Execute implements subcommands.Command.
(_ context.Context, f *flag.FlagSet, args ...any)
| 161 | |
| 162 | // Execute implements subcommands.Command. |
| 163 | func (g *Gofer) Execute(_ context.Context, f *flag.FlagSet, args ...any) subcommands.ExitStatus { |
| 164 | if g.bundleDir == "" || len(g.ioFDs) < 1 || g.specFD < 0 { |
| 165 | f.Usage() |
| 166 | return subcommands.ExitUsageError |
| 167 | } |
| 168 | if f.NArg() != 1 { |
| 169 | f.Usage() |
| 170 | return subcommands.ExitUsageError |
| 171 | } |
| 172 | containerID := f.Arg(0) |
| 173 | |
| 174 | conf := args[0].(*config.Config) |
| 175 | |
| 176 | // Set traceback level |
| 177 | debug.SetTraceback(conf.Traceback) |
| 178 | |
| 179 | specFile := os.NewFile(uintptr(g.specFD), "spec file") |
| 180 | defer specFile.Close() |
| 181 | spec, err := specutils.ReadSpecFromFile(g.bundleDir, specFile, conf) |
| 182 | if err != nil { |
| 183 | util.Fatalf("reading spec: %v", err) |
| 184 | } |
| 185 | mountHints, err := boot.NewPodMountHints(spec) |
| 186 | if err != nil { |
| 187 | util.Fatalf("parsing mount hints: %v", err) |
| 188 | } |
| 189 | rootfsHint, err := boot.NewRootfsHint(spec) |
| 190 | if err != nil { |
| 191 | util.Fatalf("parsing rootfs hint: %v", err) |
| 192 | } |
| 193 | lisafsNeeded := lisafsNeededForDirectFSSuppression(spec, mountHints, rootfsHint, g.mountConfs) |
| 194 | |
| 195 | g.syncFDs.syncChroot() |
| 196 | g.syncFDs.syncUsernsForRootless(uint32(g.uid), uint32(g.gid)) |
| 197 | |
| 198 | goferToHostRPCSock, err := unet.NewSocket(g.goferToHostRPCFD) |
| 199 | if err != nil { |
| 200 | util.Fatalf("creating rpc socket: %v", err) |
| 201 | } |
| 202 | |
| 203 | goferToHostRPC := urpc.NewClient(goferToHostRPCSock) |
| 204 | defer goferToHostRPC.Close() |
| 205 | |
| 206 | if g.setUpRoot { |
| 207 | if err := sandboxsetup.SetupRootFS(spec, conf, g.mountConfs, g.devIoFD, makeRPCMountOpener(goferToHostRPC), containerID, g.bundleDir); err != nil { |
| 208 | util.Fatalf("Error setting up root FS: %v", err) |
| 209 | } |
| 210 | if !conf.TestOnlyAllowRunAsCurrentUserWithoutChroot { |
| 211 | cleanupUnmounter := g.syncFDs.spawnProcUnmounter() |
| 212 | defer cleanupUnmounter() |
| 213 | } |
| 214 | } |
| 215 | extensionPrepare, err := extension.PrepareGofer(extension.GoferPrepareContext{ |
| 216 | Spec: spec, |
| 217 | ContainerID: containerID, |
| 218 | BundleDir: g.bundleDir, |
| 219 | }) |
| 220 | if err != nil { |
nothing calls this directly
no test coverage detected