From a3598ff617b3f13a0e968bd62162b024366b5754 Mon Sep 17 00:00:00 2001 From: Doug Rabson Date: Tue, 29 Nov 2022 15:53:34 +0000 Subject: [PATCH] pkg/specgen: Add support for Linux emulation on FreeBSD This is limited to images that don't depend on complex cgroup or capability setups but does cover enough functionality to be useful. [NO NEW TESTS NEEDED] Signed-off-by: Doug Rabson --- pkg/specgen/generate/oci_freebsd.go | 52 ++++++++++++++++++++++++++++- 1 file changed, 51 insertions(+), 1 deletion(-) diff --git a/pkg/specgen/generate/oci_freebsd.go b/pkg/specgen/generate/oci_freebsd.go index 56245b5796..282165f3f1 100644 --- a/pkg/specgen/generate/oci_freebsd.go +++ b/pkg/specgen/generate/oci_freebsd.go @@ -4,6 +4,7 @@ package generate import ( "context" + "fmt" "strings" "github.com/containers/common/libimage" @@ -17,7 +18,11 @@ import ( // SpecGenToOCI returns the base configuration for the container. func SpecGenToOCI(ctx context.Context, s *specgen.SpecGenerator, rt *libpod.Runtime, rtc *config.Config, newImage *libimage.Image, mounts []spec.Mount, pod *libpod.Pod, finalCmd []string, compatibleOptions *libpod.InfraInherit) (*spec.Spec, error) { - g, err := generate.New("freebsd") + if s.ImageOS != "freebsd" && s.ImageOS != "linux" { + return nil, fmt.Errorf("unsupported image OS: %s", s.ImageOS) + } + + g, err := generate.New(s.ImageOS) if err != nil { return nil, err } @@ -49,6 +54,51 @@ func SpecGenToOCI(ctx context.Context, s *specgen.SpecGenerator, rt *libpod.Runt return nil, err } + // Linux emulatioon + if s.ImageOS == "linux" { + var mounts []spec.Mount + for _, m := range configSpec.Mounts { + switch m.Destination { + case "/proc": + m.Type = "linprocfs" + m.Options = []string{"nodev"} + mounts = append(mounts, m) + continue + case "/sys": + m.Type = "linsysfs" + m.Options = []string{"nodev"} + mounts = append(mounts, m) + continue + case "/dev", "/dev/pts", "/dev/shm", "/dev/mqueue": + continue + } + } + mounts = append(mounts, + spec.Mount{ + Destination: "/dev", + Type: "devfs", + Source: "devfs", + Options: []string{ + "ruleset=4", + "rule=path shm unhide mode 1777", + }, + }, + spec.Mount{ + Destination: "/dev/fd", + Type: "fdescfs", + Source: "fdesc", + Options: []string{}, + }, + spec.Mount{ + Destination: "/dev/shm", + Type: "tmpfs", + Source: "shm", + Options: []string{"notmpcopyup"}, + }, + ) + configSpec.Mounts = mounts + } + // BIND MOUNTS configSpec.Mounts = SupersedeUserMounts(mounts, configSpec.Mounts) // Process mounts to ensure correct options