01d0031487
This PR adds a plugin to create tap devices. The plugin adds a tap device to the container. The plugin has a workaround for a golang netlink library which does not allow for tap devices with no owner/group to be created. When no tap owner/group is requested, the plugin will fall back to using the ip tool for creating the tap device. A fix to the golang netlink lib is pending. Signed-off-by: mmirecki <mmirecki@redhat.com>
39 lines
871 B
Go
39 lines
871 B
Go
package selinux
|
|
|
|
import (
|
|
"golang.org/x/sys/unix"
|
|
)
|
|
|
|
// lgetxattr returns a []byte slice containing the value of
|
|
// an extended attribute attr set for path.
|
|
func lgetxattr(path, attr string) ([]byte, error) {
|
|
// Start with a 128 length byte array
|
|
dest := make([]byte, 128)
|
|
sz, errno := doLgetxattr(path, attr, dest)
|
|
for errno == unix.ERANGE {
|
|
// Buffer too small, use zero-sized buffer to get the actual size
|
|
sz, errno = doLgetxattr(path, attr, []byte{})
|
|
if errno != nil {
|
|
return nil, errno
|
|
}
|
|
|
|
dest = make([]byte, sz)
|
|
sz, errno = doLgetxattr(path, attr, dest)
|
|
}
|
|
if errno != nil {
|
|
return nil, errno
|
|
}
|
|
|
|
return dest[:sz], nil
|
|
}
|
|
|
|
// doLgetxattr is a wrapper that retries on EINTR
|
|
func doLgetxattr(path, attr string, dest []byte) (int, error) {
|
|
for {
|
|
sz, err := unix.Lgetxattr(path, attr, dest)
|
|
if err != unix.EINTR {
|
|
return sz, err
|
|
}
|
|
}
|
|
}
|