From 424d33c5b70d4f8ac430a23dc6f329688ef23521 Mon Sep 17 00:00:00 2001 From: Michael Crosby Date: Wed, 11 Sep 2019 11:20:34 -0400 Subject: [PATCH] Update go-runc to e029b79d8cda8374981c64eba71f28e Includes fix for user namespaces and NOTIFY_SOCKET. Signed-off-by: Michael Crosby --- vendor.conf | 2 +- .../containerd/go-runc/command_linux.go | 17 ++++++++++++++++- 2 files changed, 17 insertions(+), 2 deletions(-) diff --git a/vendor.conf b/vendor.conf index 04e6449ad..c6542d092 100644 --- a/vendor.conf +++ b/vendor.conf @@ -1,4 +1,4 @@ -github.com/containerd/go-runc 9007c2405372fe28918845901a3276c0915689a1 +github.com/containerd/go-runc e029b79d8cda8374981c64eba71f28ec38e5526f github.com/containerd/console 0650fd9eeb50bab4fc99dceb9f2e14cf58f36e7f github.com/containerd/cgroups c4b9ac5c7601384c965b9646fc515884e091ebb9 github.com/containerd/typeurl a93fcdb778cd272c6e9b3028b2f42d813e785d40 diff --git a/vendor/github.com/containerd/go-runc/command_linux.go b/vendor/github.com/containerd/go-runc/command_linux.go index 71b52f9de..8a30f679d 100644 --- a/vendor/github.com/containerd/go-runc/command_linux.go +++ b/vendor/github.com/containerd/go-runc/command_linux.go @@ -20,6 +20,7 @@ import ( "context" "os" "os/exec" + "strings" "syscall" ) @@ -32,10 +33,24 @@ func (r *Runc) command(context context.Context, args ...string) *exec.Cmd { cmd.SysProcAttr = &syscall.SysProcAttr{ Setpgid: r.Setpgid, } - cmd.Env = os.Environ() + cmd.Env = filterEnv(os.Environ(), "NOTIFY_SOCKET") // NOTIFY_SOCKET introduces a special behavior in runc but should only be set if invoked from systemd if r.PdeathSignal != 0 { cmd.SysProcAttr.Pdeathsig = r.PdeathSignal } return cmd } + +func filterEnv(in []string, names ...string) []string { + out := make([]string, 0, len(in)) +loop0: + for _, v := range in { + for _, k := range names { + if strings.HasPrefix(v, k+"=") { + continue loop0 + } + } + out = append(out, v) + } + return out +}