(config *api.InitPreseed, server *api.Server)
| 536 | } |
| 537 | |
| 538 | func (c *cmdAdminInit) askDaemon(config *api.InitPreseed, server *api.Server) error { |
| 539 | // Detect lack of uid/gid |
| 540 | if linux.RunningInUserNS() { |
| 541 | fmt.Print("\n" + i18n.G(`We detected that you are running inside an unprivileged container. |
| 542 | This means that unless you manually configured your host otherwise, |
| 543 | you will not have enough uids and gids to allocate to your containers. |
| 544 | |
| 545 | Your container's own allocation can be reused to avoid the problem. |
| 546 | Doing so makes your nested containers slightly less safe as they could |
| 547 | in theory attack their parent container and gain more privileges than |
| 548 | they otherwise would.`) + "\n\n") |
| 549 | |
| 550 | shareParentAllocation, err := c.global.asker.AskBool(i18n.G("Would you like to have your containers share their parent's allocation?")+" (yes/no) [default=yes]: ", "yes") |
| 551 | if err != nil { |
| 552 | return err |
| 553 | } |
| 554 | |
| 555 | if shareParentAllocation { |
| 556 | config.Profiles[0].Config["security.privileged"] = "true" |
| 557 | } |
| 558 | } |
| 559 | |
| 560 | // Network listener |
| 561 | if config.Cluster == nil { |
| 562 | overNetwork, err := c.global.asker.AskBool(i18n.G("Would you like the server to be available over the network?")+" (yes/no) [default=no]: ", "no") |
| 563 | if err != nil { |
| 564 | return err |
| 565 | } |
| 566 | |
| 567 | if overNetwork { |
| 568 | isIPAddress := func(s string) error { |
| 569 | if s != "all" && net.ParseIP(s) == nil { |
| 570 | return fmt.Errorf(i18n.G("%q is not an IP address"), s) |
| 571 | } |
| 572 | |
| 573 | return nil |
| 574 | } |
| 575 | |
| 576 | netAddr, err := c.global.asker.AskString(i18n.G("Address to bind to (not including port)")+" [default=all]: ", "all", isIPAddress) |
| 577 | if err != nil { |
| 578 | return err |
| 579 | } |
| 580 | |
| 581 | if netAddr == "all" { |
| 582 | netAddr = "::" |
| 583 | } |
| 584 | |
| 585 | if net.ParseIP(netAddr).To4() == nil { |
| 586 | netAddr = fmt.Sprintf("[%s]", netAddr) |
| 587 | } |
| 588 | |
| 589 | netPort, err := c.global.asker.AskInt(fmt.Sprintf(i18n.G("Port to bind to")+" [default=%d]: ", ports.HTTPSDefaultPort), 1, 65535, fmt.Sprintf("%d", ports.HTTPSDefaultPort), func(netPort int64) error { |
| 590 | address := internalUtil.CanonicalNetworkAddressFromAddressAndPort(netAddr, int(netPort), ports.HTTPSDefaultPort) |
| 591 | |
| 592 | if err == nil { |
| 593 | if server.Config["cluster.https_address"] == address || server.Config["core.https_address"] == address { |
| 594 | // We already own the address, just move on. |
| 595 | return nil |
no test coverage detected