diff options
author | OpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com> | 2019-01-04 06:41:07 -0800 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-01-04 06:41:07 -0800 |
commit | 6868b5aa1444404113bc6a4582203fbbf89490c2 (patch) | |
tree | 2be4469136fd0f7c179352d6a721d2e9f0a61f47 /pkg/spec/createconfig.go | |
parent | 9ffd4806163e410d51d0f0cbece45b7405ff9fee (diff) | |
parent | 75578aad61c1e9fae021223ece70cb83e3e2bcf2 (diff) | |
download | podman-6868b5aa1444404113bc6a4582203fbbf89490c2.tar.gz podman-6868b5aa1444404113bc6a4582203fbbf89490c2.tar.bz2 podman-6868b5aa1444404113bc6a4582203fbbf89490c2.zip |
Merge pull request #2045 from vrothberg/init
add init support
Diffstat (limited to 'pkg/spec/createconfig.go')
-rw-r--r-- | pkg/spec/createconfig.go | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/pkg/spec/createconfig.go b/pkg/spec/createconfig.go index 25f8cd7a1..ffc98e307 100644 --- a/pkg/spec/createconfig.go +++ b/pkg/spec/createconfig.go @@ -2,6 +2,7 @@ package createconfig import ( "encoding/json" + "fmt" "net" "os" "strconv" @@ -145,6 +146,36 @@ func (c *CreateConfig) CreateBlockIO() (*spec.LinuxBlockIO, error) { return c.createBlockIO() } +// AddContainerInitBinary adds the init binary specified by path iff the +// container will run in a private PID namespace that is not shared with the +// host or another pre-existing container, where an init-like process is +// already running. +// +// Note that AddContainerInitBinary prepends "/dev/init" "--" to the command +// to execute the bind-mounted binary as PID 1. +func (c *CreateConfig) AddContainerInitBinary(path string) error { + if path == "" { + return fmt.Errorf("please specify a path to the container-init binary") + } + if !c.PidMode.IsPrivate() { + return fmt.Errorf("cannot add init binary as PID 1 (PID namespace isn't private)") + } + if c.Systemd { + return fmt.Errorf("cannot use container-init binary with systemd") + } + if _, err := os.Stat(path); os.IsNotExist(err) { + return errors.Wrap(err, "container-init binary not found on the host") + } + c.Command = append([]string{"/dev/init", "--"}, c.Command...) + c.Mounts = append(c.Mounts, spec.Mount{ + Destination: "/dev/init", + Type: "bind", + Source: path, + Options: []string{"bind", "ro"}, + }) + return nil +} + func processOptions(options []string) []string { var ( foundrw, foundro bool |