v0.0.0-...-02a3e46 Latest Latest

This package is not in the latest version of its module.

Go to latest
Published: Mar 1, 2015 License: Apache-2.0, Apache-2.0 Imports: 11 Imported by: 0




This section is empty.


View Source
var ErrUnsupported = errors.New("Unsupported method")


func InitializeMountNamespace

func InitializeMountNamespace(rootfs, console string, sysReadonly bool, mountConfig *MountConfig) error

InitializeMountNamespace sets up the devices, mount points, and filesystems for use inside a new mount namespace.

func MsMoveRoot

func MsMoveRoot(rootfs string) error

func PivotRoot

func PivotRoot(rootfs string) error

func RemountProc

func RemountProc() error

func RemountSys

func RemountSys() error

func SetReadonly

func SetReadonly() error

func SetupPtmx

func SetupPtmx(rootfs, consolePath, mountLabel string) error


type Mount

type Mount struct {
	Type        string `json:"type,omitempty"`
	Source      string `json:"source,omitempty"`      // Source path, in the host namespace
	Destination string `json:"destination,omitempty"` // Destination path, in the container
	Writable    bool   `json:"writable,omitempty"`
	Relabel     string `json:"relabel,omitempty"` // Relabel source if set, "z" indicates shared, "Z" indicates unshared
	Private     bool   `json:"private,omitempty"`
	Slave       bool   `json:"slave,omitempty"`

func (*Mount) Mount

func (m *Mount) Mount(rootfs, mountLabel string) error

type MountConfig

type MountConfig struct {
	// NoPivotRoot will use MS_MOVE and a chroot to jail the process into the container's rootfs
	// This is a common option when the container is running in ramdisk
	NoPivotRoot bool `json:"no_pivot_root,omitempty"`

	// ReadonlyFs will remount the container's rootfs as readonly where only externally mounted
	// bind mounts are writtable
	ReadonlyFs bool `json:"readonly_fs,omitempty"`

	// Mounts specify additional source and destination paths that will be mounted inside the container's
	// rootfs and mount namespace if specified
	Mounts []*Mount `json:"mounts,omitempty"`

	// The device nodes that should be automatically created within the container upon container start.  Note, make sure that the node is marked as allowed in the cgroup as well!
	DeviceNodes []*devices.Device `json:"device_nodes,omitempty"`

	MountLabel string `json:"mount_label,omitempty"`


Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL