.

conf/wide.go

@@ -110,6 +110,9 @@ var rawWide conf
 // Logger.
 var logger = log.NewLogger(os.Stdout)
 
+// Indicates whether runs via Docker.
+var Docker bool
+
 // NewUser creates a user with the specified username, password, email and workspace.
 func NewUser(username, password, email, workspace string) *User {
 	hash := md5.New()
@@ -155,9 +158,7 @@ func Load(confPath, confIP, confPort, confServer, confLogLevel, confStaticServer
 
 	logger.Debugf("${ip} [%s]", ip)
 
-	if confDocker {
+	Docker = confDocker
-		// TODO: may be we need to do something here
-	}
 
 	if "" != confIP {
 		ip = confIP

output/namespace_linux.go

@@ -0,0 +1,36 @@
+// Copyright (c) 2014, B3log
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package output
+
+import (
+	"os/exec"
+)
+
+type linuxNS struct {
+}
+
+func (*linuxNS) set(cmd *exec.Cmd) {
+	// XXX: keep move with Go 1.4 and later's
+
+	cmd.SysProcAttr = &syscall.SysProcAttr{}
+	cmd.SysProcAttr.Cloneflags = syscall.CLONE_NEWUSER | syscall.CLONE_NEWNS | syscall.CLONE_NEWUTS | syscall.CLONE_NEWPID | syscall.CLONE_NEWIPC | syscall.CLONE_NEWNET
+	cmd.SysProcAttr.Credential = &syscall.Credential{
+		Uid: 0,
+		Gid: 0,
+	}
+
+	cmd.SysProcAttr.UidMappings = []syscall.SysProcIDMap{{ContainerID: 0, HostID: 1001, Size: 1}}
+	cmd.SysProcAttr.GidMappings = []syscall.SysProcIDMap{{ContainerID: 0, HostID: 1001, Size: 1}}
+}

output/outputs.go

@@ -28,7 +28,6 @@ import (
 	"runtime"
 	"strconv"
 	"strings"
-	"syscall"
 	"time"
 
 	"github.com/b3log/wide/conf"
@@ -55,6 +54,11 @@ type Lint struct {
 	Msg      string `json:"msg"`
 }
 
+// namespace sets a namespace for child process, namespace just works on Linux.
+type namespace interface {
+	set(cmd *exec.Cmd)
+}
+
 // WSHandler handles request of creating output channel.
 func WSHandler(w http.ResponseWriter, r *http.Request) {
 	sid := r.URL.Query()["sid"][0]
@@ -96,16 +100,12 @@ func RunHandler(w http.ResponseWriter, r *http.Request) {
 
 	cmd := exec.Command(filePath)
 	cmd.Dir = curDir
-	// XXX: keep move with Go 1.4 and later's
-	cmd.SysProcAttr = &syscall.SysProcAttr{}
-	cmd.SysProcAttr.Cloneflags = syscall.CLONE_NEWUSER | syscall.CLONE_NEWNS | syscall.CLONE_NEWUTS | syscall.CLONE_NEWPID | syscall.CLONE_NEWIPC | syscall.CLONE_NEWNET
-	cmd.SysProcAttr.Credential = &syscall.Credential{
-		Uid: 0,
-		Gid: 0,
-	}
 
-	cmd.SysProcAttr.UidMappings = []syscall.SysProcIDMap{{ContainerID: 0, HostID: 1001, Size: 1}}
+	if conf.Docker {
-	cmd.SysProcAttr.GidMappings = []syscall.SysProcIDMap{{ContainerID: 0, HostID: 1001, Size: 1}}
+		var ns namespace
+
+		ns.set(cmd)
+	}
 
 	stdout, err := cmd.StdoutPipe()
 	if nil != err {

util/os.go

@@ -1,11 +1,11 @@
 // Copyright (c) 2014, B3log
-//  
+//
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
-//  
+//
 //     http://www.apache.org/licenses/LICENSE-2.0
-//  
+//
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.