github/containerd
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

Move RunningInUserNS() to its own package

Browse Source 
This allows using the utility without bringing whole of "sys" with it.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This commit is contained in:
Sebastiaan van Stijn
2021-03-23 10:51:24 +01:00
parent edf6484165
commit 708299ca40
9 changed files with 38 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
pkg/cri/server/service_linux.go
View File

@@ -18,7 +18,7 @@ package server
import (
"github.com/containerd/containerd/pkg/cap"
"github.com/containerd/containerd/sys"
"github.com/containerd/containerd/pkg/userns"
cni "github.com/containerd/go-cni"
"github.com/opencontainers/selinux/go-selinux"
"github.com/pkg/errors"
@@ -33,7 +33,7 @@ const networkAttachCount = 2
func (c *criService) initPlatform() error {
var err error
if sys.RunningInUserNS() {
if userns.RunningInUserNS() {
if !(c.config.DisableCgroup && !c.apparmorEnabled() && c.config.RestrictOOMScoreAdj) {
logrus.Warn("Running containerd in a user namespace typically requires disable_cgroup, disable_apparmor, restrict_oom_score_adj set to be true")
}