github/kata-containers
1
0
Fork 1
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-06-28 16:27:50 +00:00
Code Issues Projects Releases Wiki Activity

agent: Return error on trying to persist a pid namespace

Browse Source 
An pid namespace cannot be persisted, so add a check-and-error on
Namespace::setup() for handling that case.

Fixes #1220

Signed-off-by: Wainer dos Santos Moschetta <wainersm@redhat.com>
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
This commit is contained in:
Wainer dos Santos Moschetta 2020-12-28 15:32:35 -05:00 committed by Peng Tao
parent 9a41d09f39
commit 1f943bd6bf
1 changed files with 15 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
src/agent/src/namespace.rs
View File

@ -81,7 +81,10 @@ impl Namespace {
fs::create_dir_all(&self.persistent_ns_dir)?; fs::create_dir_all(&self.persistent_ns_dir)?;
let ns_path = PathBuf::from(&self.persistent_ns_dir); let ns_path = PathBuf::from(&self.persistent_ns_dir);
let ns_type = self.ns_type.clone(); let ns_type = self.ns_type;
if ns_type == NamespaceType::PID {
return Err(anyhow!("Cannot persist namespace of PID type"));
}
let logger = self.logger.clone(); let logger = self.logger.clone();
let new_ns_path = ns_path.join(&ns_type.get()); let new_ns_path = ns_path.join(&ns_type.get());
@ -211,6 +214,17 @@ mod tests {
assert!(ns_uts.is_ok()); assert!(ns_uts.is_ok());
assert!(remove_mounts(&vec![ns_uts.unwrap().path]).is_ok()); assert!(remove_mounts(&vec![ns_uts.unwrap().path]).is_ok());
// Check it cannot persist pid namespaces.
let logger = slog::Logger::root(slog::Discard, o!());
let tmpdir = Builder::new().prefix("pid").tempdir().unwrap();
let ns_pid = Namespace::new(&logger)
.as_pid()
.set_root_dir(tmpdir.path().to_str().unwrap())
.setup();
assert!(ns_pid.is_err());
} }
#[test] #[test]