diff --git a/components/engine/builder/dockerfile/internals.go b/components/engine/builder/dockerfile/internals.go index 3d93b510a7..5ce5f89744 100644 --- a/components/engine/builder/dockerfile/internals.go +++ b/components/engine/builder/dockerfile/internals.go @@ -12,7 +12,6 @@ import ( "path" "path/filepath" "runtime" - "strconv" "strings" "github.com/docker/docker/api/types" @@ -24,10 +23,8 @@ import ( "github.com/docker/docker/pkg/containerfs" "github.com/docker/docker/pkg/idtools" "github.com/docker/docker/pkg/stringid" - "github.com/docker/docker/pkg/symlink" "github.com/docker/docker/pkg/system" "github.com/docker/go-connections/nat" - lcUser "github.com/opencontainers/runc/libcontainer/user" "github.com/pkg/errors" ) @@ -216,82 +213,6 @@ func (b *Builder) performCopy(state *dispatchState, inst copyInstruction) error return b.exportImage(state, imageMount, runConfigWithCommentCmd) } -func parseChownFlag(chown, ctrRootPath string, idMappings *idtools.IDMappings) (idtools.IDPair, error) { - var userStr, grpStr string - parts := strings.Split(chown, ":") - if len(parts) > 2 { - return idtools.IDPair{}, errors.New("invalid chown string format: " + chown) - } - if len(parts) == 1 { - // if no group specified, use the user spec as group as well - userStr, grpStr = parts[0], parts[0] - } else { - userStr, grpStr = parts[0], parts[1] - } - - passwdPath, err := symlink.FollowSymlinkInScope(filepath.Join(ctrRootPath, "etc", "passwd"), ctrRootPath) - if err != nil { - return idtools.IDPair{}, errors.Wrapf(err, "can't resolve /etc/passwd path in container rootfs") - } - groupPath, err := symlink.FollowSymlinkInScope(filepath.Join(ctrRootPath, "etc", "group"), ctrRootPath) - if err != nil { - return idtools.IDPair{}, errors.Wrapf(err, "can't resolve /etc/group path in container rootfs") - } - uid, err := lookupUser(userStr, passwdPath) - if err != nil { - return idtools.IDPair{}, errors.Wrapf(err, "can't find uid for user "+userStr) - } - gid, err := lookupGroup(grpStr, groupPath) - if err != nil { - return idtools.IDPair{}, errors.Wrapf(err, "can't find gid for group "+grpStr) - } - - // convert as necessary because of user namespaces - chownPair, err := idMappings.ToHost(idtools.IDPair{UID: uid, GID: gid}) - if err != nil { - return idtools.IDPair{}, errors.Wrapf(err, "unable to convert uid/gid to host mapping") - } - return chownPair, nil -} - -func lookupUser(userStr, filepath string) (int, error) { - // if the string is actually a uid integer, parse to int and return - // as we don't need to translate with the help of files - uid, err := strconv.Atoi(userStr) - if err == nil { - return uid, nil - } - users, err := lcUser.ParsePasswdFileFilter(filepath, func(u lcUser.User) bool { - return u.Name == userStr - }) - if err != nil { - return 0, err - } - if len(users) == 0 { - return 0, errors.New("no such user: " + userStr) - } - return users[0].Uid, nil -} - -func lookupGroup(groupStr, filepath string) (int, error) { - // if the string is actually a gid integer, parse to int and return - // as we don't need to translate with the help of files - gid, err := strconv.Atoi(groupStr) - if err == nil { - return gid, nil - } - groups, err := lcUser.ParseGroupFileFilter(filepath, func(g lcUser.Group) bool { - return g.Name == groupStr - }) - if err != nil { - return 0, err - } - if len(groups) == 0 { - return 0, errors.New("no such group: " + groupStr) - } - return groups[0].Gid, nil -} - func createDestInfo(workingDir string, inst copyInstruction, imageMount *imageMount, platform string) (copyInfo, error) { // Twiddle the destination when it's a relative path - meaning, make it // relative to the WORKINGDIR diff --git a/components/engine/builder/dockerfile/internals_linux.go b/components/engine/builder/dockerfile/internals_linux.go new file mode 100644 index 0000000000..1314779248 --- /dev/null +++ b/components/engine/builder/dockerfile/internals_linux.go @@ -0,0 +1,88 @@ +package dockerfile + +import ( + "path/filepath" + "strconv" + "strings" + + "github.com/docker/docker/pkg/idtools" + "github.com/docker/docker/pkg/symlink" + lcUser "github.com/opencontainers/runc/libcontainer/user" + "github.com/pkg/errors" +) + +func parseChownFlag(chown, ctrRootPath string, idMappings *idtools.IDMappings) (idtools.IDPair, error) { + var userStr, grpStr string + parts := strings.Split(chown, ":") + if len(parts) > 2 { + return idtools.IDPair{}, errors.New("invalid chown string format: " + chown) + } + if len(parts) == 1 { + // if no group specified, use the user spec as group as well + userStr, grpStr = parts[0], parts[0] + } else { + userStr, grpStr = parts[0], parts[1] + } + + passwdPath, err := symlink.FollowSymlinkInScope(filepath.Join(ctrRootPath, "etc", "passwd"), ctrRootPath) + if err != nil { + return idtools.IDPair{}, errors.Wrapf(err, "can't resolve /etc/passwd path in container rootfs") + } + groupPath, err := symlink.FollowSymlinkInScope(filepath.Join(ctrRootPath, "etc", "group"), ctrRootPath) + if err != nil { + return idtools.IDPair{}, errors.Wrapf(err, "can't resolve /etc/group path in container rootfs") + } + uid, err := lookupUser(userStr, passwdPath) + if err != nil { + return idtools.IDPair{}, errors.Wrapf(err, "can't find uid for user "+userStr) + } + gid, err := lookupGroup(grpStr, groupPath) + if err != nil { + return idtools.IDPair{}, errors.Wrapf(err, "can't find gid for group "+grpStr) + } + + // convert as necessary because of user namespaces + chownPair, err := idMappings.ToHost(idtools.IDPair{UID: uid, GID: gid}) + if err != nil { + return idtools.IDPair{}, errors.Wrapf(err, "unable to convert uid/gid to host mapping") + } + return chownPair, nil +} + +func lookupUser(userStr, filepath string) (int, error) { + // if the string is actually a uid integer, parse to int and return + // as we don't need to translate with the help of files + uid, err := strconv.Atoi(userStr) + if err == nil { + return uid, nil + } + users, err := lcUser.ParsePasswdFileFilter(filepath, func(u lcUser.User) bool { + return u.Name == userStr + }) + if err != nil { + return 0, err + } + if len(users) == 0 { + return 0, errors.New("no such user: " + userStr) + } + return users[0].Uid, nil +} + +func lookupGroup(groupStr, filepath string) (int, error) { + // if the string is actually a gid integer, parse to int and return + // as we don't need to translate with the help of files + gid, err := strconv.Atoi(groupStr) + if err == nil { + return gid, nil + } + groups, err := lcUser.ParseGroupFileFilter(filepath, func(g lcUser.Group) bool { + return g.Name == groupStr + }) + if err != nil { + return 0, err + } + if len(groups) == 0 { + return 0, errors.New("no such group: " + groupStr) + } + return groups[0].Gid, nil +} diff --git a/components/engine/builder/dockerfile/internals_linux_test.go