summaryrefslogtreecommitdiff
path: root/libpod/oci_util.go
diff options
context:
space:
mode:
authorOpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com>2021-01-12 13:46:29 -0500
committerGitHub <noreply@github.com>2021-01-12 13:46:29 -0500
commitdb52828621261e631f6db3c1bcf17aa10b46bd48 (patch)
tree94688a647a85d9c479ccf49ec615492f9a52cd16 /libpod/oci_util.go
parentb5c8cee932e046d6b5df08a8d237ca9d838228f6 (diff)
parent020abbfeab3b3f3bc3b82edf1b9374b90d79ae91 (diff)
downloadpodman-db52828621261e631f6db3c1bcf17aa10b46bd48.tar.gz
podman-db52828621261e631f6db3c1bcf17aa10b46bd48.tar.bz2
podman-db52828621261e631f6db3c1bcf17aa10b46bd48.zip
Merge pull request #8946 from JAORMX/sec-errors
Expose security attribute errors with their own messages
Diffstat (limited to 'libpod/oci_util.go')
-rw-r--r--libpod/oci_util.go12
1 files changed, 12 insertions, 0 deletions
diff --git a/libpod/oci_util.go b/libpod/oci_util.go
index 2ba85c4b3..d40cf13bd 100644
--- a/libpod/oci_util.go
+++ b/libpod/oci_util.go
@@ -126,5 +126,17 @@ func getOCIRuntimeError(runtimeMsg string) error {
}
return errors.Wrapf(define.ErrOCIRuntimeNotFound, "%s", strings.Trim(errStr, "\n"))
}
+ if match := regexp.MustCompile("`/proc/[a-z0-9-].+/attr.*`").FindString(runtimeMsg); match != "" {
+ errStr := match
+ if includeFullOutput {
+ errStr = runtimeMsg
+ }
+ if strings.HasSuffix(match, "/exec`") {
+ return errors.Wrapf(define.ErrSetSecurityAttribute, "%s", strings.Trim(errStr, "\n"))
+ } else if strings.HasSuffix(match, "/current`") {
+ return errors.Wrapf(define.ErrGetSecurityAttribute, "%s", strings.Trim(errStr, "\n"))
+ }
+ return errors.Wrapf(define.ErrSecurityAttribute, "%s", strings.Trim(errStr, "\n"))
+ }
return errors.Wrapf(define.ErrOCIRuntime, "%s", strings.Trim(runtimeMsg, "\n"))
}
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-01-10 13:36:06 +0000