userns_linux.go

Documentation: github.com/opencontainers/runc/libcontainer/userns

     1  package userns
     2  
     3  import (
     4  	"sync"
     5  
     6  	"github.com/opencontainers/runc/libcontainer/user"
     7  )
     8  
     9  var (
    10  	inUserNS bool
    11  	nsOnce   sync.Once
    12  )
    13  
    14  // runningInUserNS detects whether we are currently running in a user namespace.
    15  // Originally copied from github.com/lxc/lxd/shared/util.go
    16  func runningInUserNS() bool {
    17  	nsOnce.Do(func() {
    18  		uidmap, err := user.CurrentProcessUIDMap()
    19  		if err != nil {
    20  			// This kernel-provided file only exists if user namespaces are supported
    21  			return
    22  		}
    23  		inUserNS = uidMapInUserNS(uidmap)
    24  	})
    25  	return inUserNS
    26  }
    27  
    28  func uidMapInUserNS(uidmap []user.IDMap) bool {
    29  	/*
    30  	 * We assume we are in the initial user namespace if we have a full
    31  	 * range - 4294967295 uids starting at uid 0.
    32  	 */
    33  	if len(uidmap) == 1 && uidmap[0].ID == 0 && uidmap[0].ParentID == 0 && uidmap[0].Count == 4294967295 {
    34  		return false
    35  	}
    36  	return true
    37  }
    38

View as plain text