b/components/engine/builder/dockerfile/internals_linux_test.go new file mode 100644 index 0000000000..dd23a33307 --- /dev/null +++ b/components/engine/builder/dockerfile/internals_linux_test.go @@ -0,0 +1,138 @@ +package dockerfile + +import ( + "os" + "path/filepath" + "testing" + + "github.com/docker/docker/pkg/idtools" + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func TestChownFlagParsing(t *testing.T) { + testFiles := map[string]string{ + "passwd": `root:x:0:0::/bin:/bin/false +bin:x:1:1::/bin:/bin/false +wwwwww:x:21:33::/bin:/bin/false +unicorn:x:1001:1002::/bin:/bin/false + `, + "group": `root:x:0: +bin:x:1: +wwwwww:x:33: +unicorn:x:1002: +somegrp:x:5555: +othergrp:x:6666: + `, + } + // test mappings for validating use of maps + idMaps := []idtools.IDMap{ + { + ContainerID: 0, + HostID: 100000, + Size: 65536, + }, + } + remapped := idtools.NewIDMappingsFromMaps(idMaps, idMaps) + unmapped := &idtools.IDMappings{} + + contextDir, cleanup := createTestTempDir(t, "", "builder-chown-parse-test") + defer cleanup() + + if err := os.Mkdir(filepath.Join(contextDir, "etc"), 0755); err != nil { + t.Fatalf("error creating test directory: %v", err) + } + + for filename, content := range testFiles { + createTestTempFile(t, filepath.Join(contextDir, "etc"), filename, content, 0644) + } + + // positive tests + for _, testcase := range []struct { + name string + chownStr string + idMapping *idtools.IDMappings + expected idtools.IDPair + }{ + { + name: "UIDNoMap", + chownStr: "1", + idMapping: unmapped, + expected: idtools.IDPair{UID: 1, GID: 1}, + }, + { + name: "UIDGIDNoMap", + chownStr: "0:1", + idMapping: unmapped, + expected: idtools.IDPair{UID: 0, GID: 1}, + }, + { + name: "UIDWithMap", + chownStr: "0", + idMapping: remapped, + expected: idtools.IDPair{UID: 100000, GID: 100000}, + }, + { + name: "UIDGIDWithMap", + chownStr: "1:33", + idMapping: remapped, + expected: idtools.IDPair{UID: 100001, GID: 100033}, + }, + { + name: "UserNoMap", + chownStr: "bin:5555", + idMapping: unmapped, + expected: idtools.IDPair{UID: 1, GID: 5555}, + }, + { + name: "GroupWithMap", + chownStr: "0:unicorn", + idMapping: remapped, + expected: idtools.IDPair{UID: 100000, GID: 101002}, + }, + { + name: "UserOnlyWithMap", + chownStr: "unicorn", + idMapping: remapped, + expected: idtools.IDPair{UID: 101001, GID: 101002}, + }, + } { + t.Run(testcase.name, func(t *testing.T) { + idPair, err := parseChownFlag(testcase.chownStr, contextDir, testcase.idMapping) + require.NoError(t, err, "Failed to parse chown flag: %q", testcase.chownStr) + assert.Equal(t, testcase.expected, idPair, "chown flag mapping failure") + }) + } + + // error tests + for _, testcase := range []struct { + name string + chownStr string + idMapping *idtools.IDMappings + descr string + }{ + { + name: "BadChownFlagFormat", + chownStr: "bob:1:555", + idMapping: unmapped, + descr: "invalid chown string format: bob:1:555", + }, + { + name: "UserNoExist", + chownStr: "bob", + idMapping: unmapped, + descr: "can't find uid for user bob: no such user: bob", + }, + { + name: "GroupNoExist", + chownStr: "root:bob", + idMapping: unmapped, + descr: "can't find gid for group bob: no such group: bob", + }, + } { + t.Run(testcase.name, func(t *testing.T) { + _, err := parseChownFlag(testcase.chownStr, contextDir, testcase.idMapping) + assert.EqualError(t, err, testcase.descr, "Expected