summaryrefslogtreecommitdiff
path: root/pkg/specgen/namespaces.go
diff options
context:
space:
mode:
Diffstat (limited to 'pkg/specgen/namespaces.go')
-rw-r--r--pkg/specgen/namespaces.go53
1 files changed, 53 insertions, 0 deletions
diff --git a/pkg/specgen/namespaces.go b/pkg/specgen/namespaces.go
index 4f35b31bf..f0161a793 100644
--- a/pkg/specgen/namespaces.go
+++ b/pkg/specgen/namespaces.go
@@ -33,6 +33,11 @@ const (
// Slirp indicates that a slirp4netns network stack should
// be used
Slirp NamespaceMode = "slirp4netns"
+ // KeepId indicates a user namespace to keep the owner uid inside
+ // of the namespace itself
+ KeepID NamespaceMode = "keep-id"
+ // KeepId indicates to automatically create a user namespace
+ Auto NamespaceMode = "auto"
)
// Namespace describes the namespace
@@ -72,6 +77,27 @@ func (n *Namespace) IsPrivate() bool {
return n.NSMode == Private
}
+// IsAuto indicates the namespace is auto
+func (n *Namespace) IsAuto() bool {
+ return n.NSMode == Auto
+}
+
+// IsKeepID indicates the namespace is KeepID
+func (n *Namespace) IsKeepID() bool {
+ return n.NSMode == KeepID
+}
+
+func validateUserNS(n *Namespace) error {
+ if n == nil {
+ return nil
+ }
+ switch n.NSMode {
+ case Auto, KeepID:
+ return nil
+ }
+ return n.validate()
+}
+
func validateNetNS(n *Namespace) error {
if n == nil {
return nil
@@ -133,6 +159,8 @@ func (n *Namespace) validate() error {
func ParseNamespace(ns string) (Namespace, error) {
toReturn := Namespace{}
switch {
+ case ns == "pod":
+ toReturn.NSMode = FromPod
case ns == "host":
toReturn.NSMode = Host
case ns == "private":
@@ -158,6 +186,29 @@ func ParseNamespace(ns string) (Namespace, error) {
return toReturn, nil
}
+// ParseUserNamespace parses a user namespace specification in string
+// form.
+func ParseUserNamespace(ns string) (Namespace, error) {
+ toReturn := Namespace{}
+ switch {
+ case ns == "auto":
+ toReturn.NSMode = Auto
+ return toReturn, nil
+ case strings.HasPrefix(ns, "auto:"):
+ split := strings.SplitN(ns, ":", 2)
+ if len(split) != 2 {
+ return toReturn, errors.Errorf("invalid setting for auto: mode")
+ }
+ toReturn.NSMode = Auto
+ toReturn.Value = split[1]
+ return toReturn, nil
+ case ns == "keep-id":
+ toReturn.NSMode = KeepID
+ return toReturn, nil
+ }
+ return ParseNamespace(ns)
+}
+
// ParseNetworkNamespace parses a network namespace specification in string
// form.
// Returns a namespace and (optionally) a list of CNI networks to join.
@@ -165,6 +216,8 @@ func ParseNetworkNamespace(ns string) (Namespace, []string, error) {
toReturn := Namespace{}
var cniNetworks []string
switch {
+ case ns == "pod":
+ toReturn.NSMode = FromPod
case ns == "bridge":
toReturn.NSMode = Bridge
case ns == "none":
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-11-07 14:49:00 +0000