opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-12-02 02:58:03 +08:00
Code Issues Packages Projects Releases Wiki Activity

Vendor Buildah v1.8.3

Browse Source 
Vendor in Buildah v1.8.3

Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
This commit is contained in:
TomSweeneyRedHat
2019-06-04 12:58:16 -04:00
parent 7b0d6fcf0e
commit 14ec550ec3
14 changed files with 238 additions and 177 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
vendor/github.com/containers/buildah/run_linux.go generated vendored
View File

@@ -131,7 +131,8 @@ func (b *Builder) Run(command []string, options RunOptions) error {
return err
}
if err := b.configureUIDGID(g, mountPoint, options); err != nil {
homeDir, err := b.configureUIDGID(g, mountPoint, options)
if err != nil {
return err
}
@@ -210,7 +211,7 @@ func (b *Builder) Run(command []string, options RunOptions) error {
}
err = b.runUsingRuntimeSubproc(isolation, options, configureNetwork, configureNetworks, moreCreateArgs, spec, mountPoint, path, Package+"-"+filepath.Base(path))
case IsolationChroot:
err = chroot.RunUsingChroot(spec, path, options.Stdin, options.Stdout, options.Stderr)
err = chroot.RunUsingChroot(spec, path, homeDir, options.Stdin, options.Stdout, options.Stderr)
case IsolationOCIRootless:
moreCreateArgs := []string{"--no-new-keyring"}
if options.NoPivot {
@@ -1454,7 +1455,18 @@ func setupNamespaces(g *generate.Generator, namespaceOptions NamespaceOptions, i
}
if configureNetwork {
for name, val := range util.DefaultNetworkSysctl {
g.AddLinuxSysctl(name, val)
// Check that the sysctl we are adding is actually supported
// by the kernel
p := filepath.Join("/proc/sys", strings.Replace(name, ".", "/", -1))
_, err := os.Stat(p)
if err != nil && !os.IsNotExist(err) {
return false, nil, false, errors.Wrapf(err, "cannot stat %s", p)
}
if err == nil {
g.AddLinuxSysctl(name, val)
} else {
logrus.Warnf("ignoring sysctl %s since %s doesn't exist", name, p)
}
}
}
return configureNetwork, configureNetworks, configureUTS, nil
@@ -1775,14 +1787,14 @@ func getDNSIP(dnsServers []string) (dns []net.IP, err error) {
return dns, nil
}
func (b *Builder) configureUIDGID(g *generate.Generator, mountPoint string, options RunOptions) error {
func (b *Builder) configureUIDGID(g *generate.Generator, mountPoint string, options RunOptions) (string, error) {
// Set the user UID/GID/supplemental group list/capabilities lists.
user, err := b.user(mountPoint, options.User)
user, homeDir, err := b.user(mountPoint, options.User)
if err != nil {
return err
return "", err
}
if err := setupCapabilities(g, b.AddCapabilities, b.DropCapabilities, options.AddCapabilities, options.DropCapabilities); err != nil {
return err
return "", err
}
g.SetProcessUID(user.UID)
g.SetProcessGID(user.GID)
@@ -1797,7 +1809,7 @@ func (b *Builder) configureUIDGID(g *generate.Generator, mountPoint string, opti
g.Config.Process.Capabilities.Bounding = bounding
}
return nil
return homeDir, nil
}
func (b *Builder) configureEnvironment(g *generate.Generator, options RunOptions) {