Use nsinit for setting up namespace
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
This commit is contained in:
parent
c2777d4611
commit
593219d191
4 changed files with 17 additions and 2 deletions
|
@ -32,6 +32,7 @@ func init() {
|
|||
func nsinitFunc(container *libcontainer.Container) error {
|
||||
container.Master = uintptr(masterFd)
|
||||
container.Console = console
|
||||
container.LogFile = "/root/logs"
|
||||
|
||||
return nsinit.InitNamespace(container)
|
||||
}
|
||||
|
|
|
@ -13,6 +13,7 @@ type Container struct {
|
|||
Capabilities Capabilities `json:"capabilities,omitempty"`
|
||||
Master uintptr `json:"master"`
|
||||
Console string `json:"console"`
|
||||
LogFile string `json:"log_file"`
|
||||
}
|
||||
|
||||
type Command struct {
|
||||
|
|
|
@ -44,9 +44,10 @@ func ExecContainer(container *libcontainer.Container) (pid int, err error) {
|
|||
// we need CLONE_VFORK so we can wait on the child
|
||||
flag := uintptr(getNamespaceFlags(container.Namespaces) | CLONE_VFORK)
|
||||
|
||||
command := exec.Command(nsinit, "init", "-master", strconv.Itoa(int(master.Fd())), "-console", console)
|
||||
command := exec.Command(nsinit, "-master", strconv.Itoa(int(master.Fd())), "-console", console, "init")
|
||||
command.SysProcAttr = &syscall.SysProcAttr{}
|
||||
command.SysProcAttr.Cloneflags = flag
|
||||
command.ExtraFiles = []*os.File{master}
|
||||
// command.SysProcAttr.Setctty = true
|
||||
|
||||
if err := command.Start(); err != nil {
|
||||
|
@ -64,7 +65,6 @@ func ExecContainer(container *libcontainer.Container) (pid int, err error) {
|
|||
log.Println(err)
|
||||
}
|
||||
}()
|
||||
command.Wait()
|
||||
return pid, nil
|
||||
}
|
||||
|
||||
|
|
|
@ -14,6 +14,10 @@ import (
|
|||
// InitNamespace should be run inside an existing namespace to setup
|
||||
// common mounts, drop capabilities, and setup network interfaces
|
||||
func InitNamespace(container *libcontainer.Container) error {
|
||||
if err := setLogFile(container); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
rootfs, err := resolveRootfs(container)
|
||||
if err != nil {
|
||||
return err
|
||||
|
@ -138,3 +142,12 @@ func openTerminal(name string, flag int) (*os.File, error) {
|
|||
}
|
||||
return os.NewFile(uintptr(r), name), nil
|
||||
}
|
||||
|
||||
func setLogFile(container *libcontainer.Container) error {
|
||||
f, err := os.OpenFile(container.LogFile, os.O_CREATE|os.O_RDWR|os.O_APPEND, 0655)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
log.SetOutput(f)
|
||||
return nil
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue