diff options
Diffstat (limited to 'libpod/oci.go')
| -rw-r--r-- | libpod/oci.go | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/libpod/oci.go b/libpod/oci.go index 0483c0d53..5ae3406ac 100644 --- a/libpod/oci.go +++ b/libpod/oci.go @@ -22,6 +22,7 @@ import ( "github.com/opencontainers/selinux/go-selinux/label" "github.com/pkg/errors" "github.com/projectatomic/libpod/pkg/ctime" + "github.com/projectatomic/libpod/pkg/rootless" "github.com/sirupsen/logrus" "golang.org/x/sys/unix" kwait "k8s.io/apimachinery/pkg/util/wait" @@ -317,6 +318,15 @@ func (r *OCIRuntime) createOCIContainer(ctr *Container, cgroupParent string) (er // process cannot use them. cmd.ExtraFiles = append(cmd.ExtraFiles, ports...) + if rootless.IsRootless() { + ctr.rootlessSlirpSyncR, ctr.rootlessSlirpSyncW, err = os.Pipe() + if err != nil { + return errors.Wrapf(err, "failed to create rootless network sync pipe") + } + // Leak one end in conmon, the other one will be leaked into slirp4netns + cmd.ExtraFiles = append(cmd.ExtraFiles, ctr.rootlessSlirpSyncW) + } + if notify, ok := os.LookupEnv("NOTIFY_SOCKET"); ok { cmd.Env = append(cmd.Env, fmt.Sprintf("NOTIFY_SOCKET=%s", notify)) } |