remove dependency on /sbin/ip binary

rootless-containers / rootlesskit

Linux-native "fake root" for implementing rootless containers

Apache License 2.0

953 stars 96 forks source link

remove dependency on /sbin/ip binary #36

Open AkihiroSuda opened 5 years ago

Zyqsempai commented 4 years ago

@AkihiroSuda Is this still actual?

AkihiroSuda commented 4 years ago

yes, we should still do this ideally (but tricky because of nsenter stuff)

Zyqsempai commented 4 years ago

@AkihiroSuda What do you think about using those packages: For netlink operations we can use https://godoc.org/github.com/vishvananda/netlink and for nsenter https://godoc.org/github.com/kata-containers/runtime/virtcontainers/pkg/nsenter

By the end we will get something like this

funcToRun := func() error {
    err := netlink.LinkSetUp(tap)
    if err != nil {
        return err
    }

    return nil
}

err = nsenter.NsEnter(nsList, funcToRun)

AkihiroSuda commented 4 years ago

You can't nsenter userns in Go.

AkihiroSuda commented 4 years ago

So, we should have IPC across the parent and the child process to remove nsenter dependency.