Skip to content

Commit

Permalink
feat(core): suppport custom proc fs mount
Browse files Browse the repository at this point in the history
Signed-off-by: Prateek <prateeknandle@gmail.com>
  • Loading branch information
Prateeknandle committed Dec 18, 2024
1 parent f85e3f7 commit 3caa2f3
Showing 1 changed file with 6 additions and 3 deletions.
9 changes: 6 additions & 3 deletions KubeArmor/core/nriHandler.go
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,8 @@ import (
"context"
"fmt"
"os"
"path/filepath"
"strconv"

"github.com/containerd/nri/pkg/api"
"github.com/containerd/nri/pkg/stub"
Expand Down Expand Up @@ -254,15 +256,16 @@ func nriToKubeArmorContainer(nriContainer *api.Container) tp.Container {

// Read PID and mount namespaces from container root PID
if nriContainer.Pid != 0 {
nsPath := fmt.Sprintf("/proc/%d/ns", nriContainer.Pid)
pid := strconv.Itoa(int(nriContainer.Pid))

if data, err := os.Readlink(nsPath + "/pid"); err == nil {
if data, err := os.Readlink(filepath.Join(cfg.GlobalCfg.ProcFsMount, pid, "/ns/pid")); err == nil {
// if data, err := os.Readlink(nsPath + "/pid"); err == nil {
if _, err := fmt.Sscanf(data, "pid:[%d]", &container.PidNS); err != nil {
kg.Warnf("Unable to get PidNS (%s, %s, %s)", nriContainer.Id, nriContainer.Pid, err.Error())
}
}

if data, err := os.Readlink(nsPath + "/mnt"); err == nil {
if data, err := os.Readlink(filepath.Join(cfg.GlobalCfg.ProcFsMount, pid, "/ns/mnt")); err == nil {
if _, err := fmt.Sscanf(data, "mnt:[%d]", &container.MntNS); err != nil {
kg.Warnf("Unable to get MntNS (%s, %s, %s)", nriContainer.Id, nriContainer.Pid, err.Error())
}
Expand Down

0 comments on commit 3caa2f3

Please sign in to comment.