diff options
-rw-r--r-- | libpod/container_api.go | 17 | ||||
-rw-r--r-- | libpod/oci.go | 54 |
2 files changed, 51 insertions, 20 deletions
diff --git a/libpod/container_api.go b/libpod/container_api.go index 9011454fa..b7e523d7a 100644 --- a/libpod/container_api.go +++ b/libpod/container_api.go @@ -2,13 +2,11 @@ package libpod import ( "encoding/json" - "fmt" "io/ioutil" "os" "path/filepath" "github.com/docker/docker/daemon/caps" - "github.com/docker/docker/pkg/stringid" "github.com/docker/docker/pkg/term" "github.com/pkg/errors" "github.com/projectatomic/libpod/libpod/driver" @@ -236,21 +234,8 @@ func (c *Container) Exec(tty, privileged bool, env, cmd []string, user string) e if privileged || c.config.Privileged { capList = caps.GetAllCapabilities() } - globalOpts := runcGlobalOptions{ - log: c.LogPath(), - } - - execOpts := runcExecOptions{ - capAdd: capList, - pidFile: filepath.Join(c.state.RunDir, fmt.Sprintf("%s-execpid", stringid.GenerateNonCryptoID()[:12])), - env: env, - noNewPrivs: c.config.Spec.Process.NoNewPrivileges, - user: user, - cwd: c.config.Spec.Process.Cwd, - tty: tty, - } - return c.runtime.ociRuntime.execContainer(c, cmd, globalOpts, execOpts) + return c.runtime.ociRuntime.execContainer(c, cmd, tty, user, capList, env) } // Attach attaches to a container diff --git a/libpod/oci.go b/libpod/oci.go index 4847eceb6..225643f39 100644 --- a/libpod/oci.go +++ b/libpod/oci.go @@ -467,8 +467,54 @@ func (r *OCIRuntime) unpauseContainer(ctr *Container) error { return utils.ExecCmdWithStdStreams(os.Stdin, os.Stdout, os.Stderr, r.path, "resume", ctr.ID()) } -//execContiner executes a command in a running container -func (r *OCIRuntime) execContainer(c *Container, cmd []string, globalOpts runcGlobalOptions, commandOpts runcExecOptions) error { - r.RuncExec(c, cmd, globalOpts, commandOpts) - return nil +// execContainer executes a command in a running container +// TODO: Add --detach support +// TODO: Convert to use conmon +// TODO: add --pid-file and use that to generate exec session tracking +func (r *OCIRuntime) execContainer(c *Container, cmd []string, tty bool, user string, capAdd, env []string) error { + args := []string{} + + // TODO - should we maintain separate logpaths for exec sessions? + args = append(args, "--log", c.LogPath()) + + args = append(args, "exec") + + args = append(args, "--cwd", c.config.Spec.Process.Cwd) + + if tty { + args = append(args, "--tty") + } + + if user != "" { + args = append(args, "--user", user) + } + + if c.config.Spec.Process.NoNewPrivileges { + args = append(args, "--no-new-privs") + } + + for _, cap := range capAdd { + args = append(args, "--cap", cap) + } + + for _, envVar := range env { + args = append(args, "--env", envVar) + } + + // Append container ID and command + args = append(args, c.ID()) + args = append(args, cmd...) + + logrus.Debugf("Starting runtime %s with following arguments: %v", r.path, args) + + execCmd := exec.Command(r.path, args...) + execCmd.Stdout = os.Stdout + execCmd.Stderr = os.Stderr + execCmd.Stdin = os.Stdin + + if err := execCmd.Start(); err != nil { + return errors.Wrapf(err, "error starting exec command for container %s", c.ID()) + } + + return execCmd.Wait() } |