i++ { - if err = unmount(target, 0); err == nil { - return nil - } - time.Sleep(100 * time.Millisecond) - } - return -} diff --git a/vendor/src/github.com/docker/docker/pkg/mount/mounter_freebsd.go b/vendor/src/github.com/docker/docker/pkg/mount/mounter_freebsd.go deleted file mode 100644 index bb870e6..0000000 --- a/vendor/src/github.com/docker/docker/pkg/mount/mounter_freebsd.go +++ /dev/null @@ -1,59 +0,0 @@ -package mount - -/* -#include -#include -#include -#include -#include -#include -*/ -import "C" - -import ( - "fmt" - "strings" - "syscall" - "unsafe" -) - -func allocateIOVecs(options []string) []C.struct_iovec { - out := make([]C.struct_iovec, len(options)) - for i, option := range options { - out[i].iov_base = unsafe.Pointer(C.CString(option)) - out[i].iov_len = C.size_t(len(option) + 1) - } - return out -} - -func mount(device, target, mType string, flag uintptr, data string) error { - isNullFS := false - - xs := strings.Split(data, ",") - for _, x := range xs { - if x == "bind" { - isNullFS = true - } - } - - options := []string{"fspath", target} - if isNullFS { - options = append(options, "fstype", "nullfs", "target", device) - } else { - options = append(options, "fstype", mType, "from", device) - } - rawOptions := allocateIOVecs(options) - for _, rawOption := range rawOptions { - defer C.free(rawOption.iov_base) - } - - if errno := C.nmount(&rawOptions[0], C.uint(len(options)), C.int(flag)); errno != 0 { - reason := C.GoString(C.strerror(*C.__error())) - return fmt.Errorf("Failed to call nmount: %s", reason) - } - return nil -} - -func unmount(target string, flag int) error { - return syscall.Unmount(target, flag) -} diff --git a/vendor/src/github.com/docker/docker/pkg/mount/mounter_linux.go b/vendor/src/github.com/docker/docker/pkg/mount/mounter_linux.go deleted file mode 100644 index dd4280c..0000000 --- a/vendor/src/github.com/docker/docker/pkg/mount/mounter_linux.go +++ /dev/null @@ -1,21 +0,0 @@ -package mount - -import ( - "syscall" -) - -func mount(device, target, mType string, flag uintptr, data string) error { - if err := syscall.Mount(device, target, mType, flag, data); err != nil { - return err - } - - // If we have a bind mount or remount, remount... - if flag&syscall.MS_BIND == syscall.MS_BIND && flag&syscall.MS_RDONLY == syscall.MS_RDONLY { - return syscall.Mount(device, target, mType, flag|syscall.MS_REMOUNT, data) - } - return nil -} - -func unmount(target string, flag int) error { - return syscall.Unmount(target, flag) -} diff --git a/vendor/src/github.com/docker/docker/pkg/mount/mounter_unsupported.go b/vendor/src/github.com/docker/docker/pkg/mount/mounter_unsupported.go deleted file mode 100644 index eb93365..0000000 --- a/vendor/src/github.com/docker/docker/pkg/mount/mounter_unsupported.go +++ /dev/null @@ -1,11 +0,0 @@ -// +build !linux,!freebsd freebsd,!cgo - -package mount - -func mount(device, target, mType string, flag uintptr, data string) error { - panic("Not implemented") -} - -func unmount(target string, flag int) error { - panic("Not implemented") -} diff --git a/vendor/src/github.com/docker/docker/pkg/mount/mountinfo.go b/vendor/src/github.com/docker/docker/pkg/mount/mountinfo.go deleted file mode 100644 index e3fc353..0000000 --- a/vendor/src/github.com/docker/docker/pkg/mount/mountinfo.go +++ /dev/null @@ -1,40 +0,0 @@ -package mount - -// Info reveals information about a particular mounted filesystem. This -// struct is populated from the content in the /proc//mountinfo file. -type Info struct { - // ID is a unique identifier of the mount (may be reused after umount). - ID int - - // Parent indicates the ID of the mount parent (or of self for the top of the - // mount tree). - Parent int - - // Major indicates one half of the device ID which identifies the device class. - Major int - - // Minor indicates one half of the device ID which identifies a specific - // instance of device. - Minor int - - // Root of the mount within the filesystem. - Root string - - // Mountpoint indicates the mount point relative to the process's root. - Mountpoint string - - // Opts represents mount-specific options. - Opts string - - // Optional represents optional fields. - Optional string - - // Fstype indicates the type of filesystem, such as EXT3. - Fstype string - - // Source indicates filesystem specific information or "none". - Source string - - // VfsOpts represents per super block options. - VfsOpts string -} diff --git a/vendor/src/github.com/docker/docker/pkg/mount/mountinfo_freebsd.go b/vendor/src/github.com/docker/docker/pkg/mount/mountinfo_freebsd.go deleted file mode 100644 index 4f32edc..0000000 --- a/vendor/src/github.com/docker/docker/pkg/mount/mountinfo_freebsd.go +++ /dev/null @@ -1,41 +0,0 @@ -package mount - -/* -#include -#include -#include -*/ -import "C" - -import ( - "fmt" - "reflect" - "unsafe" -) - -// Parse /proc/self/mountinfo because comparing Dev and ino does not work from -// bind mounts. -func parseMountTable() ([]*Info, error) { - var rawEntries *C.struct_statfs - - count := int(C.getmntinfo(&rawEntries, C.MNT_WAIT)) - if count == 0 { - return nil, fmt.Errorf("Failed to call getmntinfo") - } - - var entries []C.struct_statfs - header := (*reflect.SliceHeader)(unsafe.Pointer(&entries)) - header.Cap = count - header.Len = count - header.Data = uintptr(unsafe.Pointer(rawEntries)) - - var out []*Info - for _, entry := range entries { - var mountinfo Info - mountinfo.Mountpoint = C.GoString(&entry.f_mntonname[0]) - mountinfo.Source = C.GoString(&entry.f_mntfromname[0]) - mountinfo.Fstype = C.GoString(&entry.f_fstypename[0]) - out = append(out, &mountinfo) - } - return out, nil -} diff --git a/vendor/src/github.com/docker/docker/pkg/mount/mountinfo_linux.go b/vendor/src/github.com/docker/docker/pkg/mount/mountinfo_linux.go deleted file mode 100644 index be69fee..0000000 --- a/vendor/src/github.com/docker/docker/pkg/mount/mountinfo_linux.go +++ /dev/null @@ -1,95 +0,0 @@ -// +build linux - -package mount - -import ( - "bufio" - "fmt" - "io" - "os" - "strings" -) - -const ( - /* 36 35 98:0 /mnt1 /mnt2 rw,noatime master:1 - ext3 /dev/root rw,errors=continue - (1)(2)(3) (4) (5) (6) (7) (8) (9) (10) (11) - - (1) mount ID: unique identifier of the mount (may be reused after umount) - (2) parent ID: ID of parent (or of self for the top of the mount tree) - (3) major:minor: value of st_dev for files on filesystem - (4) root: root of the mount within the filesystem - (5) mount point: mount point relative to the process's root - (6) mount options: per mount options - (7) optional fields: zero or more fields of the form "tag[:value]" - (8) separator: marks the end of the optional fields - (9) filesystem type: name of filesystem of the form "type[.subtype]" - (10) mount source: filesystem specific information or "none" - (11) super options: per super block options*/ - mountinfoFormat = "%d %d %d:%d %s %s %s %s" -) - -// Parse /proc/self/mountinfo because comparing Dev and ino does not work from -// bind mounts -func parseMountTable() ([]*Info, error) { - f, err := os.Open("/proc/self/mountinfo") - if err != nil { - return nil, err - } - defer f.Close() - - return parseInfoFile(f) -} - -func parseInfoFile(r io.Reader) ([]*Info, error) { - var ( - s = bufio.NewScanner(r) - out = []*Info{} - ) - - for s.Scan() { - if err := s.Err(); err != nil { - return nil, err - } - - var ( - p = &Info{} - text = s.Text() - optionalFields string - ) - - if _, err := fmt.Sscanf(text, mountinfoFormat, - &p.ID, &p.Parent, &p.Major, &p.Minor, - &p.Root, &p.Mountpoint, &p.Opts, &optionalFields); err != nil { - return nil, fmt.Errorf("Scanning '%s' failed: %s", text, err) - } - // Safe as mountinfo encodes mountpoints with spaces as \040. - index := strings.Index(text, " - ") - postSeparatorFields := strings.Fields(text[index+3:]) - if len(postSeparatorFields) < 3 { - return nil, fmt.Errorf("Error found less than 3 fields post '-' in %q", text) - } - - if optionalFields != "-" { - p.Optional = optionalFields - } - - p.Fstype = postSeparatorFields[0] - p.Source = postSeparatorFields[1] - p.VfsOpts = strings.Join(postSeparatorFields[2:], " ") - out = append(out, p) - } - return out, nil -} - -// PidMountInfo collects the mounts for a specific process ID. If the process -// ID is unknown, it is better to use `GetMounts` which will inspect -// "/proc/self/mountinfo" instead. -func PidMountInfo(pid int) ([]*Info, error) { - f, err := os.Open(fmt.Sprintf("/proc/%d/mountinfo", pid)) - if err != nil { - return nil, err - } - defer f.Close() - - return parseInfoFile(f) -} diff --git a/vendor/src/github.com/docker/docker/pkg/mount/mountinfo_unsupported.go b/vendor/src/github.com/docker/docker/pkg/mount/mountinfo_unsupported.go deleted file mode 100644 index b8d9aa5..0000000 --- a/vendor/src/github.com/docker/docker/pkg/mount/mountinfo_unsupported.go +++ /dev/null @@ -1,12 +0,0 @@ -// +build !windows,!linux,!freebsd freebsd,!cgo - -package mount - -import ( - "fmt" - "runtime" -) - -func parseMountTable() ([]*Info, error) { - return nil, fmt.Errorf("mount.parseMountTable is not implemented on %s/%s", runtime.GOOS, runtime.GOARCH) -} diff --git a/vendor/src/github.com/docker/docker/pkg/mount/mountinfo_windows.go