mirror of
				https://github.com/containers/podman.git
				synced 2025-10-25 10:16:43 +08:00 
			
		
		
		
	 49eb5af301
			
		
	
	49eb5af301
	
	
	
		
			
			if the current user is not mapped into the new user namespace, use an intermediate mount to allow the mount point to be accessible instead of opening up all the parent directories for the mountpoint. Closes: https://github.com/containers/podman/issues/23028 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
		
			
				
	
	
		
			34 lines
		
	
	
		
			1.0 KiB
		
	
	
	
		
			Go
		
	
	
	
	
	
			
		
		
	
	
			34 lines
		
	
	
		
			1.0 KiB
		
	
	
	
		
			Go
		
	
	
	
	
	
| //go:build !remote
 | |
| 
 | |
| package libpod
 | |
| 
 | |
| import (
 | |
| 	"errors"
 | |
| 	"os"
 | |
| 	"os/exec"
 | |
| )
 | |
| 
 | |
| func (r *ConmonOCIRuntime) createRootlessContainer(ctr *Container, restoreOptions *ContainerCheckpointOptions, hideFiles bool) (int64, error) {
 | |
| 	return -1, errors.New("unsupported (*ConmonOCIRuntime) createRootlessContainer")
 | |
| }
 | |
| 
 | |
| // Run the closure with the container's socket label set
 | |
| func (r *ConmonOCIRuntime) withContainerSocketLabel(ctr *Container, closure func() error) error {
 | |
| 	// No label support yet
 | |
| 	return closure()
 | |
| }
 | |
| 
 | |
| // moveConmonToCgroupAndSignal gets a container's cgroupParent and moves the conmon process to that cgroup
 | |
| // it then signals for conmon to start by sending nonce data down the start fd
 | |
| func (r *ConmonOCIRuntime) moveConmonToCgroupAndSignal(ctr *Container, cmd *exec.Cmd, startFd *os.File) error {
 | |
| 	// No equivalent to cgroup on FreeBSD, just signal conmon to start
 | |
| 	if err := writeConmonPipeData(startFd); err != nil {
 | |
| 		return err
 | |
| 	}
 | |
| 	return nil
 | |
| }
 | |
| 
 | |
| func moveToRuntimeCgroup() error {
 | |
| 	return errors.New("moveToRuntimeCgroup not supported on freebsd")
 | |
| }
 |