Operations is an interface describing necessary operations to launch a container process. Some of them may be called with elevated privilege or the potential to escalate privileges. Refer to an individual method documentation for a detailed description of the context in which it is called.
| 34 | // or the potential to escalate privileges. Refer to an individual method |
| 35 | // documentation for a detailed description of the context in which it is called. |
| 36 | type Operations interface { |
| 37 | // Config returns a zero value of the current EngineConfig, which |
| 38 | // depends on the implementation, used to populate the Common struct. |
| 39 | // |
| 40 | // Since this method simply returns a zero value of the concrete |
| 41 | // EngineConfig, it does not matter whether or not there are any elevated |
| 42 | // privileges during this call. |
| 43 | Config() config.EngineConfig |
| 44 | // InitConfig stores the parsed config.Common inside the Operations |
| 45 | // implementation and may do additional initialization depending on |
| 46 | // the second parameter which is true only when running setuid |
| 47 | // in stage1. |
| 48 | // |
| 49 | // No elevated privileges are needed during this call. |
| 50 | InitConfig(*config.Common, bool) |
| 51 | // PrepareConfig is called during stage1 to validate and prepare |
| 52 | // container configuration. |
| 53 | // |
| 54 | // No additional privileges can be gained as any of them are already |
| 55 | // dropped by the time PrepareConfig is called. |
| 56 | PrepareConfig(*starter.Config) error |
| 57 | // CreateContainer is called from master process to prepare container |
| 58 | // environment, e.g. perform mount operations, setup network, etc. |
| 59 | // |
| 60 | // Additional privileges required for setup may be gained when running |
| 61 | // in suid flow. However, when a user namespace is requested and it is not |
| 62 | // a hybrid workflow (e.g. fakeroot), then there is no privileged saved uid |
| 63 | // and thus no additional privileges can be gained. |
| 64 | CreateContainer(context.Context, int, net.Conn) error |
| 65 | // StartProcess is called during stage2 after RPC server finished |
| 66 | // environment preparation. This is the container process itself. |
| 67 | // |
| 68 | // No additional privileges can be gained during this call (unless container |
| 69 | // is executed as root intentionally) as starter will set uid/euid/suid |
| 70 | // to the targetUID (PrepareConfig will set it by calling starter.Config.SetTargetUID). |
| 71 | StartProcess(int) error |
| 72 | // PostStartProcess is called from master after successful |
| 73 | // execution of the container process. |
| 74 | // |
| 75 | // Additional privileges may be gained when running |
| 76 | // in suid flow. However, when a user namespace is requested and it is not |
| 77 | // a hybrid workflow (e.g. fakeroot), then there is no privileged saved uid |
| 78 | // and thus no additional privileges can be gained. |
| 79 | PostStartProcess(context.Context, int) error |
| 80 | // MonitorContainer is called from master once the container has |
| 81 | // been spawned. It will typically block until the container exists. |
| 82 | // |
| 83 | // Additional privileges may be gained when running |
| 84 | // in suid flow. However, when a user namespace is requested and it is not |
| 85 | // a hybrid workflow (e.g. fakeroot), then there is no privileged saved uid |
| 86 | // and thus no additional privileges can be gained. |
| 87 | MonitorContainer(int, chan os.Signal) (syscall.WaitStatus, error) |
| 88 | // CleanupContainer is called from master after the MonitorContainer returns. |
| 89 | // It is responsible for ensuring that the container has been properly torn down. |
| 90 | // |
| 91 | // Additional privileges may be gained when running |
| 92 | // in suid flow. However, when a user namespace is requested and it is not |
| 93 | // a hybrid workflow (e.g. fakeroot), then there is no privileged saved uid |
no outgoing calls
no test coverage detected