Updates rootless params and adds new Init: true requirement

Init: true is needed for the first process spawning in a container Signed-off-by: ncordon <[email protected]>
bblfsh · Oct 27, 2019 · 8ddd68f · 8ddd68f
1 parent 8b0945f
commit 8ddd68f
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 8 deletions.
diff --git a/runtime/container_test.go b/runtime/container_test.go
@@ -53,6 +53,7 @@ func (s *ContainerSuite) TestContainer_Run() {
 	p := &Process{
 		Args:   []string{"/bin/ls"},
 		Stdout: os.Stdout,
+		Init: true,
 	}
 
 	c, err := s.Runtime.Container("run", s.Image, p, nil)
@@ -67,6 +68,7 @@ func (s *ContainerSuite) TestContainer_StartStopStart() {
 	p := &Process{
 		Args:   []string{"/bin/sleep", "5m"},
 		Stdout: os.Stdout,
+		Init: true,
 	}
 
 	c, err := s.Runtime.Container("1", s.Image, p, nil)
@@ -82,6 +84,7 @@ func (s *ContainerSuite) TestContainer_StartStopStart() {
 	p = &Process{
 		Args:   []string{"/bin/sleep", "5m"},
 		Stdout: os.Stdout,
+		Init: true,
 	}
 
 	c, err = s.Runtime.Container("2", s.Image, p, nil)
@@ -103,6 +106,7 @@ func (s *ContainerSuite) TestContainer_StartWait() {
 	p := &Process{
 		Args:   []string{"/bin/ls"},
 		Stdout: out,
+		Init: true,
 	}
 
 	c, err := s.Runtime.Container("wait", s.Image, p, nil)
@@ -125,6 +129,7 @@ func (s *ContainerSuite) TestContainer_StartWaitExit1() {
 	p := &Process{
 		Args:   []string{"/bin/false"},
 		Stdout: out,
+		Init: true,
 	}
 
 	c, err := s.Runtime.Container("wait-exit", s.Image, p, nil)
@@ -147,6 +152,7 @@ func (s *ContainerSuite) TestContainer_StartFailure() {
 	p := &Process{
 		Args:   []string{"/bin/non-existent"},
 		Stdout: out,
+		Init: true,
 	}
 
 	c, err := s.Runtime.Container("start-failure", s.Image, p, nil)
@@ -164,6 +170,7 @@ func (s *ContainerSuite) TestContainer_Env() {
 	p := &Process{
 		Args:   []string{"/bin/env"},
 		Stdout: out,
+		Init: true,
 	}
 
 	c, err := s.Runtime.Container("env", s.Image, p, nil)

diff --git a/runtime/runtime.go b/runtime/runtime.go
@@ -48,7 +48,7 @@ func (r *Runtime) Init() error {
 	var err error
 	r.f, err = libcontainer.New(
 		filepath.Join(r.Root, containersPath),
-		libcontainer.Cgroupfs,
+		libcontainer.RootlessCgroupfs,
 	)
 
 	return err
@@ -105,7 +105,8 @@ func ContainerConfigFactory(containerID string) *configs.Config {
 	defaultMountFlags := syscall.MS_NOEXEC | syscall.MS_NOSUID | syscall.MS_NODEV
 
 	return &configs.Config{
-		Rootless: true,
+		RootlessEUID: true,
+		RootlessCgroups: true,
 		Namespaces: configs.Namespaces([]configs.Namespace{
 			{Type: configs.NEWNS},
 			{Type: configs.NEWUTS},
@@ -164,12 +165,6 @@ func ContainerConfigFactory(containerID string) *configs.Config {
 				Device:      "mqueue",
 				Flags:       defaultMountFlags,
 			},
-			//{
-			//	Source:      "sysfs",
-			//	Destination: "/sys",
-			//	Device:      "sysfs",
-			//	Flags:       defaultMountFlags | syscall.MS_RDONLY,
-			//},
 			{
 				Source:      "/etc/localtime",
 				Destination: "/etc/localtime",