mirror/ youki
1
0
Fork 0
mirror of https://github.com/containers/youki synced 2024-05-19 05:56:14 +02:00
Code Issues
876 Commits 5 Branches 10 Tags 59 MiB
Commit Graph

60 Commits

Author SHA1 Message Date
Takashi IIGUNI 97848f1ce6
Updated cgroups oci-spec-rs to 0.5.1 or later (#303) 
* Updated cgroup oci-spec-rs to 0.5.1

Signed-off-by: Takashi IIGUNI <iiguni.tks@gmail.com>
 2021-09-26 18:08:56 -07:00
utam0k 4224d5635d
add a unit test for applying cgroup in builder_impl(). (#325) 2021-09-24 20:03:29 -07:00
utam0k 3bb01d2d72
Merge pull request #314 from Furisto/libcontainer 
Make container commands more suitable for use as a library
 2021-09-25 00:31:31 +09:00
Furisto 42a17b8594
Rework container state management 2021-09-23 23:05:35 +02:00
utam0k 2747a25e09
take care of cases where unit tests fail because the child process terminates. 2021-09-24 00:08:26 +09:00
utam0k 8023ff445a
avoid cloning LinuxResources because it is a large structure. 2021-09-22 22:48:32 +09:00
utam0k b3d0aaf3b6 add unit tests for gid and uid mapping in builder_impl(). 2021-09-20 16:33:49 +09:00
utam0k 107dd91881 refactor around uid and gid mapping. 2021-09-20 16:33:20 +09:00
utam0k 825088992a
prepare to use system call mocks in unit tests (#304) 2021-09-18 11:32:15 -07:00
utam0k e957021a45 sipliy split init.rs into several files. 2021-09-12 23:38:23 +09:00
Takashi IIGUNI c83ac6a22b Merge remote-tracking branch 'upstream/main' into upgrade-oci-spec-rs 
Signed-off-by: Takashi IIGUNI <iiguni.tks@gmail.com>
 2021-09-07 02:32:41 +00:00
Takashi IIGUNI 8d3ff9b5f2 Upgrade oci-spec-rs to 0.4.0 for youki 
1. Fix capability type (Capability type change: Vec -> HashSet)
2. Implement functions equivalent to LinuxDeviceType::to_sflag in youki.
3. Fix crate path: use oci_spec::XXX -> use oci_spec::runtime::XXX

Signed-off-by: Takashi IIGUNI <iiguni.tks@gmail.com>
 2021-09-06 09:08:17 +00:00
yukang dc3e7841a4 fix typo 2021-09-05 23:41:02 +08:00
Furisto 41b4c0ccad Cleanup 2021-09-01 00:17:51 +02:00
Furisto ba76359e17 Fix rootless container group error 2021-09-01 00:17:51 +02:00
Furisto 0d803974b7 Correct spelling 2021-09-01 00:17:51 +02:00
Furisto 4b39d096ee Set supplementary gids 2021-09-01 00:17:08 +02:00
yihuaf 65c7d52236 enable oom_score_adj test 2021-08-31 07:45:45 +02:00
utam0k c6065e67b1
distinguish channels more clearly between each process (#244) 
* seperate the channel for each process communication.

* separate messages for intermediate and init ready.

* stop sending a pid from init to intermediate as they are not needed.
 2021-08-30 16:20:07 -07:00
yihuaf ff582b7f7f
Fix graceful shutdown when intermediate or init process errors or panic (#238) 
* Fix graceful shutdown when intermediate or init process error out
* Only set hostname when enter into new uts ns
* enable linux_ns_path_type test
 2021-08-28 01:48:13 -07:00
yihuaf ebf4708f46
Fix user namespace for integration tests (#233) 
* Fix entering into user namespace correctly

1. Allow entering user namespace when calling process is root.
Previously, only when calling process is non-root, will the rootless
condition be triggered.
2. Move the creation to the NotifyListener into main process. Once the
container init process enter into user namespace, we can't bind to a
unix domain socket where the parent directory is owned by root.