b/vendor/src/github.com/docker/docker/pkg/mount/mountinfo_windows.go deleted file mode 100644 index dab8a37..0000000 --- a/vendor/src/github.com/docker/docker/pkg/mount/mountinfo_windows.go +++ /dev/null @@ -1,6 +0,0 @@ -package mount - -func parseMountTable() ([]*Info, error) { - // Do NOT return an error! - return nil, nil -} diff --git a/vendor/src/github.com/docker/docker/pkg/mount/sharedsubtree_linux.go b/vendor/src/github.com/docker/docker/pkg/mount/sharedsubtree_linux.go deleted file mode 100644 index 8ceec84..0000000 --- a/vendor/src/github.com/docker/docker/pkg/mount/sharedsubtree_linux.go +++ /dev/null @@ -1,69 +0,0 @@ -// +build linux - -package mount - -// MakeShared ensures a mounted filesystem has the SHARED mount option enabled. -// See the supported options in flags.go for further reference. -func MakeShared(mountPoint string) error { - return ensureMountedAs(mountPoint, "shared") -} - -// MakeRShared ensures a mounted filesystem has the RSHARED mount option enabled. -// See the supported options in flags.go for further reference. -func MakeRShared(mountPoint string) error { - return ensureMountedAs(mountPoint, "rshared") -} - -// MakePrivate ensures a mounted filesystem has the PRIVATE mount option enabled. -// See the supported options in flags.go for further reference. -func MakePrivate(mountPoint string) error { - return ensureMountedAs(mountPoint, "private") -} - -// MakeRPrivate ensures a mounted filesystem has the RPRIVATE mount option -// enabled. See the supported options in flags.go for further reference. -func MakeRPrivate(mountPoint string) error { - return ensureMountedAs(mountPoint, "rprivate") -} - -// MakeSlave ensures a mounted filesystem has the SLAVE mount option enabled. -// See the supported options in flags.go for further reference. -func MakeSlave(mountPoint string) error { - return ensureMountedAs(mountPoint, "slave") -} - -// MakeRSlave ensures a mounted filesystem has the RSLAVE mount option enabled. -// See the supported options in flags.go for further reference. -func MakeRSlave(mountPoint string) error { - return ensureMountedAs(mountPoint, "rslave") -} - -// MakeUnbindable ensures a mounted filesystem has the UNBINDABLE mount option -// enabled. See the supported options in flags.go for further reference. -func MakeUnbindable(mountPoint string) error { - return ensureMountedAs(mountPoint, "unbindable") -} - -// MakeRUnbindable ensures a mounted filesystem has the RUNBINDABLE mount -// option enabled. See the supported options in flags.go for further reference. -func MakeRUnbindable(mountPoint string) error { - return ensureMountedAs(mountPoint, "runbindable") -} - -func ensureMountedAs(mountPoint, options string) error { - mounted, err := Mounted(mountPoint) - if err != nil { - return err - } - - if !mounted { - if err := Mount(mountPoint, mountPoint, "none", "bind,rw"); err != nil { - return err - } - } - if _, err = Mounted(mountPoint); err != nil { - return err - } - - return ForceMount("", mountPoint, "none", options) -} diff --git a/vendor/src/github.com/docker/docker/pkg/symlink/README.md b/vendor/src/github.com/docker/docker/pkg/symlink/README.md deleted file mode 100644 index 8dba54f..0000000 --- a/vendor/src/github.com/docker/docker/pkg/symlink/README.md +++ /dev/null @@ -1,6 +0,0 @@ -Package symlink implements EvalSymlinksInScope which is an extension of filepath.EvalSymlinks, -as well as a Windows long-path aware version of filepath.EvalSymlinks -from the [Go standard library](https://golang.org/pkg/path/filepath). - -The code from filepath.EvalSymlinks has been adapted in fs.go. -Please read the LICENSE.BSD file that governs fs.go and LICENSE.APACHE for fs_test.go. diff --git a/vendor/src/github.com/docker/docker/pkg/symlink/fs.go b/vendor/src/github.com/docker/docker/pkg/symlink/fs.go deleted file mode 100644 index dcf707f..0000000 --- a/vendor/src/github.com/docker/docker/pkg/symlink/fs.go +++ /dev/null @@ -1,143 +0,0 @@ -// Copyright 2012 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE.BSD file. - -// This code is a modified version of path/filepath/symlink.go from the Go standard library. - -package symlink - -import ( - "bytes" - "errors" - "os" - "path/filepath" - "strings" - - "github.com/docker/docker/pkg/system" -) - -// FollowSymlinkInScope is a wrapper around evalSymlinksInScope that returns an -// absolute path. This function handles paths in a platform-agnostic manner. -func FollowSymlinkInScope(path, root string) (string, error) { - path, err := filepath.Abs(filepath.FromSlash(path)) - if err != nil { - return "", err - } - root, err = filepath.Abs(filepath.FromSlash(root)) - if