error string doesn't match") + }) + } +} diff --git a/components/engine/builder/dockerfile/internals_test.go b/components/engine/builder/dockerfile/internals_test.go index 83a207c455..04c8c4bac8 100644 --- a/components/engine/builder/dockerfile/internals_test.go +++ b/components/engine/builder/dockerfile/internals_test.go @@ -2,8 +2,6 @@ package dockerfile import ( "fmt" - "os" - "path/filepath" "runtime" "testing" @@ -13,7 +11,6 @@ import ( "github.com/docker/docker/builder" "github.com/docker/docker/builder/remotecontext" "github.com/docker/docker/pkg/archive" - "github.com/docker/docker/pkg/idtools" "github.com/docker/go-connections/nat" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" @@ -171,130 +168,3 @@ func TestDeepCopyRunConfig(t *testing.T) { copy.Shell[0] = "sh" assert.Equal(t, fullMutableRunConfig(), runConfig) } - -func TestChownFlagParsing(t *testing.T) { - testFiles := map[string]string{ - "passwd": `root:x:0:0::/bin:/bin/false -bin:x:1:1::/bin:/bin/false -wwwwww:x:21:33::/bin:/bin/false -unicorn:x:1001:1002::/bin:/bin/false - `, - "group": `root:x:0: -bin:x:1: -wwwwww:x:33: -unicorn:x:1002: -somegrp:x:5555: -othergrp:x:6666: - `, - } - // test mappings for validating use of maps - idMaps := []idtools.IDMap{ - { - ContainerID: 0, - HostID: 100000, - Size: 65536, - }, - } - remapped := idtools.NewIDMappingsFromMaps(idMaps, idMaps) - unmapped := &idtools.IDMappings{} - - contextDir, cleanup := createTestTempDir(t, "", "builder-chown-parse-test") - defer cleanup() - - if err := os.Mkdir(filepath.Join(contextDir, "etc"), 0755); err != nil { - t.Fatalf("error creating test directory: %v", err) - } - - for filename, content := range testFiles { - createTestTempFile(t, filepath.Join(contextDir, "etc"), filename, content, 0644) - } - - // positive tests - for _, testcase := range []struct { - name string - chownStr string - idMapping *idtools.IDMappings - expected idtools.IDPair - }{ - { - name: "UIDNoMap", - chownStr: "1", - idMapping: unmapped, - expected: idtools.IDPair{UID: 1, GID: 1}, - }, - { - name: "UIDGIDNoMap", - chownStr: "0:1", - idMapping: unmapped, - expected: idtools.IDPair{UID: 0, GID: 1}, - }, - { - name: "UIDWithMap", - chownStr: "0", - idMapping: remapped, - expected: idtools.IDPair{UID: 100000, GID: 100000}, - }, - { - name: "UIDGIDWithMap", - chownStr: "1:33", - idMapping: remapped, - expected: idtools.IDPair{UID: 100001, GID: 100033}, - }, - { - name: "UserNoMap", - chownStr: "bin:5555", - idMapping: unmapped, - expected: idtools.IDPair{UID: 1, GID: 5555}, - }, - { - name: "GroupWithMap", - chownStr: "0:unicorn", - idMapping: remapped, - expected: idtools.IDPair{UID: 100000, GID: 101002}, - }, - { - name: "UserOnlyWithMap", - chownStr: "unicorn", - idMapping: remapped, - expected: idtools.IDPair{UID: 101001, GID: 101002}, - }, - } { - t.Run(testcase.name, func(t *testing.T) { - idPair, err := parseChownFlag(testcase.chownStr, contextDir, testcase.idMapping) - require.NoError(t, err, "Failed to parse chown flag: %q", testcase.chownStr) - assert.Equal(t, testcase.expected, idPair, "chown flag mapping failure") - }) - } - - // error tests - for _, testcase := range []struct { - name string - chownStr string - idMapping *idtools.IDMappings - descr string - }{ - { - name: "BadChownFlagFormat", - chownStr: "bob:1:555", - idMapping: unmapped, - descr: "invalid chown string