* Now we pass 2 more namespace tests
 2021-08-27 11:55:03 -07:00
yihuaf 45d129f75d move id mapping code out of channel 2021-08-23 22:59:08 +02:00
yihuaf 0f9490c68b Implement double fork 2021-08-23 17:37:03 +02:00
yihuaf 774a5f5e61 Fix arg0 and argv for hook 2021-08-14 07:01:37 +02:00
yihuaf b3219fd0bf refactor hook->hooks 2021-08-14 06:53:31 +02:00
yihuaf 31e9f2b886 adds create runtime hook 2021-08-14 06:53:31 +02:00
yihuaf 23b6eb6658 Implement the requirement to pass state into hook 
The OCI spec needs the container state to pipe in through stdin
 2021-08-14 06:53:31 +02:00
Furisto 1231479b0e Move cgroup code to own crate 2021-08-12 11:31:26 +02:00
utam0k c1bc815513 fix conflicts. 2021-08-11 22:34:33 +09:00
utam0k 780f75ce94
Merge pull request #183 from saschagrunert/more-types 
Make optional types optional
 2021-08-11 18:56:02 +09:00
utam0k e0d6a02d4c fix conflicts. 2021-08-10 22:06:18 +09:00
Sascha Grunert fdf89fc9f8
Make optional types optional 
This adds a few missing types and synchronizes them with the
implementation in containrs. Optional types are now not required any
more which means that all necessary code paths in youki needs to be
adapted as well.

Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
 2021-08-10 09:27:18 +02:00
utam0k d99aafbf58 delete the original FileDescriptor. 
I was going to develop it a bit more, but there was no point in being
particularly original, I deleted it.
 2021-08-09 15:05:31 +09:00
utam0k 465fb1cee0 reduce the number of clones by introducing lifetime to namespaces. 2021-08-09 14:54:24 +09:00
utam0k 787a5505c2 reduce the number of clones by introducing lifetime to rootless. 2021-08-08 17:37:13 +09:00
utam0k 327e94d45e pass only the bare necessities in ContainerInitArgs. 2021-08-08 16:17:57 +09:00
utam0k 515e7bc727 fix conflicts. 2021-08-04 15:59:08 +09:00
yihuaf ff7aeb1c34 Move container_init related function into new file 2021-08-02 02:34:31 +02:00
yihuaf c87a29d080 Implemented preserve_fds 2021-08-02 02:23:56 +02:00
utam0k 5088b3632e fix the warnings found by cargo clippy. 2021-08-01 19:17:24 +09:00
utam0k 0e76835962 fix cargo clippy. 2021-07-31 17:18:37 +09:00
yihuaf e0e9815a43 Move ContainerInitArgs closer to where it is used 2021-07-30 19:33:00 +02:00
yihuaf 682c1dd6cf remove a warning where container_dir is unused. 2021-07-30 19:33:00 +02:00
yihuaf 494646c064 parent f4027f5831 
author yihuaf <yihuaf@unkies.org> 1627609965 +0200
committer yihuaf <yihuaf@unkies.org> 1627665696 +0200

Group the args of container_init into a struct
 2021-07-30 19:33:00 +02:00
yihuaf bd54128413 Refactor how the closure used for clone to create the new process. 2021-07-30 19:16:06 +02:00
Sascha Grunert ade1c172a1
Generalize OCI spec root 
We now generalize and document the OCI `Spec` root structure. This means
that some fields have been added and other are now optional.

All corresponding usages of the new spec format have been changed and
tests have been adapted.

Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
 2021-07-30 14:08:49 +02:00
Yashodhan Joshi 44c682ec09 Converted linux in spec from Option<Linux> to Linux 
As Linux has Deafult trait, all occurrences of spec.linux would always unwrap it,
and not having linux present is a fetal error in youki, there is no need to keep it
in an Option wrapper.
 2021-07-24 19:02:55 +05:30
Furisto a075e8b566 Move commands into dedicated module 2021-07-22 15:20:41 +02:00
yihuaf 6b2054b978 do not pivot root again for exec 2021-07-22 04:47:58 +00:00
yihuaf e497179119 minor fixes 2021-07-22 04:46:02 +00:00