Documentation ¶
Overview ¶
*
- This file is a bit funny. The goal here is to use setns() to manipulate
- files inside the container, so we don't have to reason about the paths to
- make sure they don't escape (we can simply rely on the kernel for
- correctness). Unfortunately, you can't setns() to a mount namespace with a
- multi-threaded program, which every golang binary is. However, by declaring
- our init as an initializer, we can capture process control before it is
- transferred to the golang runtime, so we can then setns() as we'd like
- before golang has a chance to set up any threads. So, we implement two new
- lxd fork* commands which are captured here, and take a file on the host fs
- and copy it into the container ns. *
- An alternative to this would be to move this code into a separate binary,
- which of course has problems of its own when it comes to packaging (how do
- we find the binary, what do we do if someone does file push and it is
- missing, etc.). After some discussion, even though the embedded method is
- somewhat convoluted, it was preferred.
Source Files ¶
- api.go
- api_1.0.go
- api_internal.go
- apparmor.go
- certificates.go
- cgroup.go
- container.go
- container_console.go
- container_delete.go
- container_exec.go
- container_file.go
- container_get.go
- container_instance_types.go
- container_logs.go
- container_lxc.go
- container_lxc_utils.go
- container_metadata.go
- container_patch.go
- container_post.go
- container_put.go
- container_snapshot.go
- container_state.go
- containers.go
- containers_get.go
- containers_post.go
- daemon.go
- daemon_config.go
- daemon_images.go
- devices.go
- devlxd.go
- devlxd_gc.go
- events.go
- images.go
- logging.go
- main.go
- main_activateifneeded.go
- main_args.go
- main_callhook.go
- main_daemon.go
- main_forkconsole.go
- main_forkexec.go
- main_forkgetnet.go
- main_forkmigrate.go
- main_forkstart.go
- main_import.go
- main_init.go
- main_migratedumpsuccess.go
- main_netcat.go
- main_nsexec.go
- main_proxy.go
- main_ready.go
- main_shutdown.go
- main_subcommand.go
- main_waitready.go
- migrate.go
- networks.go
- networks_config.go
- networks_iptables.go
- networks_utils.go
- operations.go
- patches.go
- profiles.go
- profiles_utils.go
- proxy_device_utils.go
- resources.go
- response.go
- rsync.go
- seccomp.go
- storage.go
- storage_btrfs.go
- storage_ceph.go
- storage_ceph_migration.go
- storage_ceph_migration_utils.go
- storage_ceph_utils.go
- storage_cgo.go
- storage_dir.go
- storage_lvm.go
- storage_lvm_utils.go
- storage_migration.go
- storage_mock.go
- storage_pools.go
- storage_pools_config.go
- storage_pools_utils.go
- storage_shared.go
- storage_utils.go
- storage_volumes.go
- storage_volumes_config.go
- storage_volumes_utils.go
- storage_zfs.go
- storage_zfs_utils.go
Directories ¶
Path | Synopsis |
---|---|
query
Package query implements helpers around database/sql to execute various kinds of very common SQL queries.
|
Package query implements helpers around database/sql to execute various kinds of very common SQL queries. |
schema
Package schema offers utilities to create and maintain a database schema.
|
Package schema offers utilities to create and maintain a database schema. |
Package migration is a generated protocol buffer package.
|
Package migration is a generated protocol buffer package. |
Click to show internal directories.
Click to hide internal directories.