rootless

package
v1.4.2-stable3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 11, 2019 License: Apache-2.0 Imports: 16 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func BecomeRootInUserNS

func BecomeRootInUserNS(pausePid string) (bool, int, error)

BecomeRootInUserNS re-exec podman in a new userNS. It returns whether podman was re-executed into a new user namespace and the return code from the re-executed podman process. If podman was re-executed the caller needs to propagate the error code returned by the child process.

func GetRootlessGID added in v1.4.0

func GetRootlessGID() int

GetRootlessGID returns the GID of the user in the parent userNS

func GetRootlessUID added in v0.7.1

func GetRootlessUID() int

GetRootlessUID returns the UID of the user in the parent userNS

func IsRootless

func IsRootless() bool

IsRootless tells us if we are running in rootless mode

func TryJoinFromFilePaths added in v1.4.0

func TryJoinFromFilePaths(pausePidPath string, needNewNamespace bool, paths []string) (bool, int, error)

TryJoinFromFilePaths attempts to join the namespaces of the pid files in paths. This is useful when there are already running containers and we don't have a pause process yet. We can use the paths to the conmon processes to attempt joining their namespaces. If needNewNamespace is set, the file is read from a temporary user namespace, this is useful for containers that are running with a different uidmap and the unprivileged user has no way to read the file owned by the root in the container.

Types

This section is empty.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL