personality: Add support for setting execution domain.

Execution domains tell Linux how to map signal numbers into signal actions.
The execution domain system allows Linux to provide limited support for binaries
compiled under other UNIX-like operating systems.

Reference: https://man7.org/linux/man-pages/man2/personality.2.html

Signed-off-by: flouthoc <flouthoc.git@gmail.com>

2 files changed, 8 insertions, 0 deletions

diff --git a/pkg/specgen/generate/oci.go b/pkg/specgen/generate/oci.go
index 6e310d8a6..1f3f9e832 100644
--- a/pkg/specgen/generate/oci.go
+++ b/pkg/specgen/generate/oci.go
@@ -285,6 +285,9 @@ func SpecGenToOCI(ctx context.Context, s *specgen.SpecGenerator, rt *libpod.Runt
 		}
 		g.AddMount(cgroupMnt)
 	}
+
+	g.Config.Linux.Personality = s.Personality
+
 	g.SetProcessCwd(s.WorkDir)
 
 	g.SetProcessArgs(finalCmd)
diff --git a/pkg/specgen/specgen.go b/pkg/specgen/specgen.go
index b4ac337b5..fc647227e 100644
--- a/pkg/specgen/specgen.go
+++ b/pkg/specgen/specgen.go
@@ -186,6 +186,11 @@ type ContainerBasicConfig struct {
 	// InitContainerType describes if this container is an init container
 	// and if so, what type: always or oneshot
 	InitContainerType string `json:"init_container_type"`
+	// Personality allows users to configure different execution domains.
+	// Execution domains tell Linux how to map signal numbers into signal actions.
+	// The execution domain system allows Linux to provide limited support
+	// for binaries compiled under other UNIX-like operating systems.
+	Personality *spec.LinuxPersonality `json:"personality,omitempty"`
 }
 
 // ContainerStorageConfig contains information on the storage configuration of a