mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-23 19:56:01 +00:00
bump runc to d223e2a
This commit is contained in:
parent
2d79d53fb2
commit
fda2c9faf9
64
Godeps/Godeps.json
generated
64
Godeps/Godeps.json
generated
@ -2044,83 +2044,83 @@
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/opencontainers/runc/libcontainer",
|
||||
"Comment": "v1.0.0-rc2-14-g45c30e7",
|
||||
"Rev": "45c30e75abfd52107b53048004a83165403ad0d1"
|
||||
"Comment": "v1.0.0-rc2-49-gd223e2a",
|
||||
"Rev": "d223e2adae83f62d58448a799a5da05730228089"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/opencontainers/runc/libcontainer/apparmor",
|
||||
"Comment": "v1.0.0-rc2-14-g45c30e7",
|
||||
"Rev": "45c30e75abfd52107b53048004a83165403ad0d1"
|
||||
"Comment": "v1.0.0-rc2-49-gd223e2a",
|
||||
"Rev": "d223e2adae83f62d58448a799a5da05730228089"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/opencontainers/runc/libcontainer/cgroups",
|
||||
"Comment": "v1.0.0-rc2-14-g45c30e7",
|
||||
"Rev": "45c30e75abfd52107b53048004a83165403ad0d1"
|
||||
"Comment": "v1.0.0-rc2-49-gd223e2a",
|
||||
"Rev": "d223e2adae83f62d58448a799a5da05730228089"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/opencontainers/runc/libcontainer/cgroups/fs",
|
||||
"Comment": "v1.0.0-rc2-14-g45c30e7",
|
||||
"Rev": "45c30e75abfd52107b53048004a83165403ad0d1"
|
||||
"Comment": "v1.0.0-rc2-49-gd223e2a",
|
||||
"Rev": "d223e2adae83f62d58448a799a5da05730228089"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/opencontainers/runc/libcontainer/cgroups/systemd",
|
||||
"Comment": "v1.0.0-rc2-14-g45c30e7",
|
||||
"Rev": "45c30e75abfd52107b53048004a83165403ad0d1"
|
||||
"Comment": "v1.0.0-rc2-49-gd223e2a",
|
||||
"Rev": "d223e2adae83f62d58448a799a5da05730228089"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/opencontainers/runc/libcontainer/configs",
|
||||
"Comment": "v1.0.0-rc2-14-g45c30e7",
|
||||
"Rev": "45c30e75abfd52107b53048004a83165403ad0d1"
|
||||
"Comment": "v1.0.0-rc2-49-gd223e2a",
|
||||
"Rev": "d223e2adae83f62d58448a799a5da05730228089"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/opencontainers/runc/libcontainer/configs/validate",
|
||||
"Comment": "v1.0.0-rc2-14-g45c30e7",
|
||||
"Rev": "45c30e75abfd52107b53048004a83165403ad0d1"
|
||||
"Comment": "v1.0.0-rc2-49-gd223e2a",
|
||||
"Rev": "d223e2adae83f62d58448a799a5da05730228089"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/opencontainers/runc/libcontainer/criurpc",
|
||||
"Comment": "v1.0.0-rc2-14-g45c30e7",
|
||||
"Rev": "45c30e75abfd52107b53048004a83165403ad0d1"
|
||||
"Comment": "v1.0.0-rc2-49-gd223e2a",
|
||||
"Rev": "d223e2adae83f62d58448a799a5da05730228089"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/opencontainers/runc/libcontainer/keys",
|
||||
"Comment": "v1.0.0-rc2-14-g45c30e7",
|
||||
"Rev": "45c30e75abfd52107b53048004a83165403ad0d1"
|
||||
"Comment": "v1.0.0-rc2-49-gd223e2a",
|
||||
"Rev": "d223e2adae83f62d58448a799a5da05730228089"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/opencontainers/runc/libcontainer/label",
|
||||
"Comment": "v1.0.0-rc2-14-g45c30e7",
|
||||
"Rev": "45c30e75abfd52107b53048004a83165403ad0d1"
|
||||
"Comment": "v1.0.0-rc2-49-gd223e2a",
|
||||
"Rev": "d223e2adae83f62d58448a799a5da05730228089"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/opencontainers/runc/libcontainer/seccomp",
|
||||
"Comment": "v1.0.0-rc2-14-g45c30e7",
