6 files changed, 55 insertions, 33 deletions

diff --git a/pkg/spec/config_linux.go b/pkg/spec/config_linux.go
index eb2acf984..9f6a4a058 100644
--- a/pkg/spec/config_linux.go
+++ b/pkg/spec/config_linux.go
@@ -4,12 +4,10 @@ package createconfig
 
 import (
 	"fmt"
-	"io/ioutil"
 	"os"
 	"path/filepath"
 	"strings"
 
-	"github.com/docker/docker/profiles/seccomp"
 	"github.com/opencontainers/runc/libcontainer/configs"
 	"github.com/opencontainers/runc/libcontainer/devices"
 	spec "github.com/opencontainers/runtime-spec/specs-go"
@@ -130,29 +128,6 @@ func (c *CreateConfig) addPrivilegedDevices(g *generate.Generator) error {
 	return nil
 }
 
-func getSeccompConfig(config *CreateConfig, configSpec *spec.Spec) (*spec.LinuxSeccomp, error) {
-	var seccompConfig *spec.LinuxSeccomp
-	var err error
-
-	if config.SeccompProfilePath != "" {
-		seccompProfile, err := ioutil.ReadFile(config.SeccompProfilePath)
-		if err != nil {
-			return nil, errors.Wrapf(err, "opening seccomp profile (%s) failed", config.SeccompProfilePath)
-		}
-		seccompConfig, err = seccomp.LoadProfile(string(seccompProfile), configSpec)
-		if err != nil {
-			return nil, errors.Wrapf(err, "loading seccomp profile (%s) failed", config.SeccompProfilePath)
-		}
-	} else {
-		seccompConfig, err = seccomp.GetDefaultProfile(configSpec)
-		if err != nil {
-			return nil, errors.Wrapf(err, "loading seccomp profile (%s) failed", config.SeccompProfilePath)
-		}
-	}
-
-	return seccompConfig, nil
-}
-
 func (c *CreateConfig) createBlockIO() (*spec.LinuxBlockIO, error) {
 	var ret *spec.LinuxBlockIO
 	bio := &spec.LinuxBlockIO{}
diff --git a/pkg/spec/config_linux_cgo.go b/pkg/spec/config_linux_cgo.go
new file mode 100644
index 000000000..e6e92a7cc
--- /dev/null
+++ b/pkg/spec/config_linux_cgo.go
@@ -0,0 +1,34 @@
+// +build linux,cgo
+
+package createconfig
+
+import (
+	"io/ioutil"
+
+	"github.com/docker/docker/profiles/seccomp"
+	spec "github.com/opencontainers/runtime-spec/specs-go"
+	"github.com/pkg/errors"
+)
+
+func getSeccompConfig(config *CreateConfig, configSpec *spec.Spec) (*spec.LinuxSeccomp, error) {
+	var seccompConfig *spec.LinuxSeccomp
+	var err error
+
+	if config.SeccompProfilePath != "" {
+		seccompProfile, err := ioutil.ReadFile(config.SeccompProfilePath)
+		if err != nil {
+			return nil, errors.Wrapf(err, "opening seccomp profile (%s) failed", config.SeccompProfilePath)
+		}
+		seccompConfig, err = seccomp.LoadProfile(string(seccompProfile), configSpec)
+		if err != nil {
+			return nil, errors.Wrapf(err, "loading seccomp profile (%s) failed", config.SeccompProfilePath)
+		}
+	} else {
+		seccompConfig, err = seccomp.GetDefaultProfile(configSpec)
+		if err != nil {
+			return nil, errors.Wrapf(err, "loading seccomp profile (%s) failed", config.SeccompProfilePath)
+		}
+	}
+
+	return seccompConfig, nil
+}
diff --git a/pkg/spec/config_linux_nocgo.go b/pkg/spec/config_linux_nocgo.go
new file mode 100644
index 000000000..10329ff3b
--- /dev/null
+++ b/pkg/spec/config_linux_nocgo.go
@@ -0,0 +1,11 @@
+// +build linux,!cgo
+
+package createconfig
+
+import (
+	spec "github.com/opencontainers/runtime-spec/specs-go"
+)
+
+func getSeccompConfig(config *CreateConfig, configSpec *spec.Spec) (*spec.LinuxSeccomp, error) {
+	return nil, nil
+}
diff --git a/pkg/spec/containerconfig.go b/pkg/spec/containerconfig.go
index b2f8a268f..ae6420117 100644
--- a/pkg/spec/containerconfig.go
+++ b/pkg/spec/containerconfig.go
@@ -2,6 +2,7 @@ package createconfig
 
