diff --git a/init.go b/init.go index 59ce1e8c739..d39492952a3 100644 --- a/init.go +++ b/init.go @@ -10,11 +10,12 @@ import ( "github.com/opencontainers/runc/libcontainer/logs" _ "github.com/opencontainers/runc/libcontainer/nsenter" "github.com/sirupsen/logrus" - "github.com/urfave/cli" ) func init() { if len(os.Args) > 1 && os.Args[1] == "init" { + // This is the golang entry point for runc init, executed + // before main() but after libcontainer/nsenter's nsexec(). runtime.GOMAXPROCS(1) runtime.LockOSThread() @@ -38,13 +39,7 @@ func init() { panic(fmt.Sprintf("libcontainer: failed to configure logging: %v", err)) } logrus.Debug("child process in init()") - } -} -var initCommand = cli.Command{ - Name: "init", - Usage: `initialize the namespaces and launch the process (do not call it outside of runc)`, - Action: func(context *cli.Context) error { factory, _ := libcontainer.New("") if err := factory.StartInitialization(); err != nil { // as the error is sent back to the parent there is no need to log @@ -52,5 +47,5 @@ var initCommand = cli.Command{ os.Exit(1) } panic("libcontainer: container init failed to exec") - }, + } } diff --git a/libcontainer/nsenter/nsexec.c b/libcontainer/nsenter/nsexec.c index 8199faf3a01..49e8f54b6a4 100644 --- a/libcontainer/nsenter/nsexec.c +++ b/libcontainer/nsenter/nsexec.c @@ -41,12 +41,6 @@ enum sync_t { SYNC_CHILD_FINISH = 0x45, /* The child or grandchild has finished. */ }; -/* - * Synchronisation value for cgroup namespace setup. - * The same constant is defined in process_linux.go as "createCgroupns". - */ -#define CREATECGROUPNS 0x80 - #define STAGE_SETUP -1 /* longjmp() arguments. */ #define STAGE_PARENT 0 @@ -1075,24 +1069,9 @@ void nsexec(void) bail("setgroups failed"); } - /* - * Wait until our topmost parent has finished cgroup setup in - * p.manager.Apply(). - * - * TODO(cyphar): Check if this code is actually needed because we - * should be in the cgroup even from stage-0, so - * waiting until now might not make sense. - */ if (config.cloneflags & CLONE_NEWCGROUP) { - uint8_t value; - if (read(pipenum, &value, sizeof(value)) != sizeof(value)) - bail("read synchronisation value failed"); - if (value == CREATECGROUPNS) { - write_log(DEBUG, "unshare cgroup namespace"); - if (unshare(CLONE_NEWCGROUP) < 0) - bail("failed to unshare cgroup namespace"); - } else - bail("received unknown synchronisation value"); + if (unshare(CLONE_NEWCGROUP) < 0) + bail("failed to unshare cgroup namespace"); } write_log(DEBUG, "signal completion to stage-0"); diff --git a/libcontainer/process_linux.go b/libcontainer/process_linux.go index 490a7c8d702..e1649876b1d 100644 --- a/libcontainer/process_linux.go +++ b/libcontainer/process_linux.go @@ -25,10 +25,6 @@ import ( "golang.org/x/sys/unix" ) -// Synchronisation value for cgroup namespace setup. -// The same constant is defined in nsexec.c as "CREATECGROUPNS". -const createCgroupns = 0x80 - type parentProcess interface { // pid returns the pid for the running process. pid() int @@ -411,13 +407,6 @@ func (p *initProcess) start() (retErr error) { } p.setExternalDescriptors(fds) - // Now it's time to setup cgroup namesapce - if p.config.Config.Namespaces.Contains(configs.NEWCGROUP) && p.config.Config.Namespaces.PathOf(configs.NEWCGROUP) == "" { - if _, err := p.messageSockPair.parent.Write([]byte{createCgroupns}); err != nil { - return fmt.Errorf("error sending synchronization value to init process: %w", err) - } - } - // Wait for our first child to exit if err := p.waitForChildExit(childPid); err != nil { return fmt.Errorf("error waiting for our first child to exit: %w", err) diff --git a/main.go b/main.go index 45652ab327d..f141e79b443 100644 --- a/main.go +++ b/main.go @@ -119,7 +119,6 @@ func main() { deleteCommand, eventsCommand, execCommand, - initCommand, killCommand, listCommand, pauseCommand, @@ -149,10 +148,7 @@ func main() { if err := reviseRootDir(context); err != nil { return err } - // let init configure logging on its own - if args := context.Args(); args != nil && args.First() == "init" { - return nil - } + return logs.ConfigureLogging(createLogConfig(context)) }