libct: rm Rootless* properties from initConfig

They are passed in initConfig twice, so it does not make sense. NB: the alternative to that would be to remove Config field from initConfig, but it results in a much bigger patch and more maintenance down the road. Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2025-10-07 00:12:53 +08:00 · 2025-01-15 23:28:08 -08:00
parent 2a86c35768
commit f26ec92221
3 changed files with 2 additions and 10 deletions
--- a/libcontainer/container_linux.go
+++ b/libcontainer/container_linux.go
@@ -704,8 +704,6 @@ func (c *Container) newInitConfig(process *Process) *initConfig {
 		PassedFilesCount: len(process.ExtraFiles),
 		ContainerID:      c.ID(),
 		NoNewPrivileges:  c.config.NoNewPrivileges,
-		RootlessEUID:     c.config.RootlessEUID,
-		RootlessCgroups:  c.config.RootlessCgroups,
 		AppArmorProfile:  c.config.AppArmorProfile,
 		ProcessLabel:     c.config.ProcessLabel,
 		Rlimits:          c.config.Rlimits,
--- a/libcontainer/init_linux.go
+++ b/libcontainer/init_linux.go
@@ -82,12 +82,6 @@ type initConfig struct {
 	ProcessLabel    string                `json:"process_label"`
 	Rlimits         []configs.Rlimit      `json:"rlimits"`

-	// Properties that only exist in container config.
-	// FIXME: they are also passed in Config above.
-
-	RootlessEUID    bool `json:"rootless_euid,omitempty"`
-	RootlessCgroups bool `json:"rootless_cgroups,omitempty"`
-
 	// Miscellaneous properties, filled in by [Container.newInitConfig]
 	// unless documented otherwise.

@@ -484,7 +478,7 @@ func setupUser(config *initConfig) error {
 	// There's nothing we can do about /etc/group entries, so we silently
 	// ignore setting groups here (since the user didn't explicitly ask us to
 	// set the group).
-	allowSupGroups := !config.RootlessEUID && string(bytes.TrimSpace(setgroups)) != "deny"
+	allowSupGroups := !config.Config.RootlessEUID && string(bytes.TrimSpace(setgroups)) != "deny"

 	if allowSupGroups {
 		if err := unix.Setgroups(config.AdditionalGroups); err != nil {
--- a/libcontainer/rootfs_linux.go
+++ b/libcontainer/rootfs_linux.go
@@ -106,7 +106,7 @@ func prepareRootfs(pipe *syncSocket, iConfig *initConfig) (err error) {
 		root:            config.Rootfs,
 		label:           config.MountLabel,
 		cgroup2Path:     iConfig.Cgroup2Path,
-		rootlessCgroups: iConfig.RootlessCgroups,
+		rootlessCgroups: config.RootlessCgroups,
 		cgroupns:        config.Namespaces.Contains(configs.NEWCGROUP),
 	}
 	for _, m := range config.Mounts {