github/weave-scope
1
0
Fork 0
mirror of https://github.com/weaveworks/scope.git synced 2026-03-05 03:01:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
2ea04aa159244d85b30bdefbe80098dde2f7cba4
weave-scope/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/devices.go
Alfonso Acosta 9f02e20ac3 Bump github.com/ugorji/go/codec/ for performance improvements 
This caused a dependency chain reaction (sigh):

* All the k8s packages had to be fetched again. This in turn required:
  * Pining github.com/docker/docker/pkg/parsers to
    0f5c9d301b9b1cca66b3ea0f9dec3b5317d3686d to cirvumvent
    https://github.com/kubernetes/kubernetes/issues/18774
  * Update github.com/juju/ratelimit
  * Make probe/kubernetes/client.go comply with API changes.
2016-02-16 06:31:35 +00:00

74 lines
1.5 KiB
Go
Raw Blame History

// +build linux
package fs
import (
"github.com/opencontainers/runc/libcontainer/cgroups"
"github.com/opencontainers/runc/libcontainer/configs"
)
type DevicesGroup struct {
}
func (s *DevicesGroup) Name() string {
return "devices"
}
func (s *DevicesGroup) Apply(d *cgroupData) error {
_, err := d.join("devices")
if err != nil {
// We will return error even it's `not found` error, devices
// cgroup is hard requirement for container's security.
return err
}
return nil
}
func (s *DevicesGroup) Set(path string, cgroup *configs.Cgroup) error {
devices := cgroup.Resources.Devices
if len(devices) > 0 {
for _, dev := range devices {
file := "devices.deny"
if dev.Allow {
file = "devices.allow"
}
if err := writeFile(path, file, dev.CgroupString()); err != nil {
return err
}
}
return nil
}
if !cgroup.Resources.AllowAllDevices {
if err := writeFile(path, "devices.deny", "a"); err != nil {
return err
}
for _, dev := range cgroup.Resources.AllowedDevices {
if err := writeFile(path, "devices.allow", dev.CgroupString()); err != nil {
return err
}
}
return nil
}
if err := writeFile(path, "devices.allow", "a"); err != nil {
return err
}
for _, dev := range cgroup.Resources.DeniedDevices {
if err := writeFile(path, "devices.deny", dev.CgroupString()); err != nil {
return err
}
}
return nil
}
func (s *DevicesGroup) Remove(d *cgroupData) error {
return removePath(d.path("devices"))
}
func (s *DevicesGroup) GetStats(path string, stats *cgroups.Stats) error {
return nil
}
Reference in New Issue View Git Blame Copy Permalink