format: bob:1:555", - }, - { - name: "UserNoExist", - chownStr: "bob", - idMapping: unmapped, - descr: "can't find uid for user bob: no such user: bob", - }, - { - name: "GroupNoExist", - chownStr: "root:bob", - idMapping: unmapped, - descr: "can't find gid for group bob: no such group: bob", - }, - } { - t.Run(testcase.name, func(t *testing.T) { - _, err := parseChownFlag(testcase.chownStr, contextDir, testcase.idMapping) - assert.EqualError(t, err, testcase.descr, "Expected error string doesn't match") - }) - } -} diff --git a/components/engine/builder/dockerfile/internals_windows.go b/components/engine/builder/dockerfile/internals_windows.go new file mode 100644 index 0000000000..931df2f02a --- /dev/null +++ b/components/engine/builder/dockerfile/internals_windows.go @@ -0,0 +1,7 @@ +package dockerfile + +import "github.com/docker/docker/pkg/idtools" + +func parseChownFlag(chown, ctrRootPath string, idMappings *idtools.IDMappings) (idtools.IDPair, error) { + return idMappings.RootPair(), nil +} diff --git a/components/engine/hack/dockerfile/binaries-commits b/components/engine/hack/dockerfile/binaries-commits index eddec4034e..b2f55b09c0 100644 --- a/components/engine/hack/dockerfile/binaries-commits +++ b/components/engine/hack/dockerfile/binaries-commits @@ -3,12 +3,12 @@ TOMLV_COMMIT=9baf8a8a9f2ed20a8e54160840c492f937eeaf9a # When updating RUNC_COMMIT, also update runc in vendor.conf accordingly -RUNC_COMMIT=b2567b37d7b75eb4cf325b77297b140ea686ce8f +RUNC_COMMIT=7f24b40cc5423969b4554ef04ba0b00e2b4ba010 # containerd is also pinned in vendor.conf. When updating the binary # version you may also need to update the vendor version to pick up bug # fixes or new APIs. -CONTAINERD_COMMIT=89623f28b87a6004d4b785663257362d1658a729 # v1.0.0 +CONTAINERD_COMMIT=9b55aab90508bd389d7654c4baf173a981477d55 # v1.0.1 TINI_COMMIT=949e6facb77383876aeff8a6944dde66b3089574 LIBNETWORK_COMMIT=7b2b1feb1de4817d522cc372af149ff48d25028e VNDR_COMMIT=a6e196d8b4b0cbbdc29aebdb20c59ac6926bb384 diff --git a/components/engine/integration-cli/docker_cli_run_test.go b/components/engine/integration-cli/docker_cli_run_test.go index 90d5b46536..bf0cb0ddf8 100644 --- a/components/engine/integration-cli/docker_cli_run_test.go +++ b/components/engine/integration-cli/docker_cli_run_test.go @@ -36,7 +36,6 @@ import ( "github.com/docker/libnetwork/types" "github.com/go-check/check" "github.com/gotestyourself/gotestyourself/icmd" - libcontainerUser "github.com/opencontainers/runc/libcontainer/user" "golang.org/x/net/context" ) @@ -751,7 +750,7 @@ func (s *DockerSuite) TestRunUserByIDBig(c *check.C) { if err == nil { c.Fatal("No error, but must be.", out) } - if !strings.Contains(strings.ToUpper(out), strings.ToUpper(libcontainerUser.ErrRange.Error())) { + if !strings.Contains(strings.ToLower(out), "uids and gids must be in range") { c.Fatalf("expected error about uids range, got %s", out) } } @@ -764,7 +763,7 @@ func (s *DockerSuite) TestRunUserByIDNegative(c *check.C) { if err == nil { c.Fatal("No error, but must be.", out) } - if !strings.Contains(strings.ToUpper(out), strings.ToUpper(libcontainerUser.ErrRange.Error())) { + if !strings.Contains(strings.ToLower(out), "uids and gids must be in range") { c.Fatalf("expected error about uids range, got %s", out) } } diff --git a/components/engine/vendor.conf b/components/engine/vendor.conf index b417be6951..04c31aa9ac 