cholcombe973 · July 15, 2017 01:18
diff --git a/gistfile1.txt b/gistfile1.txt
 diff --git a/src/main.rs b/src/main.rs
 index 18bcc19..70d2f2c 100644
 --- a/src/main.rs
 +++ b/src/main.rs
 @@ -404,7 +404,7 @@ fn cmd_create(
     chdir(&*bundle).chain_err(
         || format!("failed to chdir to {}", bundle),
     )?;
 -    let spec = Spec::load(CONFIG).chain_err(
 +    let mut spec = Spec::load(CONFIG).chain_err(
         || format!("failed to load {}", CONFIG),
     )?;
 
 @@ -445,7 +445,7 @@ fn cmd_create(
             let mut f = File::create(pidfile)?;
             f.write_all(child_pid.to_string().as_bytes())?;
         }
 -        let linux = spec.linux.as_ref().unwrap();
 +        let mut linux = spec.linux.unwrap();
         // update namespaces to enter only
         let mut namespaces = Vec::new();
         for ns in &linux.namespaces {
 @@ -459,6 +459,17 @@ fn cmd_create(
                 namespaces.push(n);
             }
         }
 +        linux.sysctl = HashMap::new();
 +        linux.namespaces = namespaces;
 +        linux.resources = None;
 +        linux.devices = vec![];
 +        linux.seccomp = None;
 +        linux.rootfs_propagation = "".into();
 +        linux.masked_paths = vec![];
 +        linux.readonly_paths = vec![];
 +        linux.mount_label = "".into();
 +
 +        /*
         let updated_linux = oci::Linux {
             uid_mappings: linux.uid_mappings.clone(),
             gid_mappings: linux.gid_mappings.clone(),
 @@ -473,6 +484,9 @@ fn cmd_create(
             readonly_paths: Vec::new(),
             mount_label: "".to_string(),
         };
 +        */
 +        spec.linux = Some(linux);
 +        /*
         let updated = Spec {
             version: spec.version,
             platform: spec.platform,
 @@ -485,12 +499,13 @@ fn cmd_create(
             mounts: Vec::new(), // remove mounts
             hooks: spec.hooks,
             annotations: spec.annotations,
 -            linux: Some(updated_linux),
 +            linux: Some(linux),
             solaris: spec.solaris,
             windows: spec.windows,
         };
 +        */
         debug!("writing updated config");
 -        updated.save(CONFIG).chain_err(
 +        spec.save(CONFIG).chain_err(
             || format!("failed to save {}", CONFIG),
         )?;
     }
	diff --git a/src/main.rs b/src/main.rs
	index 18bcc19..70d2f2c 100644
	--- a/src/main.rs
	+++ b/src/main.rs
	@@ -404,7 +404,7 @@ fn cmd_create(
	chdir(&*bundle).chain_err(
	\|\| format!("failed to chdir to {}", bundle),
	)?;
	- let spec = Spec::load(CONFIG).chain_err(
	+ let mut spec = Spec::load(CONFIG).chain_err(
	\|\| format!("failed to load {}", CONFIG),
	)?;

	@@ -445,7 +445,7 @@ fn cmd_create(
	let mut f = File::create(pidfile)?;
	f.write_all(child_pid.to_string().as_bytes())?;
	}
	- let linux = spec.linux.as_ref().unwrap();
	+ let mut linux = spec.linux.unwrap();
	// update namespaces to enter only
	let mut namespaces = Vec::new();
	for ns in &linux.namespaces {
	@@ -459,6 +459,17 @@ fn cmd_create(
	namespaces.push(n);
	}
	}
	+ linux.sysctl = HashMap::new();
	+ linux.namespaces = namespaces;
	+ linux.resources = None;
	+ linux.devices = vec![];
	+ linux.seccomp = None;
	+ linux.rootfs_propagation = "".into();
	+ linux.masked_paths = vec![];
	+ linux.readonly_paths = vec![];
	+ linux.mount_label = "".into();
	+
	+ /*
	let updated_linux = oci::Linux {
	uid_mappings: linux.uid_mappings.clone(),
	gid_mappings: linux.gid_mappings.clone(),
	@@ -473,6 +484,9 @@ fn cmd_create(
	readonly_paths: Vec::new(),
	mount_label: "".to_string(),
	};
	+ */
	+ spec.linux = Some(linux);
	+ /*
	let updated = Spec {
	version: spec.version,
	platform: spec.platform,
	@@ -485,12 +499,13 @@ fn cmd_create(
	mounts: Vec::new(), // remove mounts
	hooks: spec.hooks,
	annotations: spec.annotations,
	- linux: Some(updated_linux),
	+ linux: Some(linux),
	solaris: spec.solaris,
	windows: spec.windows,
	};
	+ */
	debug!("writing updated config");
	- updated.save(CONFIG).chain_err(
	+ spec.save(CONFIG).chain_err(
	\|\| format!("failed to save {}", CONFIG),
	)?;
	}