1 files changed, 106 insertions, 0 deletions
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/process.go b/vendor/github.com/opencontainers/runc/libcontainer/process.go
new file mode 100644
index 000000000..f1ad08149
--- /dev/null
+++ b/vendor/github.com/opencontainers/runc/libcontainer/process.go
@@ -0,0 +1,106 @@
+package libcontainer
+
+import (
+	"fmt"
+	"io"
+	"math"
+	"os"
+
+	"github.com/opencontainers/runc/libcontainer/configs"
+)
+
+type processOperations interface {
+	wait() (*os.ProcessState, error)
+	signal(sig os.Signal) error
+	pid() int
+}
+
+// Process specifies the configuration and IO for a process inside
+// a container.
+type Process struct {
+	// The command to be run followed by any arguments.
+	Args []string
+
+	// Env specifies the environment variables for the process.
+	Env []string
+
+	// User will set the uid and gid of the executing process running inside the container
+	// local to the container's user and group configuration.
+	User string
+
+	// AdditionalGroups specifies the gids that should be added to supplementary groups
+	// in addition to those that the user belongs to.
+	AdditionalGroups []string
+
+	// Cwd will change the processes current working directory inside the container's rootfs.
+	Cwd string
+
+	// Stdin is a pointer to a reader which provides the standard input stream.
+	Stdin io.Reader
+
+	// Stdout is a pointer to a writer which receives the standard output stream.
+	Stdout io.Writer
+
+	// Stderr is a pointer to a writer which receives the standard error stream.
+	Stderr io.Writer
+
+	// ExtraFiles specifies additional open files to be inherited by the container
+	ExtraFiles []*os.File
+
+	// Capabilities specify the capabilities to keep when executing the process inside the container
+	// All capabilities not specified will be dropped from the processes capability mask
+	Capabilities *configs.Capabilities
+
+	// AppArmorProfile specifies the profile to apply to the process and is
+	// changed at the time the process is execed
+	AppArmorProfile string
+
+	// Label specifies the label to apply to the process.  It is commonly used by selinux
+	Label string
+
+	// NoNewPrivileges controls whether processes can gain additional privileges.
+	NoNewPrivileges *bool
+
+	// Rlimits specifies the resource limits, such as max open files, to set in the container
+	// If Rlimits are not set, the container will inherit rlimits from the parent process
+	Rlimits []configs.Rlimit
+
+	// ConsoleSocket provides the masterfd console.
+	ConsoleSocket *os.File
+
+	ops processOperations
+}
+
+// Wait waits for the process to exit.
+// Wait releases any resources associated with the Process
+func (p Process) Wait() (*os.ProcessState, error) {
+	if p.ops == nil {
+		return nil, newGenericError(fmt.Errorf("invalid process"), NoProcessOps)
+	}
+	return p.ops.wait()
+}
+
+// Pid returns the process ID
+func (p Process) Pid() (int, error) {
+	// math.MinInt32 is returned here, because it's invalid value
+	// for the kill() system call.
+	if p.ops == nil {
+		return math.MinInt32, newGenericError(fmt.Errorf("invalid process"), NoProcessOps)
+	}
+	return p.ops.pid(), nil
+}
+
+// Signal sends a signal to the Process.
+func (p Process) Signal(sig os.Signal) error {
+	if p.ops == nil {
+		return newGenericError(fmt.Errorf("invalid process"), NoProcessOps)
+	}
+	return p.ops.signal(sig)
+}
+
+// IO holds the process's STDIO
+type IO struct {
+	Stdin  io.WriteCloser
+	Stdout io.ReadCloser
+	Stderr io.ReadCloser
+}