diff options
| author | umohnani8 <umohnani@redhat.com> | 2018-01-12 10:19:48 -0500 |
|---|---|---|
| committer | Atomic Bot <atomic-devel@projectatomic.io> | 2018-01-15 19:27:10 +0000 |
| commit | 2bfb31ddf4b7f28a67ef94b8b318536c367a663b (patch) | |
| tree | f76fca0eb6087cc4d5c3b65dc06b73113fe588d9 /cmd/podman/create_cli.go | |
| parent | 7853262a84b1312e29a78708865a28bd41c4cc2f (diff) | |
| download | podman-2bfb31ddf4b7f28a67ef94b8b318536c367a663b.tar.gz podman-2bfb31ddf4b7f28a67ef94b8b318536c367a663b.tar.bz2 podman-2bfb31ddf4b7f28a67ef94b8b318536c367a663b.zip | |
Implement and test the following flags for podman run and create
memory, memory-reservation, memory-swap, memory-swappiness, kernel-memory,
cpu-period, cou-quota, cpu-shares, cpus, cpuset-cpus, cpuset-mems,
blkio-weight, blkio-weight-device, sysctl, and ulimit
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #221
Approved by: mheon
Diffstat (limited to 'cmd/podman/create_cli.go')
| -rw-r--r-- | cmd/podman/create_cli.go | 43 |
1 files changed, 37 insertions, 6 deletions
diff --git a/cmd/podman/create_cli.go b/cmd/podman/create_cli.go index 0cc265e92..24856feb8 100644 --- a/cmd/podman/create_cli.go +++ b/cmd/podman/create_cli.go @@ -24,14 +24,45 @@ func getAllLabels(labelFile, inputLabels []string) (map[string]string, error) { return labels, nil } -func convertStringSliceToMap(strSlice []string, delimiter string) (map[string]string, error) { +// validateSysctl validates a sysctl and returns it. +func validateSysctl(strSlice []string) (map[string]string, error) { sysctl := make(map[string]string) - for _, inputSysctl := range strSlice { - values := strings.Split(inputSysctl, delimiter) - if len(values) < 2 { - return sysctl, errors.Errorf("%s in an invalid sysctl value", inputSysctl) + validSysctlMap := map[string]bool{ + "kernel.msgmax": true, + "kernel.msgmnb": true, + "kernel.msgmni": true, + "kernel.sem": true, + "kernel.shmall": true, + "kernel.shmmax": true, + "kernel.shmmni": true, + "kernel.shm_rmid_forced": true, + } + validSysctlPrefixes := []string{ + "net.", + "fs.mqueue.", + } + + for _, val := range strSlice { + foundMatch := false + arr := strings.Split(val, "=") + if len(arr) < 2 { + return nil, errors.Errorf("%s is invalid, sysctl values must be in the form of KEY=VALUE", val) + } + if validSysctlMap[arr[0]] { + sysctl[arr[0]] = arr[1] + continue + } + + for _, prefix := range validSysctlPrefixes { + if strings.HasPrefix(arr[0], prefix) { + sysctl[arr[0]] = arr[1] + foundMatch = true + break + } + } + if !foundMatch { + return nil, errors.Errorf("sysctl '%s' is not whitelisted", arr[0]) } - sysctl[values[0]] = values[1] } return sysctl, nil } |