zishuo/runc
1
0
Fork 0
mirror of https://github.com/opencontainers/runc.git synced 2025-10-27 17:40:56 +08:00
Code Issues Packages Projects Releases Wiki Activity

Allow additional groups to be overridden in exec

Browse Source 
Signed-off-by: Julian Friedman <julz.friedman@uk.ibm.com>
Signed-off-by: Petar Petrov <pppepito86@gmail.com>
Signed-off-by: Georgi Sabev <georgethebeatle@gmail.com>
This commit is contained in:
Petar Petrov
2016-06-10 10:35:13 +00:00
committed by Georgi Sabev
parent 42dfd60643
commit f9b72b1b46
8 changed files with 76 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
utils_linux.go
View File

@@ -7,6 +7,7 @@ import (
"fmt"
"os"
"path/filepath"
"strconv"
"syscall"
"github.com/Sirupsen/logrus"
@@ -83,6 +84,9 @@ func newProcess(p specs.Process) (*libcontainer.Process, error) {
NoNewPrivileges: &p.NoNewPrivileges,
AppArmorProfile: p.ApparmorProfile,
}
for _, gid := range p.User.AdditionalGids {
lp.AdditionalGroups = append(lp.AdditionalGroups, strconv.FormatUint(uint64(gid), 10))
}
for _, rlimit := range p.Rlimits {
rl, err := createLibContainerRlimit(rlimit)
if err != nil {