100644 --- a/components/engine/vendor.conf +++ b/components/engine/vendor.conf @@ -66,7 +66,7 @@ github.com/pborman/uuid v1.0 google.golang.org/grpc v1.3.0 # When updating, also update RUNC_COMMIT in hack/dockerfile/binaries-commits accordingly -github.com/opencontainers/runc b2567b37d7b75eb4cf325b77297b140ea686ce8f +github.com/opencontainers/runc 7f24b40cc5423969b4554ef04ba0b00e2b4ba010 github.com/opencontainers/runtime-spec v1.0.1 github.com/opencontainers/image-spec v1.0.1 github.com/seccomp/libseccomp-golang 32f571b70023028bd57d9288c20efbcb237f3ce0 diff --git a/components/engine/vendor/github.com/opencontainers/runc/README.md b/components/engine/vendor/github.com/opencontainers/runc/README.md index eabfb982bf..3ca7a1a227 100644 --- a/components/engine/vendor/github.com/opencontainers/runc/README.md +++ b/components/engine/vendor/github.com/opencontainers/runc/README.md @@ -56,7 +56,7 @@ make BUILDTAGS='seccomp apparmor' |-----------|------------------------------------|-------------| | seccomp | Syscall filtering | libseccomp | | selinux | selinux process and mount labeling | | -| apparmor | apparmor profile support | libapparmor | +| apparmor | apparmor profile support | | | ambient | ambient capability support | kernel 4.3 | diff --git a/components/engine/vendor/github.com/opencontainers/runc/libcontainer/apparmor/apparmor.go b/components/engine/vendor/github.com/opencontainers/runc/libcontainer/apparmor/apparmor.go index 82ed1a68a6..7fff0627fa 100644 --- a/components/engine/vendor/github.com/opencontainers/runc/libcontainer/apparmor/apparmor.go +++ b/components/engine/vendor/github.com/opencontainers/runc/libcontainer/apparmor/apparmor.go @@ -2,15 +2,10 @@ package apparmor -// #cgo LDFLAGS: -lapparmor -// #include -// #include -import "C" import ( "fmt" "io/ioutil" "os" - "unsafe" ) // IsEnabled returns true if apparmor is enabled for the host. @@ -24,16 +19,36 @@ func IsEnabled() bool { return false } +func setprocattr(attr, value string) error { + // Under AppArmor you can only change your own attr, so use /proc/self/ + // instead of /proc// like libapparmor does + path := fmt.Sprintf("/proc/self/attr/%s", attr) + + f, err := os.OpenFile(path, os.O_WRONLY, 0) + if err != nil { + return err + } + defer f.Close() + + _, err = fmt.Fprintf(f, "%s", value) + return err +} + +// changeOnExec reimplements aa_change_onexec from libapparmor in Go +func changeOnExec(name string) error { + value := "exec " + name + if err := setprocattr("exec", value); err != nil { + return fmt.Errorf("apparmor failed to apply profile: %s", err) + } + return nil +} + // ApplyProfile will apply the profile with the specified name to the process after // the next exec. func ApplyProfile(name string) error { if name == "" { return nil } - cName := C.CString(name) - defer C.free(unsafe.Pointer(cName)) - if _, err := C.aa_change_onexec(cName); err != nil { - return fmt.Errorf("apparmor failed to apply profile: %s", err) - } - return nil + + return changeOnExec(name) } diff --git a/components/engine/vendor/github.com/opencontainers/runc/libcontainer/configs/cgroup_unsupported.go b/components/engine/vendor/github.com/opencontainers/runc/libcontainer/configs/cgroup_unsupported.go deleted file mode 100644 index 95e2830a43..0000000000 --- a/components/engine/vendor/github.com/opencontainers/runc/libcontainer/configs/cgroup_unsupported.go +++ /dev/null @@ -1,6 +0,0 @@ -// +build !windows,!linux,!freebsd - -package configs - -type Cgroup struct { -} diff --git a/components/engine/vendor/github.com/opencontainers/runc/libcontainer/configs/device_defaults.go b/components/engine/vendor/github.com/opencontainers/runc/libcontainer/configs/device_defaults.go index 4d348d217e..e4f423c523 100644 --- a/components/engine/vendor/github.com/opencontainers/runc/libcontainer/configs/device_defaults.go +++ b/components/engine/vendor/github.com/opencontainers/runc/libcontainer/configs/device_defaults.go @@ -1,4 +1,4 @@ -// +build linux freebsd +// +build linux package configs diff --git a/components/engine/vendor/github.com/opencontainers/runc/libcontainer/devices/devices_linux.go b/components/engine/vendor/github.com/opencontainers/runc/libcontainer/devices/devices.go similarity index 100% rename from components/engine/vendor/github.com/opencontainers/runc/libcontainer/devices/devices_linux.go rename to components/engine/vendor/github.com/opencontainers/runc/libcontainer/devices/devices.go diff --git a/components/engine/vendor/github.com/opencontainers/runc/libcontainer/devices/devices_unsupported.go b/components/engine/vendor/github.com/opencontainers/runc/libcontainer/devices/devices_unsupported.go deleted file mode 100644 index 6649b9f2dc..0000000000 --- a/components/engine/vendor/github.com/opencontainers/runc/libcontainer/devices/devices_unsupported.go +++ /dev/null @@ -1,3 +0,0 @@ -// +build !linux - -package devices diff --git a/components/engine/vendor/github.com/opencontainers/runc/libcontainer/system/sysconfig.go b/components/engine/vendor/github.com/opencontainers/runc/libcontainer/system/sysconfig.go index b3a07cba3e..b8434f1050 100644 --- a/components/engine/vendor/github.com/opencontainers/runc/libcontainer/system/sysconfig.go +++ b/components/engine/vendor/github.com/opencontainers/runc/libcontainer/system/sysconfig.go @@ -1,4 +1,4 @@ -// +build cgo,linux cgo,freebsd +// +build cgo,linux package system diff --git a/components/engine/vendor/github.com/opencontainers/runc/libcontainer/user/lookup_unsupported.go b/components/engine/vendor/github.com/opencontainers/runc/libcontainer/user/lookup_unsupported.go deleted file mode 100644 index 4a8d00acbd..0000000000 --- a/components/engine/vendor/github.com/opencontainers/runc/libcontainer/user/lookup_unsupported.go +++ /dev/null @@ -1,38 +0,0 @@ -// +build !darwin,!dragonfly,!freebsd,!linux,!netbsd,!openbsd,!solaris - -package user - -import ( - "io" - "syscall" -) - -func GetPasswdPath() (string, error) { - return "", ErrUnsupported -} - -func GetPasswd() (io.ReadCloser, error) { - return nil, ErrUnsupported -} - -func GetGroupPath() (string, error) { - return "", ErrUnsupported -} - -func GetGroup() (io.ReadCloser, error) { - return nil, ErrUnsupported -} - -// CurrentUser looks up the current user by their user id in /etc/passwd. If the -// user cannot be found (or there is no /etc/passwd file on the filesystem), -// then CurrentUser returns an error. -func CurrentUser() (User, error) { - return LookupUid(syscall.Getuid()) -} - -// CurrentGroup looks up the current user's group by their primary group id's -// entry in /etc/passwd. If the group cannot be found (or there is no -// /etc/group file on the filesystem), then CurrentGroup returns an error. -func CurrentGroup() (Group, error) { - return LookupGid(syscall.Getgid()) -}