err != nil { - return "", err - } - return evalSymlinksInScope(path, root) -} - -// evalSymlinksInScope will evaluate symlinks in `path` within a scope `root` and return -// a result guaranteed to be contained within the scope `root`, at the time of the call. -// Symlinks in `root` are not evaluated and left as-is. -// Errors encountered while attempting to evaluate symlinks in path will be returned. -// Non-existing paths are valid and do not constitute an error. -// `path` has to contain `root` as a prefix, or else an error will be returned. -// Trying to break out from `root` does not constitute an error. -// -// Example: -// If /foo/bar -> /outside, -// FollowSymlinkInScope("/foo/bar", "/foo") == "/foo/outside" instead of "/oustide" -// -// IMPORTANT: it is the caller's responsibility to call evalSymlinksInScope *after* relevant symlinks -// are created and not to create subsequently, additional symlinks that could potentially make a -// previously-safe path, unsafe. Example: if /foo/bar does not exist, evalSymlinksInScope("/foo/bar", "/foo") -// would return "/foo/bar". If one makes /foo/bar a symlink to /baz subsequently, then "/foo/bar" should -// no longer be considered safely contained in "/foo". -func evalSymlinksInScope(path, root string) (string, error) { - root = filepath.Clean(root) - if path == root { - return path, nil - } - if !strings.HasPrefix(path, root) { - return "", errors.New("evalSymlinksInScope: " + path + " is not in " + root) - } - const maxIter = 255 - originalPath := path - // given root of "/a" and path of "/a/b/../../c" we want path to be "/b/../../c" - path = path[len(root):] - if root == string(filepath.Separator) { - path = string(filepath.Separator) + path - } - if !strings.HasPrefix(path, string(filepath.Separator)) { - return "", errors.New("evalSymlinksInScope: " + path + " is not in " + root) - } - path = filepath.Clean(path) - // consume path by taking each frontmost path element, - // expanding it if it's a symlink, and appending it to b - var b bytes.Buffer - // b here will always be considered to be the "current absolute path inside - // root" when we append paths to it, we also append a slash and use - // filepath.Clean after the loop to trim the trailing slash - for n := 0; path != ""; n++ { - if n > maxIter { - return "", errors.New("evalSymlinksInScope: too many links in " + originalPath) - } - - // find next path component, p - i := strings.IndexRune(path, filepath.Separator) - var p string - if i == -1 { - p, path = path, "" - } else { - p, path = path[:i], path[i+1:] - } - - if p == "" { - continue - } - - // this takes a b.String() like "b/../" and a p like "c" and turns it - // into "/b/../c" which then gets filepath.Cleaned into "/c" and then - // root gets prepended and we Clean again (to remove any trailing slash - // if the first Clean gave us just "/") - cleanP := filepath.Clean(string(filepath.Separator) + b.String() + p) - if cleanP == string(filepath.Separator) { - // never Lstat "/" itself - b.Reset() - continue - } - fullP := filepath.Clean(root + cleanP) - - fi, err := os.Lstat(fullP) - if os.IsNotExist(err) { - // if p does not exist, accept it - b.WriteString(p) - b.WriteRune(filepath.Separator) - continue - } - if err != nil { - return "", err - } - if fi.Mode()&os.ModeSymlink == 0 { - b.WriteString(p + string(filepath.Separator)) - continue - } - - // it's a symlink, put it at the front of path - dest, err := os.Readlink(fullP) - if err != nil { - return "", err - } - if system.IsAbs(dest) { - b.Reset() - } - path = dest + string(filepath.Separator) + path - } - - // see note above on "fullP := ..." for why this is double-cleaned and - // what's happening here - return filepath.Clean(root + filepath.Clean(string(filepath.Separator)+b.String())), nil -} - -// EvalSymlinks returns the path name after the evaluation of any symbolic -// links. -// If path is relative the result will be relative to the current directory, -// unless one of the components is an absolute symbolic link. -// This version has been updated to support long paths prepended with `\\?