Update dependency opencontainer/runc
This commit is contained in:
Odin Ugedal
12
vendor/github.com/opencontainers/runc/libcontainer/configs/validate/validator.go
generated
vendored
12
vendor/github.com/opencontainers/runc/libcontainer/configs/validate/validator.go
generated
vendored
@@ -38,6 +38,9 @@ func (v *ConfigValidator) Validate(config *configs.Config) error {
|
||||
if err := v.usernamespace(config); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := v.cgroupnamespace(config); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := v.sysctl(config); err != nil {
|
||||
return err
|
||||
}
|
||||
@@ -116,6 +119,15 @@ func (v *ConfigValidator) usernamespace(config *configs.Config) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (v *ConfigValidator) cgroupnamespace(config *configs.Config) error {
|
||||
if config.Namespaces.Contains(configs.NEWCGROUP) {
|
||||
if _, err := os.Stat("/proc/self/ns/cgroup"); os.IsNotExist(err) {
|
||||
return fmt.Errorf("cgroup namespaces aren't enabled in the kernel")
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// sysctl validates that the specified sysctl keys are valid or not.
|
||||
// /proc/sys isn't completely namespaced and depending on which namespaces
|
||||
// are specified, a subset of sysctls are permitted.
|
||||
|
||||
Reference in New Issue
Block a user