Add support for ipc namespace modes "none, private, sharable"

Fixes: #13265

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>

1 files changed, 13 insertions, 14 deletions

diff --git a/libpod/container_inspect.go b/libpod/container_inspect.go
index c9d0b8a6c..14290ca0d 100644
--- a/libpod/container_inspect.go
+++ b/libpod/container_inspect.go
@@ -703,32 +703,31 @@ func (c *Container) generateInspectContainerHostConfig(ctrSpec *spec.Spec, named
 	}
 	hostConfig.CapAdd = capAdd
 	hostConfig.CapDrop = capDrop
-
-	// IPC Namespace mode
-	ipcMode := ""
-	if c.config.IPCNsCtr != "" {
-		ipcMode = fmt.Sprintf("container:%s", c.config.IPCNsCtr)
-	} else if ctrSpec.Linux != nil {
+	switch {
+	case c.config.IPCNsCtr != "":
+		hostConfig.IpcMode = fmt.Sprintf("container:%s", c.config.IPCNsCtr)
+	case ctrSpec.Linux != nil:
 		// Locate the spec's IPC namespace.
 		// If there is none, it's ipc=host.
 		// If there is one and it has a path, it's "ns:".
 		// If no path, it's default - the empty string.
-
 		for _, ns := range ctrSpec.Linux.Namespaces {
 			if ns.Type == spec.IPCNamespace {
 				if ns.Path != "" {
-					ipcMode = fmt.Sprintf("ns:%s", ns.Path)
+					hostConfig.IpcMode = fmt.Sprintf("ns:%s", ns.Path)
 				} else {
-					ipcMode = "private"
+					break
 				}
-				break
 			}
 		}
-		if ipcMode == "" {
-			ipcMode = "host"
-		}
+	case c.config.NoShm:
+		hostConfig.IpcMode = "none"
+	case c.config.NoShmShare:
+		hostConfig.IpcMode = "private"
+	}
+	if hostConfig.IpcMode == "" {
+		hostConfig.IpcMode = "shareable"
 	}
-	hostConfig.IpcMode = ipcMode
 
 	// Cgroup namespace mode
 	cgroupMode := ""