diff options
| author | Doug Rabson <dfr@rabson.org> | 2022-08-27 14:24:31 +0100 |
|---|---|---|
| committer | Doug Rabson <dfr@rabson.org> | 2022-09-05 10:17:49 +0100 |
| commit | be5d1261b41de0076c5296f56afaeae48b6aa191 (patch) | |
| tree | cd5d34fdd640d5c51a0eb64866256434e9c48883 | |
| parent | 71e2074e8352dee48c068e5804ae5a4d74163b03 (diff) | |
| download | podman-be5d1261b41de0076c5296f56afaeae48b6aa191.tar.gz podman-be5d1261b41de0076c5296f56afaeae48b6aa191.tar.bz2 podman-be5d1261b41de0076c5296f56afaeae48b6aa191.zip | |
libpod: Move mountNotifySocket to container_internal_common.go
[NO NEW TESTS NEEDED]
Signed-off-by: Doug Rabson <dfr@rabson.org>
| -rw-r--r-- | libpod/container_internal_common.go | 32 | ||||
| -rw-r--r-- | libpod/container_internal_freebsd.go | 30 | ||||
| -rw-r--r-- | libpod/container_internal_linux.go | 32 |
3 files changed, 32 insertions, 62 deletions
diff --git a/libpod/container_internal_common.go b/libpod/container_internal_common.go index 0d5071831..80b8c2638 100644 --- a/libpod/container_internal_common.go +++ b/libpod/container_internal_common.go @@ -644,3 +644,35 @@ func lookupHostUser(name string) (*runcuser.ExecUser, error) { execUser.Home = u.HomeDir return &execUser, nil } + +// mountNotifySocket mounts the NOTIFY_SOCKET into the container if it's set +// and if the sdnotify mode is set to container. It also sets c.notifySocket +// to avoid redundantly looking up the env variable. +func (c *Container) mountNotifySocket(g generate.Generator) error { + if c.config.SdNotifySocket == "" { + return nil + } + if c.config.SdNotifyMode != define.SdNotifyModeContainer { + return nil + } + + notifyDir := filepath.Join(c.bundlePath(), "notify") + logrus.Debugf("Checking notify %q dir", notifyDir) + if err := os.MkdirAll(notifyDir, 0755); err != nil { + if !os.IsExist(err) { + return fmt.Errorf("unable to create notify %q dir: %w", notifyDir, err) + } + } + if err := label.Relabel(notifyDir, c.MountLabel(), true); err != nil { + return fmt.Errorf("relabel failed %q: %w", notifyDir, err) + } + logrus.Debugf("Add bindmount notify %q dir", notifyDir) + if _, ok := c.state.BindMounts["/run/notify"]; !ok { + c.state.BindMounts["/run/notify"] = notifyDir + } + + // Set the container's notify socket to the proxy socket created by conmon + g.AddProcessEnv("NOTIFY_SOCKET", "/run/notify/notify.sock") + + return nil +} diff --git a/libpod/container_internal_freebsd.go b/libpod/container_internal_freebsd.go index 98ae209e8..ae89c4f9a 100644 --- a/libpod/container_internal_freebsd.go +++ b/libpod/container_internal_freebsd.go @@ -187,36 +187,6 @@ func (c *Container) reloadNetwork() error { return c.save() } -// mountNotifySocket mounts the NOTIFY_SOCKET into the container if it's set -// and if the sdnotify mode is set to container. It also sets c.notifySocket -// to avoid redundantly looking up the env variable. -func (c *Container) mountNotifySocket(g generate.Generator) error { - - if c.config.SdNotifyMode != define.SdNotifyModeContainer { - return nil - } - - notifyDir := filepath.Join(c.bundlePath(), "notify") - logrus.Debugf("Checking notify %q dir", notifyDir) - if err := os.MkdirAll(notifyDir, 0755); err != nil { - if !os.IsExist(err) { - return fmt.Errorf("unable to create notify %q dir: %w", notifyDir, err) - } - } - if err := label.Relabel(notifyDir, c.MountLabel(), true); err != nil { - return fmt.Errorf("relabel failed %q: %w", notifyDir, err) - } - logrus.Debugf("Add bindmount notify %q dir", notifyDir) - if _, ok := c.state.BindMounts["/run/notify"]; !ok { - c.state.BindMounts["/run/notify"] = notifyDir - } - - // Set the container's notify socket to the proxy socket created by conmon - g.AddProcessEnv("NOTIFY_SOCKET", "/run/notify/notify.sock") - - return nil -} - // Add an existing container's network jail func (c *Container) addNetworkContainer(g *generate.Generator, ctr string) error { nsCtr, err := c.runtime.state.Container(ctr) diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go index 9bdbd59a9..df393fa1e 100644 --- a/libpod/container_internal_linux.go +++ b/libpod/container_internal_linux.go @@ -220,38 +220,6 @@ func (c *Container) reloadNetwork() error { return c.save() } -// mountNotifySocket mounts the NOTIFY_SOCKET into the container if it's set -// and if the sdnotify mode is set to container. It also sets c.notifySocket -// to avoid redundantly looking up the env variable. -func (c *Container) mountNotifySocket(g generate.Generator) error { - if c.config.SdNotifySocket == "" { - return nil - } - if c.config.SdNotifyMode != define.SdNotifyModeContainer { - return nil - } - - notifyDir := filepath.Join(c.bundlePath(), "notify") - logrus.Debugf("Checking notify %q dir", notifyDir) - if err := os.MkdirAll(notifyDir, 0755); err != nil { - if !os.IsExist(err) { - return fmt.Errorf("unable to create notify %q dir: %w", notifyDir, err) - } - } - if err := label.Relabel(notifyDir, c.MountLabel(), true); err != nil { - return fmt.Errorf("relabel failed %q: %w", notifyDir, err) - } - logrus.Debugf("Add bindmount notify %q dir", notifyDir) - if _, ok := c.state.BindMounts["/run/notify"]; !ok { - c.state.BindMounts["/run/notify"] = notifyDir - } - - // Set the container's notify socket to the proxy socket created by conmon - g.AddProcessEnv("NOTIFY_SOCKET", "/run/notify/notify.sock") - - return nil -} - // systemd expects to have /run, /run/lock and /tmp on tmpfs // It also expects to be able to write to /sys/fs/cgroup/systemd and /var/log/journal func (c *Container) setupSystemd(mounts []spec.Mount, g generate.Generator) error { |