 import (
 	"github.com/containers/libpod/libpod"
+	"github.com/containers/libpod/libpod/define"
 	spec "github.com/opencontainers/runtime-spec/specs-go"
 	"github.com/pkg/errors"
 	"github.com/sirupsen/logrus"
@@ -11,9 +12,9 @@ import (
 // container with libpod from a completed CreateConfig struct.
 func (config *CreateConfig) MakeContainerConfig(runtime *libpod.Runtime, pod *libpod.Pod) (*spec.Spec, []libpod.CtrCreateOption, error) {
 	if config.Pod != "" && pod == nil {
-		return nil, nil, errors.Wrapf(libpod.ErrInvalidArg, "pod was specified but no pod passed")
+		return nil, nil, errors.Wrapf(define.ErrInvalidArg, "pod was specified but no pod passed")
 	} else if config.Pod == "" && pod != nil {
-		return nil, nil, errors.Wrapf(libpod.ErrInvalidArg, "pod was given but no pod is specified")
+		return nil, nil, errors.Wrapf(define.ErrInvalidArg, "pod was given but no pod is specified")
 	}
 
 	// Parse volumes flag into OCI spec mounts and libpod Named Volumes.
diff --git a/pkg/spec/createconfig.go b/pkg/spec/createconfig.go
index a8413d6c7..0042ed401 100644
--- a/pkg/spec/createconfig.go
+++ b/pkg/spec/createconfig.go
@@ -9,6 +9,7 @@ import (
 
 	"github.com/containers/image/manifest"
 	"github.com/containers/libpod/libpod"
+	"github.com/containers/libpod/libpod/define"
 	"github.com/containers/libpod/pkg/namespaces"
 	"github.com/containers/storage"
 	"github.com/cri-o/ocicni/pkg/ocicni"
@@ -331,9 +332,9 @@ func (c *CreateConfig) getContainerCreateOptions(runtime *libpod.Runtime, pod *l
 	if c.IPAddress != "" {
 		ip := net.ParseIP(c.IPAddress)
 		if ip == nil {
-			return nil, errors.Wrapf(libpod.ErrInvalidArg, "cannot parse %s as IP address", c.IPAddress)
+			return nil, errors.Wrapf(define.ErrInvalidArg, "cannot parse %s as IP address", c.IPAddress)
 		} else if ip.To4() == nil {
-			return nil, errors.Wrapf(libpod.ErrInvalidArg, "%s is not an IPv4 address", c.IPAddress)
+			return nil, errors.Wrapf(define.ErrInvalidArg, "%s is not an IPv4 address", c.IPAddress)
 		}
 		options = append(options, libpod.WithStaticIP(ip))
 	}
@@ -371,7 +372,7 @@ func (c *CreateConfig) getContainerCreateOptions(runtime *libpod.Runtime, pod *l
 
 	if c.RestartPolicy != "" {
 		if c.RestartPolicy == "unless-stopped" {
-			return nil, errors.Wrapf(libpod.ErrInvalidArg, "the unless-stopped restart policy is not supported")
+			return nil, errors.Wrapf(define.ErrInvalidArg, "the unless-stopped restart policy is not supported")
 		}
 
 		split := strings.Split(c.RestartPolicy, ":")
@@ -381,7 +382,7 @@ func (c *CreateConfig) getContainerCreateOptions(runtime *libpod.Runtime, pod *l
 				return nil, errors.Wrapf(err, "%s is not a valid number of retries for restart policy", split[1])
 			}
 			if numTries < 0 {
-				return nil, errors.Wrapf(libpod.ErrInvalidArg, "restart policy requires a positive number of retries")
+				return nil, errors.Wrapf(define.ErrInvalidArg, "restart policy requires a positive number of retries")
 			}
 			options = append(options, libpod.WithRestartRetries(uint(numTries)))
 		}
diff --git a/pkg/spec/spec.go b/pkg/spec/spec.go
index 0d953ff6f..06d1ac12d 100644
--- a/pkg/spec/spec.go
+++ b/pkg/spec/spec.go
@@ -6,8 +6,8 @@ import (
 	"strings"
 
 	"github.com/containers/libpod/libpod"
+	"github.com/containers/libpod/pkg/cgroups"
 	"github.com/containers/libpod/pkg/rootless"
-	"github.com/containers/libpod/pkg/util"
 	pmount "github.com/containers/storage/pkg/mount"
 	"github.com/docker/docker/oci/caps"
 	"github.com/docker/go-units"
@@ -350,7 +350,7 @@ func (config *CreateConfig) createConfigToOCISpec(runtime *libpod.Runtime, userM
 	}
 
 	if rootless.IsRootless() {
-		cgroup2, err := util.IsCgroup2UnifiedMode()
+		cgroup2, err := cgroups.IsCgroup2UnifiedMode()
 		if err != nil {
 			return nil, err
 		}