Implement types for namespaces

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>

config.go

@@ -10,21 +10,28 @@ type MountConfig mount.MountConfig
 
 type Network network.Network
 
+type NamespaceType string
+
+const (
+	NEWNET  NamespaceType = "NEWNET"
+	NEWPID  NamespaceType = "NEWPID"
+	NEWNS   NamespaceType = "NEWNS"
+	NEWUTS  NamespaceType = "NEWUTS"
+	NEWIPC  NamespaceType = "NEWIPC"
+	NEWUSER NamespaceType = "NEWUSER"
+)
+
 // Namespace defines configuration for each namespace.  It specifies an
 // alternate path that is able to be joined via setns.
 type Namespace struct {
-	Name string `json:"name"`
-	Path string `json:"path,omitempty"`
+	Type NamespaceType `json:"type"`
+	Path string        `json:"path,omitempty"`
 }
 
 type Namespaces []Namespace
 
-func (n Namespaces) Exists(name string) bool {
-	return n.index(name) != -1
-}
-
-func (n Namespaces) Remove(name string) bool {
-	i := n.index(name)
+func (n Namespaces) Remove(t NamespaceType) bool {
+	i := n.index(t)
 	if i == -1 {
 		return false
 	}
@@ -32,18 +39,18 @@ func (n Namespaces) Remove(name string) bool {
 	return true
 }
 
-func (n Namespaces) Add(name, path string) {
-	i := n.index(name)
+func (n Namespaces) Add(t NamespaceType, path string) {
+	i := n.index(t)
 	if i == -1 {
-		n = append(n, Namespace{Name: name, Path: path})
+		n = append(n, Namespace{Type: t, Path: path})
 		return
 	}
 	n[i].Path = path
 }
 
-func (n Namespaces) index(name string) int {
+func (n Namespaces) index(t NamespaceType) int {
 	for i, ns := range n {
-		if ns.Name == name {
+		if ns.Type == t {
 			return i
 		}
 	}

config_test.go

@@ -64,12 +64,12 @@ func TestConfigJsonFormat(t *testing.T) {
 		t.Fail()
 	}
 
-	if getNamespaceIndex(container, "NEWNET") == -1 {
+	if container.Namespaces.index(NEWNET) == -1 {
 		t.Log("namespaces should contain NEWNET")
 		t.Fail()
 	}
 
-	if getNamespaceIndex(container, "NEWUSER") != -1 {
+	if container.Namespaces.index(NEWUSER) != -1 {
 		t.Log("namespaces should not contain NEWUSER")
 		t.Fail()
 	}
@@ -158,12 +158,3 @@ func TestSelinuxLabels(t *testing.T) {
 		t.Fatalf("expected mount label %q but received %q", label, container.MountConfig.MountLabel)
 	}
 }
-
-func getNamespaceIndex(config *Config, name string) int {
-	for i, v := range config.Namespaces {
-		if v.Name == name {
-			return i
-		}
-	}
-	return -1
-}

integration/exec_test.go

@@ -4,6 +4,8 @@ import (
 	"os"
 	"strings"
 	"testing"
+
+	"github.com/docker/libcontainer"
 )
 
 func TestExecPS(t *testing.T) {
@@ -86,7 +88,7 @@ func TestIPCHost(t *testing.T) {
 	}
 
 	config := newTemplateConfig(rootfs)
-	config.Namespaces.Remove("NEWIPC")
+	config.Namespaces.Remove(libcontainer.NEWIPC)
 	buffers, exitCode, err := runContainer(config, "", "readlink", "/proc/self/ns/ipc")
 	if err != nil {
 		t.Fatal(err)
@@ -118,7 +120,7 @@ func TestIPCJoinPath(t *testing.T) {
 	}
 
 	config := newTemplateConfig(rootfs)
-	config.Namespaces.Add("NEWIPC", "/proc/1/ns/ipc")
+	config.Namespaces.Add(libcontainer.NEWIPC, "/proc/1/ns/ipc")
 
 	buffers, exitCode, err := runContainer(config, "", "readlink", "/proc/self/ns/ipc")
 	if err != nil {
@@ -146,7 +148,7 @@ func TestIPCBadPath(t *testing.T) {
 	defer remove(rootfs)
 
 	config := newTemplateConfig(rootfs)
-	config.Namespaces.Add("NEWIPC", "/proc/1/ns/ipcc")
+	config.Namespaces.Add(libcontainer.NEWIPC, "/proc/1/ns/ipcc")
 
