// Get returns the home directory fo the current user with the help of
// environment variables depending on the target operating system.
// Returned path should be used with "path/filepath" to form new paths.
func Get() string {
home := os.Getenv(Key())
if home == "" && runtime.GOOS != "windows" {
if u, err := user.CurrentUser(); err == nil {
return u.Home
}
}
return home
}
//go:generate go run generate.go
func main() {
if len(os.Args) > 1 && os.Args[1] == "init" {
runInit()
return
}
notifySocket := os.Getenv("NOTIFY_SOCKET")
if notifySocket != "" {
setupSdNotify(spec, notifySocket)
}
// override the cmd in the spec with any args specified
if len(flag.Args()) > 0 {
spec.Process.Args = flag.Args()
}
// setup readonly fs in spec
spec.Root.Readonly = readonly
// setup tty in spec
spec.Process.Terminal = allocateTty
// pass in any hooks
spec.Hooks = hooks
// install the default apparmor profile
if apparmor.IsEnabled() {
// check if we have the docker-default apparmor profile loaded
if err := aaprofile.IsLoaded(defaultApparmorProfile); err != nil {
logrus.Warnf("AppArmor enabled on system but the %s profile is not loaded. apparmor_parser needs root to load a profile so we can't do it for you.", defaultApparmorProfile)
} else {
spec.Process.ApparmorProfile = defaultApparmorProfile
}
}
// set the CgroupsPath as this user
u, err := user.CurrentUser()
if err != nil {
logrus.Fatal(err)
}
spec.Linux.CgroupsPath = sPtr(u.Name)
// setup UID mappings
spec.Linux.UIDMappings = []specs.IDMapping{
{
HostID: uint32(u.Uid),
ContainerID: 0,
Size: 1,
},
}
// setup GID mappings
spec.Linux.GIDMappings = []specs.IDMapping{
{
HostID: uint32(u.Gid),
ContainerID: 0,
Size: 1,
},
}
if err := unpackRootfs(spec); err != nil {
logrus.Fatal(err)
}
status, err := startContainer(spec, containerID, pidFile, detach, useSystemdCgroup)
if err != nil {
logrus.Fatal(err)
}
if err := os.RemoveAll(defaultRootfsDir); err != nil {
logrus.Warnf("removing rootfs failed: %v", err)
}
// exit with the container's exit status
os.Exit(status)
}