OSSInnovation
/
runc
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

merge branch 'pr-1743' 

The setupUserNamespace function is always called.

LGTMs: @crosbymichael @mrunalp @cyphar
Closes #1743
This commit is contained in:
Aleksa Sarai 2018-02-27 12:22:52 +11:00
parent 8aca07289d 2420eb1f4d
commit 757e78bebd
No known key found for this signature in database
GPG Key ID: 9E18AA267DDB8DB4
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
libcontainer/specconv/spec_linux.go
View File

@ -192,9 +192,6 @@ func CreateLibcontainerConfig(opts *CreateOpts) (*configs.Config, error) {
if err := createDevices(spec, config); err != nil {
return nil, err
}
if err := setupUserNamespace(spec, config); err != nil {
return nil, err
}
c, err := createCgroupConfig(opts)
if err != nil {
return nil, err
@ -226,6 +223,11 @@ func CreateLibcontainerConfig(opts *CreateOpts) (*configs.Config, error) {
},
}
}
if config.Namespaces.Contains(configs.NEWUSER) {
if err := setupUserNamespace(spec, config); err != nil {
return nil, err
}
}
config.MaskPaths = spec.Linux.MaskedPaths
config.ReadonlyPaths = spec.Linux.ReadonlyPaths
config.MountLabel = spec.Linux.MountLabel