Merge pull request #3254 from kolyshkin/sysctl-slash

libct/configs/validate: allow / in sysctl names
opencontainers · Oct 29, 2021 · a9761c4 · a9761c4
2 parents fac268b + 972aea3
commit a9761c4
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 5 deletions.
diff --git a/libcontainer/configs/validate/validator.go b/libcontainer/configs/validate/validator.go
@@ -150,6 +150,7 @@ func (v *ConfigValidator) sysctl(config *configs.Config) error {
 	)
 
 	for s := range config.Sysctl {
+		s := strings.Replace(s, "/", ".", -1)
 		if validSysctlMap[s] || strings.HasPrefix(s, "fs.mqueue.") {
 			if config.Namespaces.Contains(configs.NEWIPC) {
 				continue

diff --git a/libcontainer/configs/validate/validator_test.go b/libcontainer/configs/validate/validator_test.go
@@ -188,8 +188,11 @@ func TestValidateUsernamespaceWithoutUserNS(t *testing.T) {
 func TestValidateSysctl(t *testing.T) {
 	sysctl := map[string]string{
 		"fs.mqueue.ctl": "ctl",
+		"fs/mqueue/ctl": "ctl",
 		"net.ctl":       "ctl",
+		"net/ctl":       "ctl",
 		"kernel.ctl":    "ctl",
+		"kernel/ctl":    "ctl",
 	}
 
 	for k, v := range sysctl {
@@ -209,8 +212,11 @@ func TestValidateSysctl(t *testing.T) {
 func TestValidateValidSysctl(t *testing.T) {
 	sysctl := map[string]string{
 		"fs.mqueue.ctl": "ctl",
+		"fs/mqueue/ctl": "ctl",
 		"net.ctl":       "ctl",
+		"net/ctl":       "ctl",
 		"kernel.msgmax": "ctl",
+		"kernel/msgmax": "ctl",
 	}
 
 	for k, v := range sysctl {

diff --git a/libcontainer/integration/exec_test.go b/libcontainer/integration/exec_test.go
@@ -897,16 +897,21 @@ func TestSysctl(t *testing.T) {
 	config := newTemplateConfig(t, nil)
 	config.Sysctl = map[string]string{
 		"kernel.shmmni": "8192",
+		"kernel/shmmax": "4194304",
 	}
+	const (
+		cmd = "cat shmmni shmmax"
+		exp = "8192\n4194304\n"
+	)
 
 	container, err := newContainer(t, config)
 	ok(t, err)
 	defer destroyContainer(container)
 
 	var stdout bytes.Buffer
 	pconfig := libcontainer.Process{
-		Cwd:    "/",
-		Args:   []string{"sh", "-c", "cat /proc/sys/kernel/shmmni"},
+		Cwd:    "/proc/sys/kernel",
+		Args:   []string{"sh", "-c", cmd},
 		Env:    standardEnvironment,
 		Stdin:  nil,
 		Stdout: &stdout,
@@ -918,9 +923,9 @@ func TestSysctl(t *testing.T) {
 	// Wait for process
 	waitProcess(&pconfig, t)
 
-	shmmniOutput := strings.TrimSpace(stdout.String())
-	if shmmniOutput != "8192" {
-		t.Fatalf("kernel.shmmni property expected to be 8192, but is %s", shmmniOutput)
+	out := stdout.String()
+	if out != exp {
+		t.Fatalf("expected %s, got %s", exp, out)
 	}
 }