本文整理匯總了Golang中github.com/opencontainers/runc/libcontainer/user.LookupGroup函數的典型用法代碼示例。如果您正苦於以下問題:Golang LookupGroup函數的具體用法?Golang LookupGroup怎麽用?Golang LookupGroup使用的例子?那麽, 這裏精選的函數代碼示例或許可以為您提供幫助。
在下文中一共展示了LookupGroup函數的9個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Golang代碼示例。
示例1: Exists
func (u *DefGroup) Exists() (bool, error) {
_, err := user.LookupGroup(u.groupname)
if err != nil {
return false, nil
}
return true, nil
}示例2: GID
func (u *DefGroup) GID() (int, error) {
group, err := user.LookupGroup(u.groupname)
if err != nil {
return 0, err
}
return group.Gid, nil
}示例3: Gid
func (u *DefGroup) Gid() (interface{}, error) {
group, err := user.LookupGroup(u.groupname)
if err != nil {
return "", nil
}
return strconv.Itoa(group.Gid), nil
}示例4: LookupGroup
// LookupGroup uses traditional local system files lookup (from libcontainer/user) on a group name,
// followed by a call to `getent` for supporting host configured non-files passwd and group dbs
func LookupGroup(groupname string) (user.Group, error) {
// first try a local system files lookup using existing capabilities
group, err := user.LookupGroup(groupname)
if err == nil {
return group, nil
}
// local files lookup failed; attempt to call `getent` to query configured group dbs
return getentGroup(fmt.Sprintf("%s %s", "group", groupname))
}示例5: parseMappings
func parseMappings(config *specs.LinuxRuntimeSpec, hc *containertypes.HostConfig) error {
for _, g := range hc.GroupAdd {
var newGidMap = []specs.IDMapping{}
group, err := user.LookupGroup(g)
if err != nil {
return fmt.Errorf("looking up group %s failed: %v", g, err)
}
gid := uint32(group.Gid)
for _, gm := range config.Linux.GIDMappings {
if (gm.ContainerID+gm.Size) >= gid && gm.ContainerID <= gid {
size := gm.Size
// split the config.Linux.GIDMappingsping up so we can map to the additional group
gm.Size = gid - gm.ContainerID - 1
// add the gid maps for the additional groups
newGidMap = append(newGidMap, specs.IDMapping{
ContainerID: gid,
HostID: gid,
Size: 1,
})
// add the other side of the split
newGidMap = append(newGidMap, specs.IDMapping{
ContainerID: gid + 1,
HostID: gm.HostID + gid - 1,
Size: size - gid - 1,
})
}
// add back original gm
newGidMap = append(newGidMap, gm)
}
config.Linux.GIDMappings = newGidMap
}
return nil
}示例6: parseRemappedRoot
// Parse the remapped root (user namespace) option, which can be one of:
// username - valid username from /etc/passwd
// username:groupname - valid username; valid groupname from /etc/group
// uid - 32-bit unsigned int valid Linux UID value
// uid:gid - uid value; 32-bit unsigned int Linux GID value
//
// If no groupname is specified, and a username is specified, an attempt
// will be made to lookup a gid for that username as a groupname
//
// If names are used, they are verified to exist in passwd/group
func parseRemappedRoot(usergrp string) (string, string, error) {
var (
userID, groupID int
username, groupname string
)
idparts := strings.Split(usergrp, ":")
if len(idparts) > 2 {
return "", "", fmt.Errorf("Invalid user/group specification in --userns-remap: %q", usergrp)
}
if uid, err := strconv.ParseInt(idparts[0], 10, 32); err == nil {
// must be a uid; take it as valid
userID = int(uid)
luser, err := user.LookupUid(userID)
if err != nil {
return "", "", fmt.Errorf("Uid %d has no entry in /etc/passwd: %v", userID, err)
}
username = luser.Name
if len(idparts) == 1 {
// if the uid was numeric and no gid was specified, take the uid as the gid
groupID = userID
lgrp, err := user.LookupGid(groupID)
if err != nil {
return "", "", fmt.Errorf("Gid %d has no entry in /etc/group: %v", groupID, err)
}
groupname = lgrp.Name
}
} else {
lookupName := idparts[0]
// special case: if the user specified "default", they want Docker to create or
// use (after creation) the "dockremap" user/group for root remapping
if lookupName == defaultIDSpecifier {
lookupName = defaultRemappedID
}
luser, err := user.LookupUser(lookupName)
if err != nil && idparts[0] != defaultIDSpecifier {
// error if the name requested isn't the special "dockremap" ID
return "", "", fmt.Errorf("Error during uid lookup for %q: %v", lookupName, err)
} else if err != nil {
// special case-- if the username == "default", then we have been asked
