opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-12-05 12:52:12 +08:00
Code Issues Packages Projects Releases Wiki Activity

Privileged containers should inherit host devices

Browse Source 
When running a privileged container, it should inherit the same
devices the host has.

Signed-off-by: baude <bbaude@redhat.com>

Closes: #330
Approved by: mheon
This commit is contained in:
baude
2018-02-14 12:51:06 -06:00
committed by Atomic Bot
parent d051dc38d8
commit be9ed1cfac
78 changed files with 3131 additions and 849 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
vendor/github.com/opencontainers/runc/libcontainer/devices/devices_linux.go → vendor/github.com/opencontainers/runc/libcontainer/devices/devices.go generated vendored
View File

@@ -28,6 +28,15 @@ func DeviceFromPath(path, permissions string) (*configs.Device, error) {
if err != nil {
return nil, err
}
var (
devNumber = stat.Rdev
major = unix.Major(devNumber)
)
if major == 0 {
return nil, ErrNotADevice
}
var (
devType rune
mode = stat.Mode
@@ -37,21 +46,16 @@ func DeviceFromPath(path, permissions string) (*configs.Device, error) {
devType = 'b'
case mode&unix.S_IFCHR == unix.S_IFCHR:
devType = 'c'
default:
return nil, ErrNotADevice
}
devNumber := int(stat.Rdev)
uid := stat.Uid
gid := stat.Gid
return &configs.Device{
Type: devType,
Path: path,
Major: Major(devNumber),
Minor: Minor(devNumber),
Major: int64(major),
Minor: int64(unix.Minor(devNumber)),
Permissions: permissions,
FileMode: os.FileMode(mode),
Uid: uid,
Gid: gid,
Uid: stat.Uid,
Gid: stat.Gid,
}, nil
}

3
vendor/github.com/opencontainers/runc/libcontainer/devices/devices_unsupported.go generated vendored
View File

@@ -1,3 +0,0 @@
// +build !linux
package devices

24
vendor/github.com/opencontainers/runc/libcontainer/devices/number.go generated vendored
View File

@@ -1,24 +0,0 @@
// +build linux freebsd
package devices
/*
This code provides support for manipulating linux device numbers. It should be replaced by normal syscall functions once http://code.google.com/p/go/issues/detail?id=8106 is solved.
You can read what they are here:
- http://www.makelinux.net/ldd3/chp-3-sect-2
- http://www.linux-tutorial.info/modules.php?name=MContent&pageid=94
Note! These are NOT the same as the MAJOR(dev_t device);, MINOR(dev_t device); and MKDEV(int major, int minor); functions as defined in <linux/kdev_t.h> as the representation of device numbers used by go is different than the one used internally to the kernel! - https://github.com/torvalds/linux/blob/master/include/linux/kdev_t.h#L9
*/
func Major(devNumber int) int64 {
return int64((devNumber >> 8) & 0xfff)
}
func Minor(devNumber int) int64 {
return int64((devNumber & 0xff) | ((devNumber >> 12) & 0xfff00))
}