\`. -func EvalSymlinks(path string) (string, error) { - return evalSymlinks(path) -} diff --git a/vendor/src/github.com/docker/docker/pkg/symlink/fs_unix.go b/vendor/src/github.com/docker/docker/pkg/symlink/fs_unix.go deleted file mode 100644 index 818004f..0000000 --- a/vendor/src/github.com/docker/docker/pkg/symlink/fs_unix.go +++ /dev/null @@ -1,11 +0,0 @@ -// +build !windows - -package symlink - -import ( - "path/filepath" -) - -func evalSymlinks(path string) (string, error) { - return filepath.EvalSymlinks(path) -} diff --git a/vendor/src/github.com/docker/docker/pkg/symlink/fs_windows.go b/vendor/src/github.com/docker/docker/pkg/symlink/fs_windows.go deleted file mode 100644 index 449fe56..0000000 --- a/vendor/src/github.com/docker/docker/pkg/symlink/fs_windows.go +++ /dev/null @@ -1,155 +0,0 @@ -package symlink - -import ( - "bytes" - "errors" - "os" - "path/filepath" - "strings" - "syscall" - - "github.com/docker/docker/pkg/longpath" -) - -func toShort(path string) (string, error) { - p, err := syscall.UTF16FromString(path) - if err != nil { - return "", err - } - b := p // GetShortPathName says we can reuse buffer - n, err := syscall.GetShortPathName(&p[0], &b[0], uint32(len(b))) - if err != nil { - return "", err - } - if n > uint32(len(b)) { - b = make([]uint16, n) - if _, err = syscall.GetShortPathName(&p[0], &b[0], uint32(len(b))); err != nil { - return "", err - } - } - return syscall.UTF16ToString(b), nil -} - -func toLong(path string) (string, error) { - p, err := syscall.UTF16FromString(path) - if err != nil { - return "", err - } - b := p // GetLongPathName says we can reuse buffer - n, err := syscall.GetLongPathName(&p[0], &b[0], uint32(len(b))) - if err != nil { - return "", err - } - if n > uint32(len(b)) { - b = make([]uint16, n) - n, err = syscall.GetLongPathName(&p[0], &b[0], uint32(len(b))) - if err != nil { - return "", err - } - } - b = b[:n] - return syscall.UTF16ToString(b), nil -} - -func evalSymlinks(path string) (string, error) { - path, err := walkSymlinks(path) - if err != nil { - return "", err - } - - p, err := toShort(path) - if err != nil { - return "", err - } - p, err = toLong(p) - if err != nil { - return "", err - } - // syscall.GetLongPathName does not change the case of the drive letter, - // but the result of EvalSymlinks must be unique, so we have - // EvalSymlinks(`c:\a`) == EvalSymlinks(`C:\a`). - // Make drive letter upper case. - if len(p) >= 2 && p[1] == ':' && 'a' <= p[0] && p[0] <= 'z' { - p = string(p[0]+'A'-'a') + p[1:] - } else if len(p) >= 6 && p[5] == ':' && 'a' <= p[4] && p[4] <= 'z' { - p = p[:3] + string(p[4]+'A'-'a') + p[5:] - } - return filepath.Clean(p), nil -} - -const utf8RuneSelf = 0x80 - -func walkSymlinks(path string) (string, error) { - const maxIter = 255 - originalPath := path - // consume path by taking each frontmost path element, - // expanding it if it's a symlink, and appending it to b - var b bytes.Buffer - for n := 0; path != ""; n++ { - if n > maxIter { - return "", errors.New("EvalSymlinks: too many links in " + originalPath) - } - - // A path beginning with `\\?\` represents the root, so automatically - // skip that part and begin processing the next segment. - if strings.HasPrefix(path, longpath.Prefix) { - b.WriteString(longpath.Prefix) - path = path[4:] - continue - } - - // find next path component, p - var i = -1 - for j, c := range path { - if c < utf8RuneSelf && os.IsPathSeparator(uint8(c)) { - i = j - break - } - } - var p string - if i == -1 { - p, path = path, "" - } else { - p, path = path[:i], path[i+1:] - } - - if p == "" { - if b.Len() == 0 { - // must be absolute path - b.WriteRune(filepath.Separator) - } - continue - } - - // If this is the first segment after the long path prefix, accept the - // current segment as a volume root or UNC share and move on to the next. - if b.String() == longpath.Prefix { - b.WriteString(p) - b.WriteRune(filepath.Separator) - continue - } - - fi, err := os.Lstat(b.String() + p) - if err != nil { - return "", err - } - if fi.Mode()&os.ModeSymlink == 0 { - b.WriteString(p) - if path != "" || (b.Len() == 2 && len(p) == 2 && p[1] == ':') { - b.WriteRune(filepath.Separator) - } - continue - } - - // it's a symlink, put it at the front of path - dest, err := os.Readlink(b.String() + p) - if err != nil { - return "", err - } - if filepath.IsAbs(dest) || os.IsPathSeparator(dest[0]) { - b.Reset() - } - path = dest + string(filepath.Separator) + path - } - return filepath.Clean(b.String()), nil -} diff --git a/vendor/src/github.com/docker/go-units/CONTRIBUTING.md b/vendor/src/github.com/docker/go-units/CONTRIBUTING.md deleted file mode 100644 index 9ea86d7..0000000 --- a/vendor/src/github.com/docker/go-units/CONTRIBUTING.md +++ /dev/null @@ -1,67 +0,0 @@ -# Contributing to go-units - -Want to hack on go-units? Awesome! Here are instructions to get you started. - -go-units is a part of the [Docker](https://www.docker.com) project, and follows -the same rules and principles. If you're already familiar with the way -Docker does things, you'll feel right at home. - -Otherwise, go read