Container from scratch

main.go

package main

// @lizrice, mostly copied from @doctor_julz: https://gist.github.com/julz/c0017fa7a40de0543001

import (
	"fmt"
	"os"
	"os/exec"
	"syscall"
)

// docker run <container> command args
// go run main.go run command args
func main() {
	switch os.Args[1] {
	case "run":
		run()
	case "child":
		child()
	default:
		panic("what?")
	}
}

func run() {

	cmd := exec.Command("/proc/self/exe", append([]string{"child"}, os.Args[2:]...)...)
	cmd.Stdin = os.Stdin
	cmd.Stderr = os.Stderr
	cmd.Stdout = os.Stdout

	cmd.SysProcAttr = &syscall.SysProcAttr{
		Cloneflags: syscall.CLONE_NEWUTS | syscall.CLONE_NEWPID | syscall.CLONE_NEWNS,
	}

	must(cmd.Run())
}

func child() {
	fmt.Printf("running %v as pid %d\n", os.Args[2:], os.Getpid())

	cmd := exec.Command(os.Args[2], os.Args[3:]...)
	cmd.Stdin = os.Stdin
	cmd.Stderr = os.Stderr
	cmd.Stdout = os.Stdout
	must(syscall.Chroot("/home/rootfs"))
	must(os.Chdir("/"))
	must(syscall.Mount("proc", "proc", "proc", 0, ""))
	must(cmd.Run())
}

func must(err error) {
	if err != nil {
		panic(err)
	}
}

Hi @lizrice,

Watching your presentation on video and following along I have run into an issue with none of syscall.CLONE_NEWUTS syscall.CLONE_NEWPID or syscall.CLONE_NEWNS being found. I am a Go newbie, using Go 1.10.3 and JetBrains GoLand. What am I missing, or has Go changed since your presentation?

Thanks in advance for your reply.

@mikeschinkel Are you using Linux as your development machine?

@mikeschinkel I had a problem on the same part of the code, then I ran the command with sudo and it worked:
sudo go run main.go run /bin/bash

@mugli — Sorry I did not see your question when you originally posted it. My answer is:

"No, I was and still am running on Intel macOS."

@dennisberg13100 — Thanks for the comment. Unfortunately my comment was so long ago I've lost a bit of the plot.
But that's okay, I now realize that this was meant for running on Linux and not macOS as I am less of a Go/Linux newbie nowadays.