Browse code
small refactoring
Docker-DCO-1.1-Signed-off-by: Victor Vieux <vieux@docker.com> (github: vieux)
Victor Vieux authored on 2014/07/11 07:11:35Showing 3 changed files
- daemon/execdriver/lxc/lxc_init_linux.go
- daemon/execdriver/native/create.go
- daemon/execdriver/utils.go
| ... | ... |
@@ -13,7 +13,6 @@ import ( |
| 13 | 13 |
"github.com/dotcloud/docker/daemon/execdriver" |
| 14 | 14 |
"github.com/dotcloud/docker/daemon/execdriver/native/template" |
| 15 | 15 |
"github.com/dotcloud/docker/pkg/system" |
| 16 |
- utils2 "github.com/dotcloud/docker/utils" |
|
| 17 | 16 |
) |
| 18 | 17 |
|
| 19 | 18 |
func setHostname(hostname string) error {
|
| ... | ... |
@@ -50,18 +49,7 @@ func finalizeNamespace(args *execdriver.InitArgs) error {
|
| 50 | 50 |
return fmt.Errorf("clear keep caps %s", err)
|
| 51 | 51 |
} |
| 52 | 52 |
|
| 53 |
- var caps []string |
|
| 54 |
- for _, cap := range container.Capabilities {
|
|
| 55 |
- if !utils2.StringsContains(strings.Split(args.CapDrop, " "), cap) {
|
|
| 56 |
- caps = append(caps, cap) |
|
| 57 |
- } |
|
| 58 |
- } |
|
| 59 |
- |
|
| 60 |
- for _, cap := range strings.Split(args.CapAdd, " ") {
|
|
| 61 |
- if !utils2.StringsContains(caps, cap) {
|
|
| 62 |
- caps = append(caps, cap) |
|
| 63 |
- } |
|
| 64 |
- } |
|
| 53 |
+ caps := execdriver.TweakCapabilities(container.Capabilities, strings.Split(args.CapAdd, " "), strings.Split(args.CapDrop, " ")) |
|
| 65 | 54 |
|
| 66 | 55 |
// drop all other capabilities |
| 67 | 56 |
if err := capabilities.DropCapabilities(caps); err != nil {
|
| ... | ... |
@@ -14,7 +14,6 @@ import ( |
| 14 | 14 |
"github.com/dotcloud/docker/daemon/execdriver" |
| 15 | 15 |
"github.com/dotcloud/docker/daemon/execdriver/native/configuration" |
| 16 | 16 |
"github.com/dotcloud/docker/daemon/execdriver/native/template" |
| 17 |
- "github.com/dotcloud/docker/utils" |
|
| 18 | 17 |
) |
| 19 | 18 |
|
| 20 | 19 |
// createContainer populates and configures the container type with the |
| ... | ... |
@@ -140,20 +139,7 @@ func (d *driver) setPrivileged(container *libcontainer.Config) (err error) {
|
| 140 | 140 |
} |
| 141 | 141 |
|
| 142 | 142 |
func (d *driver) setCapabilities(container *libcontainer.Config, c *execdriver.Command) {
|
| 143 |
- var caps []string |
|
| 144 |
- for _, cap := range container.Capabilities {
|
|
| 145 |
- if !utils.StringsContains(c.CapDrop, cap) {
|
|
| 146 |
- caps = append(caps, cap) |
|
| 147 |
- } |
|
| 148 |
- } |
|
| 149 |
- |
|
| 150 |
- for _, cap := range c.CapAdd {
|
|
| 151 |
- if !utils.StringsContains(caps, cap) {
|
|
| 152 |
- caps = append(caps, cap) |
|
| 153 |
- } |
|
| 154 |
- } |
|
| 155 |
- |
|
| 156 |
- container.Capabilities = caps |
|
| 143 |
+ container.Capabilities = execdriver.TweakCapabilities(container.Capabilities, c.CapAdd, c.CapDrop) |
|
| 157 | 144 |
} |
| 158 | 145 |
|
| 159 | 146 |
func (d *driver) setupCgroups(container *libcontainer.Config, c *execdriver.Command) error {
|
| 160 | 147 |
new file mode 100644 |
| ... | ... |
@@ -0,0 +1,19 @@ |
| 0 |
+package execdriver |
|
| 1 |
+ |
|
| 2 |
+import "github.com/dotcloud/docker/utils" |
|
| 3 |
+ |
|
| 4 |
+func TweakCapabilities(basics, adds, drops []string) []string {
|
|
| 5 |
+ var caps []string |
|
| 6 |
+ for _, cap := range basics {
|
|
| 7 |
+ if !utils.StringsContains(drops, cap) {
|
|
| 8 |
+ caps = append(caps, cap) |
|
| 9 |
+ } |
|
| 10 |
+ } |
|
| 11 |
+ |
|
| 12 |
+ for _, cap := range adds {
|
|
| 13 |
+ if !utils.StringsContains(caps, cap) {
|
|
| 14 |
+ caps = append(caps, cap) |
|
| 15 |
+ } |
|
| 16 |
+ } |
|
| 17 |
+ return caps |
|
| 18 |
+} |