|
||||
"Rev": "45c30e75abfd52107b53048004a83165403ad0d1"
|
||||
"Comment": "v1.0.0-rc2-49-gd223e2a",
|
||||
"Rev": "d223e2adae83f62d58448a799a5da05730228089"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/opencontainers/runc/libcontainer/selinux",
|
||||
"Comment": "v1.0.0-rc2-14-g45c30e7",
|
||||
"Rev": "45c30e75abfd52107b53048004a83165403ad0d1"
|
||||
"Comment": "v1.0.0-rc2-49-gd223e2a",
|
||||
"Rev": "d223e2adae83f62d58448a799a5da05730228089"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/opencontainers/runc/libcontainer/stacktrace",
|
||||
"Comment": "v1.0.0-rc2-14-g45c30e7",
|
||||
"Rev": "45c30e75abfd52107b53048004a83165403ad0d1"
|
||||
"Comment": "v1.0.0-rc2-49-gd223e2a",
|
||||
"Rev": "d223e2adae83f62d58448a799a5da05730228089"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/opencontainers/runc/libcontainer/system",
|
||||
"Comment": "v1.0.0-rc2-14-g45c30e7",
|
||||
"Rev": "45c30e75abfd52107b53048004a83165403ad0d1"
|
||||
"Comment": "v1.0.0-rc2-49-gd223e2a",
|
||||
"Rev": "d223e2adae83f62d58448a799a5da05730228089"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/opencontainers/runc/libcontainer/user",
|
||||
"Comment": "v1.0.0-rc2-14-g45c30e7",
|
||||
"Rev": "45c30e75abfd52107b53048004a83165403ad0d1"
|
||||
"Comment": "v1.0.0-rc2-49-gd223e2a",
|
||||
"Rev": "d223e2adae83f62d58448a799a5da05730228089"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/opencontainers/runc/libcontainer/utils",
|
||||
"Comment": "v1.0.0-rc2-14-g45c30e7",
|
||||
"Rev": "45c30e75abfd52107b53048004a83165403ad0d1"
|
||||
"Comment": "v1.0.0-rc2-49-gd223e2a",
|
||||
"Rev": "d223e2adae83f62d58448a799a5da05730228089"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/pborman/uuid",
|
||||
|
2
vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/apply_raw.go
generated
vendored
2
vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/apply_raw.go
generated
vendored
@ -295,7 +295,7 @@ func (raw *cgroupData) path(subsystem string) (string, error) {
|
||||
|
||||
// If the cgroup name/path is absolute do not look relative to the cgroup of the init process.
|
||||
if filepath.IsAbs(raw.innerPath) {
|
||||
// Sometimes subsystems can be mounted togethger as 'cpu,cpuacct'.
|
||||
// Sometimes subsystems can be mounted together as 'cpu,cpuacct'.
|
||||
return filepath.Join(raw.root, filepath.Base(mnt), raw.innerPath), nil
|
||||
}
|
||||
|
||||
|
14
vendor/github.com/opencontainers/runc/libcontainer/cgroups/systemd/apply_systemd.go
generated
vendored
14
vendor/github.com/opencontainers/runc/libcontainer/cgroups/systemd/apply_systemd.go
generated
vendored
@ -282,7 +282,7 @@ func (m *Manager) Apply(pid int) error {
|
||||
}
|
||||
}
|
||||
|
||||
if _, err := theConn.StartTransientUnit(unitName, "replace", properties, nil); err != nil {
|
||||
if _, err := theConn.StartTransientUnit(unitName, "replace", properties, nil); err != nil && !isUnitExists(err) {
|
||||
return err
|
||||
}
|
||||
|
||||
@ -388,7 +388,7 @@ func joinCgroups(c *configs.Cgroup, pid int) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
// systemd represents slice heirarchy using `-`, so we need to follow suit when
|
||||
// systemd represents slice hierarchy using `-`, so we need to follow suit when
|
||||
// generating the path of slice. Essentially, test-a-b.slice becomes
|
||||
// test.slice/test-a.slice/test-a-b.slice.
