package overlayutils
import "github.com/containerd/containerd/snapshots/overlay/overlayutils"
Index ¶
- func NeedsUserXAttr(d string) (bool, error)
- func Supported(root string) error
- func SupportsMultipleLowerDir(d string) error
Functions ¶
func NeedsUserXAttr ¶
NeedsUserXAttr returns whether overlayfs should be mounted with the "userxattr" mount option.
The "userxattr" option is needed for mounting overlayfs inside a user namespace with kernel >= 5.11.
The "userxattr" option is NOT needed for the initial user namespace (aka "the host").
Also, Ubuntu (since circa 2015) and Debian (since 10) with kernel < 5.11 can mount the overlayfs in a user namespace without the "userxattr" option.
The corresponding kernel commit: https://github.com/torvalds/linux/commit/2d2f2d7322ff43e0fe92bf8cccdc0b09449bf2e1 > ovl: user xattr > > Optionally allow using "user.overlay." namespace instead of "trusted.overlay." > ... > Disable redirect_dir and metacopy options, because these would allow privilege escalation through direct manipulation of the > "user.overlay.redirect" or "user.overlay.metacopy" xattrs. > ...
The "userxattr" support is not exposed in "/sys/module/overlay/parameters".
func Supported ¶
Supported returns nil when the overlayfs is functional on the system with the root directory. Supported is not called during plugin initialization, but exposed for downstream projects which uses this snapshotter as a library.
func SupportsMultipleLowerDir ¶
SupportsMultipleLowerDir checks if the system supports multiple lowerdirs, which is required for the overlay snapshotter. On 4.x kernels, multiple lowerdirs are always available (so this check isn't needed), and backported to RHEL and CentOS 3.x kernels (3.10.0-693.el7.x86_64 and up). This function is to detect support on those kernels, without doing a kernel version compare.
Ported from moby overlay2.
Source Files ¶
- Version
- v1.6.0-rc.4
- Published
- Feb 10, 2022
- Platform
- linux/amd64
- Imports
- 7 packages
- Last checked
- 4 hours ago –
Tools for package owners.