示例#1
0
文件: nsenter.go 项目: hpfast/docker
// this expects that we already have our namespaces setup by the C initializer
// we are expected to finalize the namespace and exec the user's application
func nsenter() {
	syncPipe, err := syncpipe.NewSyncPipeFromFd(0, 3)
	if err != nil {
		log.Fatalf("unable to create sync pipe: %s", err)
	}

	var config *libcontainer.Config
	if err := syncPipe.ReadFromParent(&config); err != nil {
		log.Fatalf("reading container config from parent: %s", err)
	}

	if err := namespaces.FinalizeSetns(config, findUserArgs()); err != nil {
		log.Fatalf("failed to nsenter: %s", err)
	}
}
示例#2
0
文件: exec.go 项目: baoruxing/docker
func nsenterExec() {
	runtime.LockOSThread()

	// User args are passed after '--' in the command line.
	userArgs := findUserArgs()

	config, err := loadConfigFromFd()
	if err != nil {
		log.Fatalf("docker-exec: unable to receive config from sync pipe: %s", err)
	}

	if err := namespaces.FinalizeSetns(config, userArgs); err != nil {
		log.Fatalf("docker-exec: failed to exec: %s", err)
	}
}
示例#3
0
// init runs the libcontainer initialization code because of the busybox style needs
// to work around the go runtime and the issues with forking
func init() {
	if len(os.Args) < 2 {
		return
	}
	// handle init
	if len(os.Args) >= 2 && os.Args[1] == "init" {
		runtime.LockOSThread()

		container, err := loadConfig()
		if err != nil {
			log.Fatal(err)
		}

		rootfs, err := os.Getwd()
		if err != nil {
			log.Fatal(err)
		}

		if err := namespaces.Init(container, rootfs, "", os.NewFile(3, "pipe"), os.Args[3:]); err != nil {
			log.Fatalf("unable to initialize for container: %s", err)
		}
		os.Exit(1)
	}

	// handle execin
	if len(os.Args) >= 2 && os.Args[0] == "nsenter-exec" {
		runtime.LockOSThread()

		// User args are passed after '--' in the command line.
		userArgs := findUserArgs()

		config, err := loadConfigFromFd()
		if err != nil {
			log.Fatalf("docker-exec: unable to receive config from sync pipe: %s", err)
		}

		if err := namespaces.FinalizeSetns(config, userArgs); err != nil {
			log.Fatalf("docker-exec: failed to exec: %s", err)
		}
		os.Exit(1)
	}
}
示例#4
0
// nsenterExec exec's a process inside an existing container
func nsenterExec(config *libcontainer.Config, args []string) {
	if err := namespaces.FinalizeSetns(config, args); err != nil {
		log.Fatalf("failed to nsenter: %s", err)
	}
}