|
||||
func ExpandSlice(slice string) (string, error) {
|
||||
@ -546,3 +546,13 @@ func setKernelMemory(c *configs.Cgroup) error {
|
||||
}
|
||||
return fs.EnableKernelMemoryAccounting(path)
|
||||
}
|
||||
|
||||
// isUnitExists returns true if the error is that a systemd unit already exists.
|
||||
func isUnitExists(err error) bool {
|
||||
if err != nil {
|
||||
if dbusError, ok := err.(dbus.Error); ok {
|
||||
return strings.Contains(dbusError.Name, "org.freedesktop.systemd1.UnitExists")
|
||||
}
|
||||
}
|
||||
return false
|
||||
}
|
||||
|
4
vendor/github.com/opencontainers/runc/libcontainer/configs/cgroup_unix.go
generated
vendored
4
vendor/github.com/opencontainers/runc/libcontainer/configs/cgroup_unix.go
generated
vendored
@ -22,7 +22,7 @@ type Cgroup struct {
|
||||
// The path is assumed to be relative to the host system cgroup mountpoint.
|
||||
Path string `json:"path"`
|
||||
|
||||
// ScopePrefix decribes prefix for the scope name
|
||||
// ScopePrefix describes prefix for the scope name
|
||||
ScopePrefix string `json:"scope_prefix"`
|
||||
|
||||
// Paths represent the absolute cgroups paths to join.
|
||||
@ -95,7 +95,7 @@ type Resources struct {
|
||||
// IO read rate limit per cgroup per device, bytes per second.
|
||||
BlkioThrottleReadBpsDevice []*ThrottleDevice `json:"blkio_throttle_read_bps_device"`
|
||||
|
||||
// IO write rate limit per cgroup per divice, bytes per second.
|
||||
// IO write rate limit per cgroup per device, bytes per second.
|
||||
BlkioThrottleWriteBpsDevice []*ThrottleDevice `json:"blkio_throttle_write_bps_device"`
|
||||
|
||||
// IO read rate limit per cgroup per device, IO per second.
|
||||
|
2
vendor/github.com/opencontainers/runc/libcontainer/console_linux.go
generated
vendored
2
vendor/github.com/opencontainers/runc/libcontainer/console_linux.go
generated
vendored
@ -44,7 +44,7 @@ func newConsoleFromPath(slavePath string) *linuxConsole {
|
||||
}
|
||||
}
|
||||
|
||||
// linuxConsole is a linux psuedo TTY for use within a container.
|
||||
// linuxConsole is a linux pseudo TTY for use within a container.
|
||||
type linuxConsole struct {
|
||||
master *os.File
|
||||
slavePath string
|
||||
|
2
vendor/github.com/opencontainers/runc/libcontainer/console_windows.go
generated
vendored
2
vendor/github.com/opencontainers/runc/libcontainer/console_windows.go
generated
vendored
@ -5,7 +5,7 @@ func NewConsole(uid, gid int) (Console, error) {
|
||||
return &windowsConsole{}, nil
|
||||
}
|
||||
|
||||
// windowsConsole is a Windows psuedo TTY for use within a container.
|
||||
// windowsConsole is a Windows pseudo TTY for use within a container.
|
||||
type windowsConsole struct {
|
||||
}
|
||||
|
||||
|
2
vendor/github.com/opencontainers/runc/libcontainer/container.go
generated
vendored
2
vendor/github.com/opencontainers/runc/libcontainer/container.go
generated
vendored
@ -123,7 +123,7 @@ type BaseContainer interface {
|
||||
// SystemError - System error.
