Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CleanupHost ¶
func Master ¶
func Master(rpcSocket, masterSocket, postStartSocket, cleanupSocket, containerPid, imageFd int, e *engine.Engine)
Master initializes a runtime engine and runs it.
Saved uid 0 is preserved when run with suid flow, so that the master is capable to escalate its privileges to setup container environment properly.
func PostStartHost ¶ added in v4.1.0
func RPCServer ¶
RPCServer serves runtime engine requests.
The RPC server process is already in correct namespaces required by container, so any operations performed will affect final container environment. When run with suid flow, i.e. no user namespace for container is created and no hybrid workflow is requested, the server is run with escalated privileges (as euid 0).
func StageOne ¶
func StageOne(sconfig *starterConfig.Config, e *engine.Engine)
StageOne validates and prepares container configuration which is used during container creation. Updated (possibly) engine configuration is wrote back into a shared sconfig so that new values will appear in next stages of engine execution and in master process.
Any privileges gained from SUID flow or capabilities in extended attributes are already dropped by this moment.
Types ¶
This section is empty.