diff options
| author | OpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com> | 2022-04-16 12:30:01 -0400 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-04-16 12:30:01 -0400 |
| commit | 8d3075e33267663bf2a251bfd60bd825397114c9 (patch) | |
| tree | 17efa4577cd6a895d492a38767b32ee1cac2dc74 /pkg/specgen/generate/namespaces.go | |
| parent | 25eeaec219ccc49dcb35e098afaed7d7987cbee1 (diff) | |
| parent | 3987c529f473178c51feb69d5252c7d5c2a8f697 (diff) | |
| download | podman-8d3075e33267663bf2a251bfd60bd825397114c9.tar.gz podman-8d3075e33267663bf2a251bfd60bd825397114c9.tar.bz2 podman-8d3075e33267663bf2a251bfd60bd825397114c9.zip | |
Merge pull request #13583 from rhatdan/ipc
Add support for ipc namespace modes "none, private, sharable"
Diffstat (limited to 'pkg/specgen/generate/namespaces.go')
| -rw-r--r-- | pkg/specgen/generate/namespaces.go | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/pkg/specgen/generate/namespaces.go b/pkg/specgen/generate/namespaces.go index 9ce45aaf0..05c2d1741 100644 --- a/pkg/specgen/generate/namespaces.go +++ b/pkg/specgen/generate/namespaces.go @@ -134,8 +134,17 @@ func namespaceOptions(ctx context.Context, s *specgen.SpecGenerator, rt *libpod. if err != nil { return nil, errors.Wrapf(err, "error looking up container to share ipc namespace with") } + if ipcCtr.ConfigNoCopy().NoShmShare { + return nil, errors.Errorf("joining IPC of container %s is not allowed: non-shareable IPC (hint: use IpcMode:shareable for the donor container)", ipcCtr.ID()) + } toReturn = append(toReturn, libpod.WithIPCNSFrom(ipcCtr)) - toReturn = append(toReturn, libpod.WithShmDir(ipcCtr.ShmDir())) + if !ipcCtr.ConfigNoCopy().NoShm { + toReturn = append(toReturn, libpod.WithShmDir(ipcCtr.ShmDir())) + } + case specgen.None: + toReturn = append(toReturn, libpod.WithNoShm(true)) + case specgen.Private: + toReturn = append(toReturn, libpod.WithNoShmShare(true)) } // UTS |