aboutsummaryrefslogtreecommitdiffstats
path: root/kube2msb/src/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/devices.go
diff options
context:
space:
mode:
Diffstat (limited to 'kube2msb/src/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/devices.go')
-rw-r--r--kube2msb/src/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/devices.go78
1 files changed, 0 insertions, 78 deletions
diff --git a/kube2msb/src/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/devices.go b/kube2msb/src/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/devices.go
deleted file mode 100644
index 5f78331..0000000
--- a/kube2msb/src/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/devices.go
+++ /dev/null
@@ -1,78 +0,0 @@
-// +build linux
-
-package fs
-
-import (
- "github.com/opencontainers/runc/libcontainer/cgroups"
- "github.com/opencontainers/runc/libcontainer/configs"
- "github.com/opencontainers/runc/libcontainer/system"
-)
-
-type DevicesGroup struct {
-}
-
-func (s *DevicesGroup) Name() string {
- return "devices"
-}
-
-func (s *DevicesGroup) Apply(d *cgroupData) error {
- _, err := d.join("devices")
- if err != nil {
- // We will return error even it's `not found` error, devices
- // cgroup is hard requirement for container's security.
- return err
- }
- return nil
-}
-
-func (s *DevicesGroup) Set(path string, cgroup *configs.Cgroup) error {
- if system.RunningInUserNS() {
- return nil
- }
-
- devices := cgroup.Resources.Devices
- if len(devices) > 0 {
- for _, dev := range devices {
- file := "devices.deny"
- if dev.Allow {
- file = "devices.allow"
- }
- if err := writeFile(path, file, dev.CgroupString()); err != nil {
- return err
- }
- }
- return nil
- }
- if !cgroup.Resources.AllowAllDevices {
- if err := writeFile(path, "devices.deny", "a"); err != nil {
- return err
- }
-
- for _, dev := range cgroup.Resources.AllowedDevices {
- if err := writeFile(path, "devices.allow", dev.CgroupString()); err != nil {
- return err
- }
- }
- return nil
- }
-
- if err := writeFile(path, "devices.allow", "a"); err != nil {
- return err
- }
-
- for _, dev := range cgroup.Resources.DeniedDevices {
- if err := writeFile(path, "devices.deny", dev.CgroupString()); err != nil {
- return err
- }
- }
-
- return nil
-}
-
-func (s *DevicesGroup) Remove(d *cgroupData) error {
- return removePath(d.path("devices"))
-}
-
-func (s *DevicesGroup) GetStats(path string, stats *cgroups.Stats) error {
- return nil
-}