MCPcopy
hub / github.com/opencontainers/runc / createDevices

Function createDevices

libcontainer/rootfs_linux.go:957–973  ·  view source on GitHub ↗

Create the device nodes in the container.

(rootFd *os.File, config *configs.Config)

Source from the content-addressed store, hash-verified

955
956// Create the device nodes in the container.
957func createDevices(rootFd *os.File, config *configs.Config) error {
958 useBindMount := userns.RunningInUserNS() || config.Namespaces.Contains(configs.NEWUSER)
959 for _, node := range config.Devices {
960
961 // The /dev/ptmx device is setup by setupPtmx()
962 if pathrs.LexicallyCleanPath(node.Path) == "/dev/ptmx" {
963 continue
964 }
965
966 // containers running in a user namespace are not allowed to mknod
967 // devices so we can just bind mount it from the host.
968 if err := createDeviceNode(rootFd, node, useBindMount); err != nil {
969 return err
970 }
971 }
972 return nil
973}
974
975func bindMountDeviceNode(destDir *os.File, destName string, node *devices.Device) error {
976 dstFile, err := utils.Openat(destDir, destName, unix.O_CREAT|unix.O_NOFOLLOW|unix.O_CLOEXEC, 0o000)

Callers 1

doSetupDevFunction · 0.70

Calls 3

LexicallyCleanPathFunction · 0.92
createDeviceNodeFunction · 0.85
ContainsMethod · 0.80

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…