Fix pod sharing for utsmode

We should be sharing cgroups namespace by default in pods uts namespace sharing was broken in pods. Create a new libpod/pkg/namespaces for handling of namespace fields in containers Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1418 Approved by: mheon
author: Daniel J Walsh <dwalsh@redhat.com> 2018-09-01 12:51:00 -0400
committer: Atomic Bot <atomic-devel@projectatomic.io> 2018-09-07 18:18:54 +0000
commit: 87f90ce14abf36fbf85f6128b3024ea89a44d670 (patch)
tree: 7090c0a491c2f4199f8172e1d30b525fa938ed86 /pkg/spec/createconfig.go
parent: ccc4a339cd124abc668b7542a9eb838cd7d1b214 (diff)
download: podman-87f90ce14abf36fbf85f6128b3024ea89a44d670.tar.gz
podman-87f90ce14abf36fbf85f6128b3024ea89a44d670.tar.bz2
podman-87f90ce14abf36fbf85f6128b3024ea89a44d670.zip
1 files changed, 32 insertions, 24 deletions
diff --git a/pkg/spec/createconfig.go b/pkg/spec/createconfig.go
index 0ab0bb9ff..0b7ee993d 100644
--- a/pkg/spec/createconfig.go
+++ b/pkg/spec/createconfig.go
@@ -8,10 +8,10 @@ import (
 	"syscall"
 
 	"github.com/containers/libpod/libpod"
+	"github.com/containers/libpod/pkg/namespaces"
 	"github.com/containers/libpod/pkg/rootless"
 	"github.com/containers/storage"
 	"github.com/cri-o/ocicni/pkg/ocicni"
-	"github.com/docker/docker/api/types/container"
 	"github.com/docker/go-connections/nat"
 	spec "github.com/opencontainers/runtime-spec/specs-go"
 	"github.com/opencontainers/runtime-tools/generate"
@@ -90,22 +90,22 @@ type CreateConfig struct {
 	ImageID            string
 	BuiltinImgVolumes  map[string]struct{} // volumes defined in the image config
 	IDMappings         *storage.IDMappingOptions
-	ImageVolumeType    string                // how to handle the image volume, either bind, tmpfs, or ignore
-	Interactive        bool                  //interactive
-	IpcMode            container.IpcMode     //ipc
-	IP6Address         string                //ipv6
-	IPAddress          string                //ip
-	Labels             map[string]string     //label
-	LinkLocalIP        []string              // link-local-ip
-	LogDriver          string                // log-driver
-	LogDriverOpt       []string              // log-opt
-	MacAddress         string                //mac-address
-	Name               string                //name
-	NetMode            container.NetworkMode //net
-	Network            string                //network
-	NetworkAlias       []string              //network-alias
-	PidMode            container.PidMode     //pid
-	Pod                string                //pod
+	ImageVolumeType    string                 // how to handle the image volume, either bind, tmpfs, or ignore
+	Interactive        bool                   //interactive
+	IpcMode            namespaces.IpcMode     //ipc
+	IP6Address         string                 //ipv6
+	IPAddress          string                 //ip
+	Labels             map[string]string      //label
+	LinkLocalIP        []string               // link-local-ip
+	LogDriver          string                 // log-driver
+	LogDriverOpt       []string               // log-opt
+	MacAddress         string                 //mac-address
+	Name               string                 //name
+	NetMode            namespaces.NetworkMode //net
+	Network            string                 //network
+	NetworkAlias       []string               //network-alias
+	PidMode            namespaces.PidMode     //pid
+	Pod                string                 //pod
 	PortBindings       nat.PortMap
 	Privileged         bool     //privileged
 	Publish            []string //publish
@@ -119,12 +119,12 @@ type CreateConfig struct {
 	StopTimeout        uint              // stop-timeout
 	Sysctl             map[string]string //sysctl
 	Systemd            bool
-	Tmpfs              []string             // tmpfs
-	Tty                bool                 //tty
-	UsernsMode         container.UsernsMode //userns
-	User               string               //user
-	UtsMode            container.UTSMode    //uts
-	Volumes            []string             //volume
+	Tmpfs              []string              // tmpfs
+	Tty                bool                  //tty
+	UsernsMode         namespaces.UsernsMode //userns
+	User               string                //user
+	UtsMode            namespaces.UTSMode    //uts
+	Volumes            []string              //volume
 	VolumesFrom        []string
 	WorkDir            string //workdir
 	MountLabel         string //SecurityOpts
@@ -222,7 +222,7 @@ func (c *CreateConfig) GetVolumeMounts(specMounts []spec.Mount) ([]spec.Mount, e
 }
 
 // GetVolumesFrom reads the create-config artifact of the container to get volumes from
-// and adds it to c.Volumes of the curent container.
+// and adds it to c.Volumes of the current container.
 func (c *CreateConfig) GetVolumesFrom() error {
 	var options string
 	for _, vol := range c.VolumesFrom {
@@ -423,6 +423,14 @@ func (c *CreateConfig) GetContainerCreateOptions(runtime *libpod.Runtime) ([]lib
 	if IsPod(string(c.UtsMode)) {
 		options = append(options, libpod.WithUTSNSFromPod(pod))
 	}
+	if c.UtsMode.IsContainer() {
+		connectedCtr, err := c.Runtime.LookupContainer(c.UtsMode.Container())
+		if err != nil {
+			return nil, errors.Wrapf(err, "container %q not found", c.UtsMode.Container())
+		}
+
+		options = append(options, libpod.WithUTSNSFrom(connectedCtr))
+	}
 
 	// TODO: MNT, USER, CGROUP
 	options = append(options, libpod.WithStopSignal(c.StopSignal))
author	Daniel J Walsh <dwalsh@redhat.com>	2018-09-01 12:51:00 -0400
committer	Atomic Bot <atomic-devel@projectatomic.io>	2018-09-07 18:18:54 +0000
commit	87f90ce14abf36fbf85f6128b3024ea89a44d670 (patch)
tree	7090c0a491c2f4199f8172e1d30b525fa938ed86 /pkg/spec/createconfig.go
parent	ccc4a339cd124abc668b7542a9eb838cd7d1b214 (diff)
download	podman-87f90ce14abf36fbf85f6128b3024ea89a44d670.tar.gz podman-87f90ce14abf36fbf85f6128b3024ea89a44d670.tar.bz2 podman-87f90ce14abf36fbf85f6128b3024ea89a44d670.zip