Docker's -[contributions guidelines](https://github.com/docker/docker/blob/master/CONTRIBUTING.md), -[issue triaging](https://github.com/docker/docker/blob/master/project/ISSUE-TRIAGE.md), -[review process](https://github.com/docker/docker/blob/master/project/REVIEWING.md) and -[branches and tags](https://github.com/docker/docker/blob/master/project/BRANCHES-AND-TAGS.md). - -### Sign your work - -The sign-off is a simple line at the end of the explanation for the patch. Your -signature certifies that you wrote the patch or otherwise have the right to pass -it on as an open-source patch. The rules are pretty simple: if you can certify -the below (from [developercertificate.org](http://developercertificate.org/)): - -``` -Developer Certificate of Origin -Version 1.1 - -Copyright (C) 2004, 2006 The Linux Foundation and its contributors. -660 York Street, Suite 102, -San Francisco, CA 94110 USA - -Everyone is permitted to copy and distribute verbatim copies of this -license document, but changing it is not allowed. - -Developer's Certificate of Origin 1.1 - -By making a contribution to this project, I certify that: - -(a) The contribution was created in whole or in part by me and I - have the right to submit it under the open source license - indicated in the file; or - -(b) The contribution is based upon previous work that, to the best - of my knowledge, is covered under an appropriate open source - license and I have the right under that license to submit that - work with modifications, whether created in whole or in part - by me, under the same open source license (unless I am - permitted to submit under a different license), as indicated - in the file; or - -(c) The contribution was provided directly to me by some other - person who certified (a), (b) or (c) and I have not modified - it. - -(d) I understand and agree that this project and the contribution - are public and that a record of the contribution (including all - personal information I submit with it, including my sign-off) is - maintained indefinitely and may be redistributed consistent with - this project or the open source license(s) involved. -``` - -Then you just add a line to every git commit message: - - Signed-off-by: Joe Smith - -Use your real name (sorry, no pseudonyms or anonymous contributions.) - -If you set your `user.name` and `user.email` git configs, you can sign your -commit automatically with `git commit -s`. diff --git a/vendor/src/github.com/docker/go-units/MAINTAINERS b/vendor/src/github.com/docker/go-units/MAINTAINERS deleted file mode 100644 index 477be8b..0000000 --- a/vendor/src/github.com/docker/go-units/MAINTAINERS +++ /dev/null @@ -1,27 +0,0 @@ -# go-connections maintainers file -# -# This file describes who runs the docker/go-connections project and how. -# This is a living document - if you see something out of date or missing, speak up! -# -# It is structured to be consumable by both humans and programs. -# To extract its contents programmatically, use any TOML-compliant parser. -# -# This file is compiled into the MAINTAINERS file in docker/opensource. -# -[Org] - [Org."Core maintainers"] - people = [ - "calavera", - ] - -[people] - -# A reference list of all people associated with the project. -# All other sections should refer to people by their canonical key -# in the people section. - - # ADD YOURSELF HERE IN ALPHABETICAL ORDER - [people.calavera] - Name = "David Calavera" - Email = "david.calavera@gmail.com" - GitHub = "calavera" diff --git a/vendor/src/github.com/docker/go-units/README.md b/vendor/src/github.com/docker/go-units/README.md deleted file mode 100644 index 3ce4d79..0000000 --- a/vendor/src/github.com/docker/go-units/README.md +++ /dev/null @@ -1,18 +0,0 @@ -[![GoDoc](https://godoc.org/github.com/docker/go-units?status.svg)](https://godoc.org/github.com/docker/go-units) - -# Introduction - -go-units is a library to transform human friendly measurements into machine friendly values. - -## Usage - -See the [docs in godoc](https://godoc.org/github.com/docker/go-units) for examples and documentation. - -## Copyright and license - -Copyright © 2015 Docker, Inc. All rights reserved, except as follows. Code -is released under the Apache 2.0 license. The README.md file, and files in the -"docs" folder are licensed under the Creative Commons Attribution 4.0 -International License under the terms and conditions set forth in the file -"LICENSE.docs". You may obtain a duplicate copy of the same license, titled -CC-BY-SA-4.0, at http://creativecommons.org/licenses/by/4.0/. diff --git a/vendor/src/github.com/docker/go-units/circle.yml