traefik/integration/vendor/github.com/opencontainers/runc/utils.go

// +build linux

package main

import (
	"fmt"
	"os"
	"path/filepath"

	"github.com/codegangsta/cli"
	"github.com/opencontainers/runc/libcontainer"
	"github.com/opencontainers/runc/libcontainer/configs"
	"github.com/opencontainers/specs"
)

const wildcard = -1

var allowedDevices = []*configs.Device{
	// allow mknod for any device
	{
		Type:        'c',
		Major:       wildcard,
		Minor:       wildcard,
		Permissions: "m",
	},
	{
		Type:        'b',
		Major:       wildcard,
		Minor:       wildcard,
		Permissions: "m",
	},
	{
		Path:        "/dev/console",
		Type:        'c',
		Major:       5,
		Minor:       1,
		Permissions: "rwm",
	},
	{
		Path:        "/dev/tty0",
		Type:        'c',
		Major:       4,
		Minor:       0,
		Permissions: "rwm",
	},
	{
		Path:        "/dev/tty1",
		Type:        'c',
		Major:       4,
		Minor:       1,
		Permissions: "rwm",
	},
	// /dev/pts/ - pts namespaces are "coming soon"
	{
		Path:        "",
		Type:        'c',
		Major:       136,
		Minor:       wildcard,
		Permissions: "rwm",
	},
	{
		Path:        "",
		Type:        'c',
		Major:       5,
		Minor:       2,
		Permissions: "rwm",
	},
	// tuntap
	{
		Path:        "",
		Type:        'c',
		Major:       10,
		Minor:       200,
		Permissions: "rwm",
	},
}

var container libcontainer.Container

func containerPreload(context *cli.Context) error {
	c, err := getContainer(context)
	if err != nil {
		return err
	}
	container = c
	return nil
}

var factory libcontainer.Factory

func factoryPreload(context *cli.Context) error {
	f, err := loadFactory(context)
	if err != nil {
		return err
	}
	factory = f
	return nil
}

// loadFactory returns the configured factory instance for execing containers.
func loadFactory(context *cli.Context) (libcontainer.Factory, error) {
	root := context.GlobalString("root")
	abs, err := filepath.Abs(root)
	if err != nil {
		return nil, err
	}
	return libcontainer.New(abs, libcontainer.Cgroupfs, func(l *libcontainer.LinuxFactory) error {
		l.CriuPath = context.GlobalString("criu")
		return nil
	})
}

// getContainer returns the specified container instance by loading it from state
// with the default factory.
func getContainer(context *cli.Context) (libcontainer.Container, error) {
	factory, err := loadFactory(context)
	if err != nil {
		return nil, err
	}
	container, err := factory.Load(context.GlobalString("id"))
	if err != nil {
		return nil, err
	}
	return container, nil
}

// fatal prints the error's details if it is a libcontainer specific error type
// then exits the program with an exit status of 1.
func fatal(err error) {
	if lerr, ok := err.(libcontainer.Error); ok {
		lerr.Detail(os.Stderr)
		os.Exit(1)
	}
	fmt.Fprintln(os.Stderr, err)
	os.Exit(1)
}

// getDefaultID returns a string to be used as the container id based on the
// current working directory of the runc process.  This function panics
// if the cwd is unable to be found based on a system error.
func getDefaultID() string {
	cwd, err := os.Getwd()
	if err != nil {
		panic(err)
	}
	return filepath.Base(cwd)
}

func getDefaultImagePath(context *cli.Context) string {
	cwd, err := os.Getwd()
	if err != nil {
		panic(err)
	}
	return filepath.Join(cwd, "checkpoint")
}

// newProcess returns a new libcontainer Process with the arguments from the
// spec and stdio from the current process.
func newProcess(p specs.Process) *libcontainer.Process {
	return &libcontainer.Process{
		Args: p.Args,
		Env:  p.Env,
		// TODO: fix libcontainer's API to better support uid/gid in a typesafe way.
		User: fmt.Sprintf("%d:%d", p.User.UID, p.User.GID),
		Cwd:  p.Cwd,
	}
}
Vendor integration dependencies. 2017-02-07 21:33:23 +00:00			`// +build linux`

			`package main`

			`import (`
			`"fmt"`
			`"os"`
			`"path/filepath"`

			`"github.com/codegangsta/cli"`
			`"github.com/opencontainers/runc/libcontainer"`
			`"github.com/opencontainers/runc/libcontainer/configs"`
			`"github.com/opencontainers/specs"`
			`)`

			`const wildcard = -1`

			`var allowedDevices = []*configs.Device{`
			`// allow mknod for any device`
			`{`
			`Type: 'c',`
			`Major: wildcard,`
			`Minor: wildcard,`
			`Permissions: "m",`
			`},`
			`{`
			`Type: 'b',`
			`Major: wildcard,`
			`Minor: wildcard,`
			`Permissions: "m",`
			`},`
			`{`
			`Path: "/dev/console",`
			`Type: 'c',`
			`Major: 5,`
			`Minor: 1,`
			`Permissions: "rwm",`
			`},`
			`{`
			`Path: "/dev/tty0",`
			`Type: 'c',`
			`Major: 4,`
			`Minor: 0,`
			`Permissions: "rwm",`
			`},`
			`{`
			`Path: "/dev/tty1",`
			`Type: 'c',`
			`Major: 4,`
			`Minor: 1,`
			`Permissions: "rwm",`
			`},`
			`// /dev/pts/ - pts namespaces are "coming soon"`
			`{`
			`Path: "",`
			`Type: 'c',`
			`Major: 136,`
			`Minor: wildcard,`
			`Permissions: "rwm",`
			`},`
			`{`
			`Path: "",`
			`Type: 'c',`
			`Major: 5,`
			`Minor: 2,`
			`Permissions: "rwm",`
			`},`
			`// tuntap`
			`{`
			`Path: "",`
			`Type: 'c',`
			`Major: 10,`
			`Minor: 200,`
			`Permissions: "rwm",`
			`},`
			`}`

			`var container libcontainer.Container`

			`func containerPreload(context *cli.Context) error {`
			`c, err := getContainer(context)`
			`if err != nil {`
			`return err`
			`}`
			`container = c`
			`return nil`
			`}`

			`var factory libcontainer.Factory`

			`func factoryPreload(context *cli.Context) error {`
			`f, err := loadFactory(context)`
			`if err != nil {`
			`return err`
			`}`
			`factory = f`
			`return nil`
			`}`

			`// loadFactory returns the configured factory instance for execing containers.`
			`func loadFactory(context *cli.Context) (libcontainer.Factory, error) {`
			`root := context.GlobalString("root")`
			`abs, err := filepath.Abs(root)`
			`if err != nil {`
			`return nil, err`
			`}`
			`return libcontainer.New(abs, libcontainer.Cgroupfs, func(l *libcontainer.LinuxFactory) error {`
			`l.CriuPath = context.GlobalString("criu")`
			`return nil`
			`})`
			`}`

			`// getContainer returns the specified container instance by loading it from state`
			`// with the default factory.`
			`func getContainer(context *cli.Context) (libcontainer.Container, error) {`
			`factory, err := loadFactory(context)`
			`if err != nil {`
			`return nil, err`
			`}`
			`container, err := factory.Load(context.GlobalString("id"))`
			`if err != nil {`
			`return nil, err`
			`}`
			`return container, nil`
			`}`

			`// fatal prints the error's details if it is a libcontainer specific error type`
			`// then exits the program with an exit status of 1.`
			`func fatal(err error) {`
			`if lerr, ok := err.(libcontainer.Error); ok {`
			`lerr.Detail(os.Stderr)`
			`os.Exit(1)`
			`}`
			`fmt.Fprintln(os.Stderr, err)`
			`os.Exit(1)`
			`}`

			`// getDefaultID returns a string to be used as the container id based on the`
			`// current working directory of the runc process. This function panics`
			`// if the cwd is unable to be found based on a system error.`
			`func getDefaultID() string {`
			`cwd, err := os.Getwd()`
			`if err != nil {`
			`panic(err)`
			`}`
			`return filepath.Base(cwd)`
			`}`

			`func getDefaultImagePath(context *cli.Context) string {`
			`cwd, err := os.Getwd()`
			`if err != nil {`
			`panic(err)`
			`}`
			`return filepath.Join(cwd, "checkpoint")`
			`}`

			`// newProcess returns a new libcontainer Process with the arguments from the`
			`// spec and stdio from the current process.`
			`func newProcess(p specs.Process) *libcontainer.Process {`
			`return &libcontainer.Process{`
			`Args: p.Args,`
			`Env: p.Env,`
			`// TODO: fix libcontainer's API to better support uid/gid in a typesafe way.`
			`User: fmt.Sprintf("%d:%d", p.User.UID, p.User.GID),`
			`Cwd: p.Cwd,`
			`}`
			`}`