Go1.5 compatibility fix #166
Conversation
| @@ -21,6 +24,15 @@ func (c *linuxContainer) addUidGidMappings(sys *syscall.SysProcAttr) error { | |||
| sys.GidMappings[i].HostID = gm.HostID | |||
| sys.GidMappings[i].Size = gm.Size | |||
| } | |||
|
|
|||
| // Set sys.GidMappingsEnableSetgroups to true, so the process's | |||
There was a problem hiding this comment.
I think it should be done by build tag.
There was a problem hiding this comment.
I agree a build tag is cleaner than reflection, but wanted to avoid adding another file or even two (depending on whether we'd like to duplicate addUidGidMappings or add another function).
If you'd still like to do this with build tags, please let me know.
There was a problem hiding this comment.
+1 to using build tags here.
There was a problem hiding this comment.
Sure thing, updated this patch accordingly
|
Just noticed #70, which makes the two seccomp patches irrelevant. Should I remove these from this pull request, or keep them until the above is merged? |
|
@GitIdo I think you could remove those fixes or create a separate PR for them so we can get the other fix merged. |
A boolean field named GidMappingsEnableSetgroups was added to SysProcAttr in Go1.5. This field determines the value of the process's setgroups proc entry. Since the default is to set the entry to 'deny', calling setgroups will fail on systems running kernels 3.19+. Set GidMappingsEnableSetgroups to true so setgroups wont be set to 'deny'. Signed-off-by: Ido Yariv <ido@wizery.com>
|
LGTM |
1 similar comment
|
LGTM |
This fixes an issue with Go 1.5, introduced by:
golang/go@f5c60ff