aljaz/kata-containers
1
0
Fork 0
mirror of https://github.com/aljazceru/kata-containers.git synced 2025-12-31 04:54:21 +01:00
Code Issues Packages Projects Releases Wiki Activity
2,148 Commits 30 Branches 115 Tags
01beb2fda9e48ff2eae77451ece7c559feb6b402
Commit Graph

4 Commits

Author SHA1 Message Date
Julio Montes
4a77b0f8ec rootless: use libcontainer API to detect rootless 
libcontainer already has an API to detect if the runtime is running rootless.
Use libcontainer API instead of reinventing the wheel.

fixes #2415

Signed-off-by: Julio Montes <julio.montes@intel.com>
 2020-01-28 21:59:51 +00:00
Archana Shinde
b96c7e5abe rootless: fix rootless for case net=none 
When kata-runtime was invoked as rootless by podman with
net=none, an empty net namespace path is provided.
kata-runtime was then trying to create a new network namespace
and bind-mounting it under /var/run/netns, resulting in a permission error.

Instead, with this commit, the runtime checks if it is
running rootless and instead creates network namespace bind mount
under rootless directory instead.

Fixes #2319

Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
 2019-12-16 12:26:57 -08:00
Li Yuxuan
3f1a39c442 rootless: Fix rangeUID parsing 
`rangeUID` should be parsed as ids[2] rather than ids[1]

Fixes: #2173
Signed-off-by: Li Yuxuan <liyuxuan04@baidu.com>
 2019-11-08 20:33:42 +08:00
Gabi Beyer
2d8b278c09 rootless: add rootless logic 
Add the ability to check whether kata is running rootlessly or
not. Add the setup of the rootless directory located in the dir
/run/user/<UID> directory.

Fixes: #1874

Signed-off-by: Gabi Beyer <gabrielle.n.beyer@intel.com>
Co-developed-by: Marco Vedovati <mvedovati@suse.com>
Signed-off-by: Marco Vedovati <mvedovati@suse.com>
 2019-09-26 16:17:16 +02:00