// to create a new entry pair in /etc/{passwd,group} for which the /etc/sub{uid,gid}
// ranges will be used for the user and group mappings in user namespaced containers
_, _, err := idtools.AddNamespaceRangesUser(defaultRemappedID)
if err == nil {
return defaultRemappedID, defaultRemappedID, nil
}
return "", "", fmt.Errorf("Error during %q user creation: %v", defaultRemappedID, err)
}
userID = luser.Uid
username = luser.Name
if len(idparts) == 1 {
// we only have a string username, and no group specified; look up gid from username as group
group, err := user.LookupGroup(lookupName)
if err != nil {
return "", "", fmt.Errorf("Error during gid lookup for %q: %v", lookupName, err)
}
groupID = group.Gid
groupname = group.Name
}
}
if len(idparts) == 2 {
// groupname or gid is separately specified and must be resolved
// to a unsigned 32-bit gid
if gid, err := strconv.ParseInt(idparts[1], 10, 32); err == nil {
// must be a gid, take it as valid
groupID = int(gid)
lgrp, err := user.LookupGid(groupID)
if err != nil {
return "", "", fmt.Errorf("Gid %d has no entry in /etc/passwd: %v", groupID, err)
}
groupname = lgrp.Name
} else {
// not a number; attempt a lookup
group, err := user.LookupGroup(idparts[1])
if err != nil {
return "", "", fmt.Errorf("Error during gid lookup for %q: %v", idparts[1], err)
}
groupID = group.Gid
groupname = idparts[1]
}
}
return username, groupname, nil
}示例7: Config
// Config takes ContainerJSON and Daemon Info and converts it into the opencontainers spec.
func Config(c types.ContainerJSON, info types.Info, capabilities []string) (config *specs.LinuxSpec, err error) {
config = &specs.LinuxSpec{
Spec: specs.Spec{
Version: SpecVersion,
Platform: specs.Platform{
OS: info.OSType,
Arch: info.Architecture,
},
Process: specs.Process{
Terminal: c.Config.Tty,
User: specs.User{
// TODO: user stuffs
},
Args: append([]string{c.Path}, c.Args...),
Env: c.Config.Env,
Cwd: c.Config.WorkingDir,
},
Root: specs.Root{
Path: "rootfs",
Readonly: c.HostConfig.ReadonlyRootfs,
},
Mounts: []specs.MountPoint{},
},
}
// make sure the current working directory is not blank
if config.Process.Cwd == "" {
config.Process.Cwd = DefaultCurrentWorkingDirectory
}
// get the user
if c.Config.User != "" {
u, err := user.LookupUser(c.Config.User)
if err != nil {
config.Spec.Process.User = specs.User{
UID: uint32(u.Uid),
GID: uint32(u.Gid),
}
} else {
//return nil, fmt.Errorf("Looking up user (%s) failed: %v", c.Config.User, err)
logrus.Warnf("Looking up user (%s) failed: %v", c.Config.User, err)
}
}
// add the additional groups
for _, group := range c.HostConfig.GroupAdd {
g, err := user.LookupGroup(group)
if err != nil {
return nil, fmt.Errorf("Looking up group (%s) failed: %v", group, err)
}
config.Spec.Process.User.AdditionalGids = append(config.Spec.Process.User.AdditionalGids, uint32(g.Gid))
}
// get the hostname, if the hostname is the name as the first 12 characters of the id,
// then set the hostname as the container name
if c.ID[:12] == c.Config.Hostname {
config.Hostname = strings.TrimPrefix(c.Name, "/")
}
// get mounts
mounts := map[string]bool{}
for _, mount := range c.Mounts {
mounts[mount.Destination] = true
config.Mounts = append(config.Mounts, specs.MountPoint{
Name: mount.Destination,
Path: mount.Destination,
})
}
// add /etc/hosts and /etc/resolv.conf if we should have networking
if c.HostConfig.NetworkMode != "none" && c.HostConfig.NetworkMode != "host" {
DefaultMounts = append(DefaultMounts, NetworkMounts...)
}
// if we aren't doing something crazy like mounting a default mount ourselves,
// the we can mount it the default way
for _, mount := range DefaultMounts {
if _, ok := mounts[mount.Path]; !ok {
config.Mounts = append(config.Mounts, mount)
}
}
// set privileged
if c.HostConfig.Privileged {
// allow all caps
capabilities = execdriver.GetAllCapabilities()
}
// get the capabilities
config.Linux.Capabilities, err = execdriver.TweakCapabilities(capabilities, c.HostConfig.CapAdd.Slice(), c.HostConfig.CapDrop.Slice())
if err != nil {
return nil, fmt.Errorf("setting capabilities failed: %v", err)
}
// add CAP_ prefix
// TODO: this is awful
for i, cap := range config.Linux.Capabilities {
if !strings.HasPrefix(cap, "CAP_") {
config.Linux.Capabilities[i] = fmt.Sprintf("CAP_%s", cap)
}
//.........這裏部分代碼省略.........
