diff options
author | Doug Rabson <dfr@rabson.org> | 2022-08-12 10:51:01 +0100 |
---|---|---|
committer | Doug Rabson <dfr@rabson.org> | 2022-08-15 10:45:23 +0100 |
commit | 65641ba8d5f9fa6f39806b4fb841031ef6756433 (patch) | |
tree | 1a8a6f3b126b8571739191132354c404844e1e6a | |
parent | 4136496ee713982daf3136ffe65d11a4163fabb8 (diff) | |
download | podman-65641ba8d5f9fa6f39806b4fb841031ef6756433.tar.gz podman-65641ba8d5f9fa6f39806b4fb841031ef6756433.tar.bz2 podman-65641ba8d5f9fa6f39806b4fb841031ef6756433.zip |
pkg/specgen: Add stubs for non-linux builds
This introduces a local type rlimT which is used to convert runtime-spec
POSIXRlimit to platform-specific Rlimit structures - on FreeBSD rlimit
members are signed integers.
[NO NEW TESTS NEEDED]
Signed-off-by: Doug Rabson <dfr@rabson.org>
-rw-r--r-- | pkg/specgen/generate/config_unsupported.go | 29 | ||||
-rw-r--r-- | pkg/specgen/generate/oci.go | 28 | ||||
-rw-r--r-- | pkg/specgen/generate/rlimit_int64.go | 6 | ||||
-rw-r--r-- | pkg/specgen/generate/rlimit_uint64.go | 6 |
4 files changed, 55 insertions, 14 deletions
diff --git a/pkg/specgen/generate/config_unsupported.go b/pkg/specgen/generate/config_unsupported.go new file mode 100644 index 000000000..a97ae0709 --- /dev/null +++ b/pkg/specgen/generate/config_unsupported.go @@ -0,0 +1,29 @@ +//go:build !linux +// +build !linux + +package generate + +import ( + "errors" + + "github.com/containers/common/libimage" + "github.com/containers/podman/v4/pkg/specgen" + spec "github.com/opencontainers/runtime-spec/specs-go" + "github.com/opencontainers/runtime-tools/generate" +) + +// DevicesFromPath computes a list of devices +func DevicesFromPath(g *generate.Generator, devicePath string) error { + return errors.New("unsupported DevicesFromPath") +} + +func BlockAccessToKernelFilesystems(privileged, pidModeIsHost bool, mask, unmask []string, g *generate.Generator) { +} + +func supportAmbientCapabilities() bool { + return false +} + +func getSeccompConfig(s *specgen.SpecGenerator, configSpec *spec.Spec, img *libimage.Image) (*spec.LinuxSeccomp, error) { + return nil, errors.New("not implemented getSeccompConfig") +} diff --git a/pkg/specgen/generate/oci.go b/pkg/specgen/generate/oci.go index f59fe1011..a531494c9 100644 --- a/pkg/specgen/generate/oci.go +++ b/pkg/specgen/generate/oci.go @@ -58,38 +58,38 @@ func addRlimits(s *specgen.SpecGenerator, g *generate.Generator) { // files and number of processes to the maximum they can be set to // (without overriding a sysctl) if !nofileSet { - max := define.RLimitDefaultValue - current := define.RLimitDefaultValue + max := rlimT(define.RLimitDefaultValue) + current := rlimT(define.RLimitDefaultValue) if isRootless { var rlimit unix.Rlimit if err := unix.Getrlimit(unix.RLIMIT_NOFILE, &rlimit); err != nil { logrus.Warnf("Failed to return RLIMIT_NOFILE ulimit %q", err) } - if rlimit.Cur < current { - current = rlimit.Cur + if rlimT(rlimit.Cur) < current { + current = rlimT(rlimit.Cur) } - if rlimit.Max < max { - max = rlimit.Max + if rlimT(rlimit.Max) < max { + max = rlimT(rlimit.Max) } } - g.AddProcessRlimits("RLIMIT_NOFILE", max, current) + g.AddProcessRlimits("RLIMIT_NOFILE", uint64(max), uint64(current)) } if !nprocSet { - max := define.RLimitDefaultValue - current := define.RLimitDefaultValue + max := rlimT(define.RLimitDefaultValue) + current := rlimT(define.RLimitDefaultValue) if isRootless { var rlimit unix.Rlimit if err := unix.Getrlimit(unix.RLIMIT_NPROC, &rlimit); err != nil { logrus.Warnf("Failed to return RLIMIT_NPROC ulimit %q", err) } - if rlimit.Cur < current { - current = rlimit.Cur + if rlimT(rlimit.Cur) < current { + current = rlimT(rlimit.Cur) } - if rlimit.Max < max { - max = rlimit.Max + if rlimT(rlimit.Max) < max { + max = rlimT(rlimit.Max) } } - g.AddProcessRlimits("RLIMIT_NPROC", max, current) + g.AddProcessRlimits("RLIMIT_NPROC", uint64(max), uint64(current)) } } diff --git a/pkg/specgen/generate/rlimit_int64.go b/pkg/specgen/generate/rlimit_int64.go new file mode 100644 index 000000000..b4cce3453 --- /dev/null +++ b/pkg/specgen/generate/rlimit_int64.go @@ -0,0 +1,6 @@ +//go:build freebsd +// +build freebsd + +package generate + +type rlimT int64 diff --git a/pkg/specgen/generate/rlimit_uint64.go b/pkg/specgen/generate/rlimit_uint64.go new file mode 100644 index 000000000..d85f8dd2c --- /dev/null +++ b/pkg/specgen/generate/rlimit_uint64.go @@ -0,0 +1,6 @@ +//go:build linux || darwin +// +build linux darwin + +package generate + +type rlimT uint64 |