|
||||
Start(process *Process) (err error)
|
||||
|
||||
// Run immediatly starts the process inside the conatiner. Returns error if process
|
||||
// Run immediately starts the process inside the conatiner. Returns error if process
|
||||
// fails to start. It does not block waiting for the exec fifo after start returns but
|
||||
// opens the fifo after start returns.
|
||||
//
|
||||
|
4
vendor/github.com/opencontainers/runc/libcontainer/label/label.go
generated
vendored
4
vendor/github.com/opencontainers/runc/libcontainer/label/label.go
generated
vendored
@ -9,6 +9,10 @@ func InitLabels(options []string) (string, string, error) {
|
||||
return "", "", nil
|
||||
}
|
||||
|
||||
func GetROMountLabel() string {
|
||||
return ""
|
||||
}
|
||||
|
||||
func GenLabels(options string) (string, string, error) {
|
||||
return "", "", nil
|
||||
}
|
||||
|
22
vendor/github.com/opencontainers/runc/libcontainer/label/label_selinux.go
generated
vendored
22
vendor/github.com/opencontainers/runc/libcontainer/label/label_selinux.go
generated
vendored
@ -33,15 +33,19 @@ func InitLabels(options []string) (string, string, error) {
|
||||
pcon := selinux.NewContext(processLabel)
|
||||
mcon := selinux.NewContext(mountLabel)
|
||||
for _, opt := range options {
|
||||
if opt == "disable" {
|
||||
val := strings.SplitN(opt, "=", 2)
|
||||
if val[0] != "label" {
|
||||
continue
|
||||
}
|
||||
if len(val) < 2 {
|
||||
return "", "", fmt.Errorf("bad label option %q, valid options 'disable' or \n'user, role, level, type' followed by ':' and a value", opt)
|
||||
}
|
||||
if val[1] == "disable" {
|
||||
return "", "", nil
|
||||
}
|
||||
if i := strings.Index(opt, ":"); i == -1 {
|
||||
return "", "", fmt.Errorf("Bad label option %q, valid options 'disable' or \n'user, role, level, type' followed by ':' and a value", opt)
|
||||
}
|
||||
con := strings.SplitN(opt, ":", 2)
|
||||
if !validOptions[con[0]] {
|
||||
return "", "", fmt.Errorf("Bad label option %q, valid options 'disable, user, role, level, type'", con[0])
|
||||
con := strings.SplitN(val[1], ":", 2)
|
||||
if len(con) < 2 || !validOptions[con[0]] {
|
||||
return "", "", fmt.Errorf("bad label option %q, valid options 'disable, user, role, level, type'", con[0])
|
||||
|
||||
}
|
||||
pcon[con[0]] = con[1]
|
||||
@ -55,6 +59,10 @@ func InitLabels(options []string) (string, string, error) {
|
||||
return processLabel, mountLabel, nil
|
||||
}
|
||||
|
||||
func GetROMountLabel() string {
|
||||
return selinux.GetROFileLabel()
|
||||
}
|
||||
|
||||
// DEPRECATED: The GenLabels function is only to be used during the transition to the official API.
|
||||
func GenLabels(options string) (string, string, error) {
|
||||
return InitLabels(strings.Fields(options))
|
||||
|
4
vendor/github.com/opencontainers/runc/libcontainer/process_linux.go
generated
vendored
4
vendor/github.com/opencontainers/runc/libcontainer/process_linux.go
generated
vendored
@ -146,7 +146,7 @@ func (p *setnsProcess) execSetns() error {
|
||||
}
|
||||
|
||||
// terminate sends a SIGKILL to the forked process for the setns routine then waits to
|
||||
// avoid the process becomming a zombie.
|
||||
// avoid the process becoming a zombie.
