This package is replaced by container/stub. Remove and replace it with unexported implementation for the upcoming test suite rewrite.
Signed-off-by: Ophestra <cat@gensokyo.uk>
The whole RunState ugliness and the other horrendous error handling conditions for internal/app come from an old design proposal for maintaining all app containers under the same daemon process for a user. The proposal was ultimately rejected but the implementation remained. It is removed here to alleviate internal/app from much of its ugliness and unreadability.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This catches cases where the shim has somehow locked up, so it should wait out the full shim WaitDelay as well.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This turns out to still be quite useful across internal/app and its relatives. Perhaps a cleaner replacement for baseError.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This was a stopgap solution that lasted for way too long. This finally removes it and prepares internal/app for some major changes.
Signed-off-by: Ophestra <cat@gensokyo.uk>
The mutex is not really doing anything, none of these methods make sense when called concurrently anyway. The copylocks analysis is still satisfied by the noCopy struct.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This ensures a signal gets delivered to the process instead of relying on parent death behaviour.
SIGCONT was chosen as it is the only signal an unprivileged process is allowed to send to processes with different credentials.
A custom signal handler is installed because the Go runtime does not expose signal information other than which signal was received, and shim must check pid to ensure reasonable behaviour.
Signed-off-by: Ophestra <cat@gensokyo.uk>
All this error wrapping is getting a bit ridiculous and I might want to do something about that somewhere down the line.
Signed-off-by: Ophestra <cat@gensokyo.uk>
Just returning an error after a successful call of commit will leave garbage behind with no way for the caller to clean them. This change ensures revert is always called after successful commit with at least per-process state enabled.
Signed-off-by: Ophestra <cat@gensokyo.uk>
