Add support for /run/.containerenv

Container processes want to check for the existence of this file to determine if they are running inside of a container. Signed-off-by: Daniel J Walsh <[email protected]>
containers · Sep 6, 2019 · bc99264 · bc99264
1 parent 4da1d5d
commit bc99264
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 0 deletions.
diff --git a/run_linux.go b/run_linux.go
@@ -181,6 +181,17 @@ func (b *Builder) Run(command []string, options RunOptions) error {
  }
  bindFiles["/etc/resolv.conf"] = resolvFile
  }
+ // Empty file, so no need to recreate if it exists
+ if _, ok := bindFiles["/run/.containerenv"]; !ok {
+ // Empty string for now, but we may consider populating this later
+ containerenvPath := filepath.Join(path, "/run/.containerenv")
+ emptyFile, err := os.Create(containerenvPath)
+ if err != nil {
+ return err
+ }
+ emptyFile.Close()
+ bindFiles["/run/.containerenv"] = containerenvPath
+ }
 
  err = b.setupMounts(mountPoint, spec, path, options.Mounts, bindFiles, volumes, b.CommonBuildOpts.Volumes, b.CommonBuildOpts.ShmSize, namespaceOptions)
  if err != nil {

diff --git a/tests/run.bats b/tests/run.bats
@@ -370,3 +370,13 @@ function configure_and_check_user() {
  cid=$(buildah from --pull --signature-policy ${TESTSDIR}/policy.json alpine)
  run_buildah 42 run ${cid} sh -c 'exit 42'
 }
+
+@test "Verify /run/.containerenv exist" {
+ if ! which runc ; then
+ skip "no runc in PATH"
+ fi
+ cid=$(buildah from --pull --signature-policy ${TESTSDIR}/policy.json alpine)
+ # test a standard mount to /run/.containerenv
+ run_buildah --log-level=error run $cid ls -1 /run/.containerenv
+ expect_output --substring "/run/.containerenv"
+}