 	_, _, err = runContainer(config, "", "true")
 	if err == nil {

integration/template_test.go

@@ -32,12 +32,12 @@ func newTemplateConfig(rootfs string) *libcontainer.Config {
 			"KILL",
 			"AUDIT_WRITE",
 		},
-		Namespaces: []libcontainer.Namespace{
-			{Name: "NEWNS"},
-			{Name: "NEWUTS"},
-			{Name: "NEWIPC"},
-			{Name: "NEWPID"},
-			{Name: "NEWNET"},
+		Namespaces: libcontainer.Namespaces{
+			{Type: libcontainer.NEWNS},
+			{Type: libcontainer.NEWUTS},
+			{Type: libcontainer.NEWIPC},
+			{Type: libcontainer.NEWPID},
+			{Type: libcontainer.NEWNET},
 		},
 		Cgroups: &cgroups.Cgroup{
 			Parent:          "integration",

namespaces/init.go

@@ -318,7 +318,7 @@ func joinExistingNamespaces(namespaces []libcontainer.Namespace) error {
 			if err != nil {
 				return err
 			}
-			err = system.Setns(f.Fd(), uintptr(namespaceInfo[ns.Name]))
+			err = system.Setns(f.Fd(), uintptr(namespaceInfo[ns.Type]))
 			f.Close()
 			if err != nil {
 				return err

namespaces/utils.go

@@ -17,13 +17,13 @@ func (i initError) Error() string {
 	return i.Message
 }
 
-var namespaceInfo = map[string]int{
-	"NEWNET":  syscall.CLONE_NEWNET,
-	"NEWNS":   syscall.CLONE_NEWNS,
-	"NEWUSER": syscall.CLONE_NEWUSER,
-	"NEWIPC":  syscall.CLONE_NEWIPC,
-	"NEWUTS":  syscall.CLONE_NEWUTS,
-	"NEWPID":  syscall.CLONE_NEWPID,
+var namespaceInfo = map[libcontainer.NamespaceType]int{
+	libcontainer.NEWNET:  syscall.CLONE_NEWNET,
+	libcontainer.NEWNS:   syscall.CLONE_NEWNS,
+	libcontainer.NEWUSER: syscall.CLONE_NEWUSER,
+	libcontainer.NEWIPC:  syscall.CLONE_NEWIPC,
+	libcontainer.NEWUTS:  syscall.CLONE_NEWUTS,
+	libcontainer.NEWPID:  syscall.CLONE_NEWPID,
 }
 
 // New returns a newly initialized Pipe for communication between processes
@@ -37,9 +37,9 @@ func newInitPipe() (parent *os.File, child *os.File, err error) {
 
 // GetNamespaceFlags parses the container's Namespaces options to set the correct
 // flags on clone, unshare, and setns
-func GetNamespaceFlags(namespaces []libcontainer.Namespace) (flag int) {
+func GetNamespaceFlags(namespaces libcontainer.Namespaces) (flag int) {
 	for _, v := range namespaces {
-		flag |= namespaceInfo[v.Name]
+		flag |= namespaceInfo[v.Type]
 	}
 	return flag
 }

sample_configs/apparmor.json

@@ -177,11 +177,11 @@
     ],
     "hostname": "koye",
     "namespaces": [
-        {"name":"NEWIPC"},
-        {"name": "NEWNET"},
-        {"name": "NEWNS"},
-        {"name": "NEWPID"},
-        {"name": "NEWUTS"}
+        {"type":"NEWIPC"},
+        {"type": "NEWNET"},
+        {"type": "NEWNS"},
+        {"type": "NEWPID"},
+        {"type": "NEWUTS"}
     ],
     "networks": [
         {

sample_configs/attach_to_bridge.json

@@ -176,11 +176,11 @@
     ],
     "hostname": "koye",
     "namespaces": [
-        {"name": "NEWIPC"},
-        {"name": "NEWNET"},
-        {"name": "NEWNS"},
-        {"name": "NEWPID"},
-        {"name": "NEWUTS"}
+        {"type": "NEWIPC"},
+        {"type": "NEWNET"},
+        {"type": "NEWNS"},
+        {"type": "NEWPID"},
+        {"type": "NEWUTS"}
     ],
     "networks": [
         {

sample_configs/minimal.json

@@ -182,11 +182,11 @@
     ],
     "hostname": "koye",
     "namespaces": [
-        {"name": "NEWIPC"},
-        {"name": "NEWNET"},
-        {"name": "NEWNS"},
-        {"name": "NEWPID"},
-        {"name": "NEWUTS"}
+        {"type": "NEWIPC"},
+        {"type": "NEWNET"},
+        {"type": "NEWNS"},
+        {"type": "NEWPID"},
+        {"type": "NEWUTS"}
     ],
     "networks": [
         {

sample_configs/route_source_address_selection.json

@@ -176,11 +176,11 @@
     ],
     "hostname": "koye",
     "namespaces": [
-        {"name": "NEWIPC"},
-        {"name": "NEWNET"},
-        {"name": "NEWNS"},
-        {"name": "NEWPID"},
-        {"name": "NEWUTS"}
+        {"type": "NEWIPC"},
+        {"type": "NEWNET"},
+        {"type": "NEWNS"},
+        {"type": "NEWPID"},
+        {"type": "NEWUTS"}
     ],
     "networks": [
         {

sample_configs/selinux.json

@@ -178,11 +178,11 @@
     ],
     "hostname": "koye",
     "namespaces": [
-        {"name": "NEWIPC"},
-        {"name": "NEWNET"},
-        {"name": "NEWNS"},
-        {"name": "NEWPID"},
-        {"name": "NEWUTS"}
+        {"type": "NEWIPC"},
+        {"type": "NEWNET"},
+        {"type": "NEWNS"},
+        {"type": "NEWPID"},
+        {"type": "NEWUTS"}
     ],
     "networks": [
         {