|
||||
func (p *setnsProcess) terminate() error {
|
||||
if p.cmd.Process == nil {
|
||||
return nil
|
||||
@ -264,7 +264,7 @@ func (p *initProcess) start() error {
|
||||
}
|
||||
}()
|
||||
if err := p.createNetworkInterfaces(); err != nil {
|
||||
return newSystemErrorWithCause(err, "creating nework interfaces")
|
||||
return newSystemErrorWithCause(err, "creating network interfaces")
|
||||
}
|
||||
if err := p.sendConfig(); err != nil {
|
||||
return newSystemErrorWithCause(err, "sending config to init process")
|
||||
|
2
vendor/github.com/opencontainers/runc/libcontainer/rootfs_linux.go
generated
vendored
2
vendor/github.com/opencontainers/runc/libcontainer/rootfs_linux.go
generated
vendored
@ -93,7 +93,7 @@ func setupRootfs(config *configs.Config, console *linuxConsole, pipe io.ReadWrit
|
||||
return newSystemErrorWithCause(err, "reopening /dev/null inside container")
|
||||
}
|
||||
}
|
||||
// remount dev as ro if specifed
|
||||
// remount dev as ro if specified
|
||||
for _, m := range config.Mounts {
|
||||
if libcontainerUtils.CleanPath(m.Destination) == "/dev" {
|
||||
if m.Flags&syscall.MS_RDONLY != 0 {
|
||||
|
12
vendor/github.com/opencontainers/runc/libcontainer/selinux/selinux.go
generated
vendored
12
vendor/github.com/opencontainers/runc/libcontainer/selinux/selinux.go
generated
vendored
@ -355,6 +355,12 @@ func FreeLxcContexts(scon string) {
|
||||
}
|
||||
}
|
||||
|
||||
var roFileLabel string
|
||||
|
||||
func GetROFileLabel() (fileLabel string) {
|
||||
return roFileLabel
|
||||
}
|
||||
|
||||
func GetLxcContexts() (processLabel string, fileLabel string) {
|
||||
var (
|
||||
val, key string
|
||||
@ -399,6 +405,9 @@ func GetLxcContexts() (processLabel string, fileLabel string) {
|
||||
if key == "file" {
|
||||
fileLabel = strings.Trim(val, "\"")
|
||||
}
|
||||
if key == "ro_file" {
|
||||
roFileLabel = strings.Trim(val, "\"")
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -406,6 +415,9 @@ func GetLxcContexts() (processLabel string, fileLabel string) {
|
||||
return "", ""
|
||||
}
|
||||
|
||||
if roFileLabel == "" {
|
||||
roFileLabel = fileLabel
|
||||
}
|
||||
exit:
|
||||
// mcs := IntToMcs(os.Getpid(), 1024)
|
||||
mcs := uniqMcs(1024)
|
||||
|
2
vendor/github.com/opencontainers/runc/libcontainer/standard_init_linux.go
generated
vendored
2
vendor/github.com/opencontainers/runc/libcontainer/standard_init_linux.go
generated
vendored
@ -143,7 +143,7 @@ func (l *linuxStandardInit) Init() error {
|
||||
if err := pdeath.Restore(); err != nil {
|
||||
return err
|
||||
}
|
||||
// compare the parent from the inital start of the init process and make sure that it did not change.
|
||||
// compare the parent from the initial start of the init process and make sure that it did not change.
|
||||
// if the parent changes that means it died and we were reparented to something else so we should
|
||||
// just kill ourself and not cause problems for someone else.
|
||||
if syscall.Getppid() != l.parentPid {
|
||||
|
2
vendor/github.com/opencontainers/runc/libcontainer/utils/utils.go
generated
vendored
2
vendor/github.com/opencontainers/runc/libcontainer/utils/utils.go
generated
vendored
@ -103,7 +103,7 @@ func SearchLabels(labels []string, query string) string {
|
||||
}
|
||||
|
||||
// Annotations returns the bundle path and user defined annotations from the
|
||||
// libcontianer state. We need to remove the bundle because that is a label
|
||||
// libcontainer state. We need to remove the bundle because that is a label
|
||||
// added by libcontainer.
|
||||
func Annotations(labels []string) (bundle string, userAnnotations map[string]string) {
|
||||
userAnnotations = make(map[string]string)
|
||||
|
Loading…
Reference in New Issue
Block a user