Add missing interface to set init processes Umask

Umask is a field specified in the runtime spec, but we don't
have a method to set it in runtime-tools.  Some users might
want to modify the default Umask of a container.

Signed-off-by: Daniel J Walsh <[email protected]>

Author: rhatdan

Godeps/Godeps.json

@@ -118,6 +118,7 @@ var generateFlags = []cli.Flag{
 	cli.BoolFlag{Name: "process-rlimits-remove-all", Usage: "remove all resource limits for processes inside the container. "},
 	cli.BoolFlag{Name: "process-terminal", Usage: "specifies whether a terminal is attached to the process"},
 	cli.IntFlag{Name: "process-uid", Usage: "uid for the process"},
+	cli.StringFlag{Name: "process-umask", Usage: "umask for the process"},
 	cli.StringFlag{Name: "process-username", Usage: "username for the process"},
 	cli.StringFlag{Name: "rootfs-path", Value: "rootfs", Usage: "path to the root filesystem"},
 	cli.BoolFlag{Name: "rootfs-readonly", Usage: "make the container's rootfs readonly"},
@@ -234,6 +235,10 @@ func setupSpec(g *generate.Generator, context *cli.Context) error {
 		g.SetProcessUsername(context.String("process-username"))
 	}
 
+	if context.IsSet("process-umask") {
+		g.SetProcessUmask(uint32(context.Int("process-umask")))
+	}
+
 	if context.IsSet("process-gid") {
 		g.SetProcessGID(uint32(context.Int("process-gid")))
 	}

cmd/oci-runtime-tool/generate.go

@@ -444,6 +444,12 @@ func (g *Generator) SetProcessUsername(username string) {
 	g.Config.Process.User.Username = username
 }
 
+// SetProcessUmask sets g.Config.Process.User.Umask.
+func (g *Generator) SetProcessUmask(umask uint32) {
+	g.initConfigProcess()
+	g.Config.Process.User.Umask = umask
+}
+
 // SetProcessGID sets g.Config.Process.User.GID.
 func (g *Generator) SetProcessGID(gid uint32) {
 	g.initConfigProcess()

generate/generate.go

@@ -43,7 +43,7 @@ func TestJSONSchema(t *testing.T) {
 	}{
 		{
 			config: &rspec.Spec{},
-			error:  "1 error occurred:\n\t* Version string empty\nRefer to: https://github.com/opencontainers/runtime-spec/blob/v1.0.1/config.md#specification-version\n\n",
+			error:  "1 error occurred:\n\t* Version string empty\nRefer to: https://github.com/opencontainers/runtime-spec/blob/v1.0.2/config.md#specification-version\n\n",
 		},
 		{
 			config: &rspec.Spec{
@@ -62,7 +62,7 @@ func TestJSONSchema(t *testing.T) {
 				Version: "1.0.0",
 				Process: &rspec.Process{},
 			},
-			error: "process.args: Invalid type. Expected: array, given: null",
+			error: "1 error occurred:\n\t* args: args is required\n\n",
 		},
 		{
 			config: &rspec.Spec{

validate/validate_test.go

@@ -17,6 +17,7 @@ func main() {
 		g.SetProcessUID(10)
 		g.SetProcessGID(10)
 		g.AddProcessAdditionalGid(5)
+		g.SetProcessUmask(002)
 	case "windows":
 		g.SetProcessUsername("test")
 	default: