MCPcopy
hub / github.com/google/gvisor / Execute

Method Execute

runsc/cmd/gofer.go:163–335  ·  view source on GitHub ↗

Execute implements subcommands.Command.

(_ context.Context, f *flag.FlagSet, args ...any)

Source from the content-addressed store, hash-verified

161
162// Execute implements subcommands.Command.
163func (g *Gofer) Execute(_ context.Context, f *flag.FlagSet, args ...any) subcommands.ExitStatus {
164 if g.bundleDir == "" || len(g.ioFDs) < 1 || g.specFD < 0 {
165 f.Usage()
166 return subcommands.ExitUsageError
167 }
168 if f.NArg() != 1 {
169 f.Usage()
170 return subcommands.ExitUsageError
171 }
172 containerID := f.Arg(0)
173
174 conf := args[0].(*config.Config)
175
176 // Set traceback level
177 debug.SetTraceback(conf.Traceback)
178
179 specFile := os.NewFile(uintptr(g.specFD), "spec file")
180 defer specFile.Close()
181 spec, err := specutils.ReadSpecFromFile(g.bundleDir, specFile, conf)
182 if err != nil {
183 util.Fatalf("reading spec: %v", err)
184 }
185 mountHints, err := boot.NewPodMountHints(spec)
186 if err != nil {
187 util.Fatalf("parsing mount hints: %v", err)
188 }
189 rootfsHint, err := boot.NewRootfsHint(spec)
190 if err != nil {
191 util.Fatalf("parsing rootfs hint: %v", err)
192 }
193 lisafsNeeded := lisafsNeededForDirectFSSuppression(spec, mountHints, rootfsHint, g.mountConfs)
194
195 g.syncFDs.syncChroot()
196 g.syncFDs.syncUsernsForRootless(uint32(g.uid), uint32(g.gid))
197
198 goferToHostRPCSock, err := unet.NewSocket(g.goferToHostRPCFD)
199 if err != nil {
200 util.Fatalf("creating rpc socket: %v", err)
201 }
202
203 goferToHostRPC := urpc.NewClient(goferToHostRPCSock)
204 defer goferToHostRPC.Close()
205
206 if g.setUpRoot {
207 if err := sandboxsetup.SetupRootFS(spec, conf, g.mountConfs, g.devIoFD, makeRPCMountOpener(goferToHostRPC), containerID, g.bundleDir); err != nil {
208 util.Fatalf("Error setting up root FS: %v", err)
209 }
210 if !conf.TestOnlyAllowRunAsCurrentUserWithoutChroot {
211 cleanupUnmounter := g.syncFDs.spawnProcUnmounter()
212 defer cleanupUnmounter()
213 }
214 }
215 extensionPrepare, err := extension.PrepareGofer(extension.GoferPrepareContext{
216 Spec: spec,
217 ContainerID: containerID,
218 BundleDir: g.bundleDir,
219 })
220 if err != nil {

Callers

nothing calls this directly

Calls 15

CloseMethod · 0.95
NameMethod · 0.95
serveMethod · 0.95
ReadSpecFromFileFunction · 0.92
FatalfFunction · 0.92
NewPodMountHintsFunction · 0.92
NewRootfsHintFunction · 0.92
NewSocketFunction · 0.92
NewClientFunction · 0.92
SetupRootFSFunction · 0.92
PrepareGoferFunction · 0.92
PrepareArgsFunction · 0.92

Tested by

no test coverage detected