示例8: TestParseMappings
func TestParseMappings(t *testing.T) {
groupIDs := map[string]uint32{}
groups := []string{"audio", "video"}
for _, g := range groups {
group, err := user.LookupGroup(g)
if err != nil {
t.Fatalf("looking up group %s failed: %v", g, err)
}
groupIDs[g] = uint32(group.Gid)
}
tests := []mappings{
{
gidMap: []specs.IDMapping{
{
ContainerID: 0,
HostID: 87645,
Size: 46578392,
},
},
additionalGroups: []string{"audio"},
expected: []specs.IDMapping{
{
ContainerID: groupIDs["audio"],
HostID: groupIDs["audio"],
Size: 1,
},
{
ContainerID: groupIDs["audio"] + 1,
HostID: 87645 + groupIDs["audio"] - 1,
Size: 46578392 - groupIDs["audio"] - 1,
},
{
ContainerID: 0,
HostID: 87645,
Size: groupIDs["audio"] - 1,
},
},
},
{
gidMap: []specs.IDMapping{
{
ContainerID: 0,
HostID: 87645,
Size: 46578392,
},
},
additionalGroups: []string{"audio", "video"},
expected: []specs.IDMapping{
{
ContainerID: groupIDs["audio"],
HostID: groupIDs["audio"],
Size: 1,
},
{
ContainerID: groupIDs["video"],
HostID: groupIDs["video"],
Size: 1,
},
{
ContainerID: groupIDs["video"] + 1,
HostID: (87645 + groupIDs["audio"] - 1) + groupIDs["video"] - 1,
Size: 46578392 - groupIDs["video"] - groupIDs["audio"] - 2,
},
{
ContainerID: groupIDs["audio"] + 1,
HostID: 87645 + groupIDs["audio"] - 1,
Size: groupIDs["video"] - groupIDs["audio"] - 2,
},
{
ContainerID: 0,
HostID: 87645,
Size: groupIDs["audio"] - 1,
},
},
},
}
for _, test := range tests {
// make config
config := &specs.LinuxRuntimeSpec{
Linux: specs.LinuxRuntime{
GIDMappings: test.gidMap,
},
}
hostConfig := &containertypes.HostConfig{
GroupAdd: test.additionalGroups,
}
if err := parseMappings(config, hostConfig); err != nil {
t.Fatal(err)
}
if !reflect.DeepEqual(test.expected, config.Linux.GIDMappings) {
t.Fatalf("expected:\n%#v\ngot:\n%#v", test.expected, config.Linux.GIDMappings)
}
}
}示例9: Config
//.........這裏部分代碼省略.........
},
Pids: &specs.Pids{
Limit: &c.HostConfig.Resources.PidsLimit,
},
BlockIO: &specs.BlockIO{
Weight: &c.HostConfig.Resources.BlkioWeight,
// TODO: add parsing for Throttle/Weight Devices
},
},
RootfsPropagation: "",
},
}
// make sure the current working directory is not blank
if config.Process.Cwd == "" {
config.Process.Cwd = DefaultCurrentWorkingDirectory
}
// get the user
if c.Config.User != "" {
u, err := user.LookupUser(c.Config.User)
if err != nil {
config.Process.User = specs.User{
UID: uint32(u.Uid),
GID: uint32(u.Gid),
}
} else {
//return nil, fmt.Errorf("Looking up user (%s) failed: %v", c.Config.User, err)
logrus.Warnf("Looking up user (%s) failed: %v", c.Config.User, err)
}
}
// add the additional groups
for _, group := range c.HostConfig.GroupAdd {
g, err := user.LookupGroup(group)
if err != nil {
return nil, fmt.Errorf("Looking up group (%s) failed: %v", group, err)
}
config.Process.User.AdditionalGids = append(config.Process.User.AdditionalGids, uint32(g.Gid))
}
// get the hostname, if the hostname is the name as the first 12 characters of the id,
// then set the hostname as the container name
if c.ID[:12] == c.Config.Hostname {
config.Hostname = strings.TrimPrefix(c.Name, "/")
}
// set privileged
if c.HostConfig.Privileged {
// allow all caps
capabilities = execdriver.GetAllCapabilities()
}
// get the capabilities
config.Process.Capabilities, err = execdriver.TweakCapabilities(capabilities, c.HostConfig.CapAdd, c.HostConfig.CapDrop)
if err != nil {
return nil, fmt.Errorf("setting capabilities failed: %v", err)
}
// add CAP_ prefix
// TODO: this is awful
for i, cap := range config.Process.Capabilities {
if !strings.HasPrefix(cap, "CAP_") {
config.Process.Capabilities[i] = fmt.Sprintf("CAP_%s", cap)
}
}