b/vendor/src/github.com/docker/go-units/circle.yml deleted file mode 100644 index 9043b35..0000000 --- a/vendor/src/github.com/docker/go-units/circle.yml +++ /dev/null @@ -1,11 +0,0 @@ -dependencies: - post: - # install golint - - go get github.com/golang/lint/golint - -test: - pre: - # run analysis before tests - - go vet ./... - - test -z "$(golint ./... | tee /dev/stderr)" - - test -z "$(gofmt -s -l . | tee /dev/stderr)" diff --git a/vendor/src/github.com/docker/go-units/duration.go b/vendor/src/github.com/docker/go-units/duration.go deleted file mode 100644 index c219a8a..0000000 --- a/vendor/src/github.com/docker/go-units/duration.go +++ /dev/null @@ -1,33 +0,0 @@ -// Package units provides helper function to parse and print size and time units -// in human-readable format. -package units - -import ( - "fmt" - "time" -) - -// HumanDuration returns a human-readable approximation of a duration -// (eg. "About a minute", "4 hours ago", etc.). -func HumanDuration(d time.Duration) string { - if seconds := int(d.Seconds()); seconds < 1 { - return "Less than a second" - } else if seconds < 60 { - return fmt.Sprintf("%d seconds", seconds) - } else if minutes := int(d.Minutes()); minutes == 1 { - return "About a minute" - } else if minutes < 60 { - return fmt.Sprintf("%d minutes", minutes) - } else if hours := int(d.Hours()); hours == 1 { - return "About an hour" - } else if hours < 48 { - return fmt.Sprintf("%d hours", hours) - } else if hours < 24*7*2 { - return fmt.Sprintf("%d days", hours/24) - } else if hours < 24*30*3 { - return fmt.Sprintf("%d weeks", hours/24/7) - } else if hours < 24*365*2 { - return fmt.Sprintf("%d months", hours/24/30) - } - return fmt.Sprintf("%d years", int(d.Hours())/24/365) -} diff --git a/vendor/src/github.com/docker/go-units/size.go b/vendor/src/github.com/docker/go-units/size.go deleted file mode 100644 index 989edd2..0000000 --- a/vendor/src/github.com/docker/go-units/size.go +++ /dev/null @@ -1,95 +0,0 @@ -package units - -import ( - "fmt" - "regexp" - "strconv" - "strings" -) - -// See: http://en.wikipedia.org/wiki/Binary_prefix -const ( - // Decimal - - KB = 1000 - MB = 1000 * KB - GB = 1000 * MB - TB = 1000 * GB - PB = 1000 * TB - - // Binary - - KiB = 1024 - MiB = 1024 * KiB - GiB = 1024 * MiB - TiB = 1024 * GiB - PiB = 1024 * TiB -) - -type unitMap map[string]int64 - -var ( - decimalMap = unitMap{"k": KB, "m": MB, "g": GB, "t": TB, "p": PB} - binaryMap = unitMap{"k": KiB, "m": MiB, "g": GiB, "t": TiB, "p": PiB} - sizeRegex = regexp.MustCompile(`^(\d+(\.\d+)*) ?([kKmMgGtTpP])?[bB]?$`) -) - -var decimapAbbrs = []string{"B", "kB", "MB", "GB", "TB", "PB", "EB", "ZB", "YB"} -var binaryAbbrs = []string{"B", "KiB", "MiB", "GiB", "TiB", "PiB", "EiB", "ZiB", "YiB"} - -// CustomSize returns a human-readable approximation of a size -// using custom format. -func CustomSize(format string, size float64, base float64, _map []string) string { - i := 0 - for size >= base { - size = size / base - i++ - } - return fmt.Sprintf(format, size, _map[i]) -} - -// HumanSize returns a human-readable approximation of a size -// capped at 4 valid numbers (eg. "2.746 MB", "796 KB"). -func HumanSize(size float64) string { - return CustomSize("%.4g %s", size, 1000.0, decimapAbbrs) -} - -// BytesSize returns a human-readable size in bytes, kibibytes, -// mebibytes, gibibytes, or tebibytes (eg. "44kiB", "17MiB"). -func BytesSize(size float64) string { - return CustomSize("%.4g %s", size, 1024.0, binaryAbbrs) -} - -// FromHumanSize returns an integer from a human-readable specification of a -// size using SI standard (eg. "44kB", "17MB"). -func FromHumanSize(size string) (int64, error) { - return parseSize(size, decimalMap) -} - -// RAMInBytes parses a human-readable string representing an amount of RAM -// in bytes, kibibytes, mebibytes, gibibytes, or tebibytes and -// returns the number of bytes, or -1 if the string is unparseable. -// Units are case-insensitive, and the 'b' suffix is optional. -func RAMInBytes(size string) (int64, error) { - return parseSize(size, binaryMap) -} - -// Parses the human-readable size string into the amount it represents. -func parseSize(sizeStr string, uMap unitMap) (int64, error) { - matches := sizeRegex.FindStringSubmatch(sizeStr) - if len(matches) != 4 { - return -1, fmt.Errorf("invalid size: '%s'", sizeStr) - } - - size, err := strconv.ParseFloat(matches[1], 64) - if err != nil { - return -1, err - } - - unitPrefix := strings.ToLower(matches[3]) - if mul, ok := uMap[unitPrefix]; ok { - size *= float64(mul) - } - - return int64(size), nil -} diff --git a/vendor/src/github.com/docker/go-units/ulimit.go b/vendor/src/github.com/docker/go-units/ulimit.go deleted file mode 100644 index 5ac7fd8..0000000 --- a/vendor/src/github.com/docker/go-units/ulimit.go +++ /dev/null @@ -1,118 +0,0 @@ -package units - -import ( - "fmt" - "strconv" - "strings" -) - -// Ulimit is a human friendly version of Rlimit. -type Ulimit struct { - Name string - Hard int64 - Soft int64 -} - -// Rlimit specifies the resource limits, such as max open files. -type Rlimit struct { - Type int `json:"type,omitempty"` - Hard uint64 `json:"hard,omitempty"` - Soft uint64 `json:"soft,omitempty"` -} - -const ( - // magic numbers for making the syscall - // some of these are defined in the syscall package, but not all. - // Also since Windows client doesn't get access to the syscall package, need to - // define these here - rlimitAs = 9 - rlimitCore = 4 - rlimitCPU = 0 - rlimitData = 2 - rlimitFsize = 1 - rlimitLocks = 10 - rlimitMemlock = 8 - rlimitMsgqueue = 12 - rlimitNice = 13 - rlimitNofile = 7 - rlimitNproc = 6 - rlimitRss = 5 - rlimitRtprio = 14 - rlimitRttime = 15 - rlimitSigpending = 11 - rlimitStack = 3 -) - -var ulimitNameMapping = map[string]int{ - //"as": rlimitAs, // Disabled since this doesn't seem usable with the way Docker inits a container. - "core": rlimitCore, - "cpu": rlimitCPU, - "data": rlimitData, - "fsize": rlimitFsize, - "locks": rlimitLocks, - "memlock": rlimitMemlock, - "msgqueue": rlimitMsgqueue, - "nice": rlimitNice, - "nofile": rlimitNofile, - "nproc": rlimitNproc, - "rss": rlimitRss, - "rtprio": rlimitRtprio, - "rttime": rlimitRttime, - "sigpending": rlimitSigpending, - "stack": rlimitStack, -} - -// ParseUlimit parses and returns a Ulimit from the specified string. -func ParseUlimit(val string) (*Ulimit, error) { - parts := strings.SplitN(val, "=", 2) - if len(parts) != 2 { - return nil, fmt.Errorf("invalid ulimit argument: %s", val) - } - - if _, exists := ulimitNameMapping[parts[0]]; !exists { - return nil, fmt.Errorf("invalid ulimit type: %s", parts[0]) - } - - var ( - soft int64 - hard = &soft // default to soft in case no hard was set - temp int64 - err error - ) - switch limitVals := strings.Split(parts[1], ":"); len(limitVals) { - case 2: - temp, err = strconv.ParseInt(limitVals[1], 10, 64) - if err != nil { - return nil, err - } - hard = &temp - fallthrough - case 1: - soft, err = strconv.ParseInt(limitVals[0], 10, 64) - if err != nil { - return nil, err - } - default: - return nil, fmt.Errorf("too many limit value arguments - %s, can only have up to two, `soft[:hard]`", parts[1]) - } - - if soft > *hard { - return nil, fmt.Errorf("ulimit soft limit must be less than or equal to hard limit: %d > %d", soft, *hard) - } - - return &Ulimit{Name: parts[0], Soft: soft, Hard: *hard}, nil -} - -// GetRlimit returns the RLimit corresponding to Ulimit. -func (u *Ulimit) GetRlimit() (*Rlimit, error) { - t, exists := ulimitNameMapping[u.Name] - if !exists { - return nil, fmt.Errorf("invalid ulimit name %s", u.Name) - } - - return &Rlimit{Type: t, Soft: uint64(u.Soft), Hard: uint64(u.Hard)}, nil -} - -func (u *Ulimit) String() string { - return fmt.Sprintf("%s=%d:%d", u.Name, u.Soft, u.Hard) -} diff --git a/vendor/src/github.com/godbus/dbus/CONTRIBUTING.md b/vendor/src/github.com/godbus/dbus/CONTRIBUTING.md deleted file mode 100644 index c88f9b2..0000000 --- a/vendor/src/github.com/godbus/dbus/CONTRIBUTING.md +++ /dev/null @@ -1,50 +0,0 @@ -# How to Contribute - -## Getting Started - -- Fork the repository on GitHub -- Read the [README](README.markdown) for build and test instructions -- Play with the project, submit bugs, submit patches! - -## Contribution Flow - -This is a rough outline of what a contributor's workflow looks like: - -- Create a topic branch from where you want to base your work (usually master). -- Make commits of logical units. -- Make sure your commit messages are in the proper format (see below). -- Push your changes to a topic branch in your fork of the repository. -- Make sure the tests pass, and add any new tests as appropriate. -- Submit a pull request to the original repository. - -Thanks for your contributions! - -### Format of the Commit Message - -We follow a rough convention for commit messages that is designed to answer two -questions: what changed and why. The subject line should feature the what and -the body of the commit should describe the why. - -``` -scripts: add the test-cluster command - -this uses tmux to setup a test cluster that you can easily kill and -start for debugging. - -Fixes #38 -``` - -The format can be described more formally as follows: - -``` -: - - - -