host-ctr: all devices nodes allowed when superpowered

[etungsten]

Issue number:
N/A

Description of changes:

Author: Erikson Tung <etung@amazon.com>
Date:   Thu Aug 13 09:44:14 2020 -0700

    host-ctr: all devices nodes allowed when superpowered
    
    Allow access to all devices nodes when a container is superpowered

Testing done:
No longer getting permission errors when trying to access the partition.

[ec2-user@ip-192-168-19-171 ~]$ sudo sheltie
bash-5.0# signpost status
OS disk: /dev/nvme0n1
Set A:   boot=/dev/nvme0n1p2 root=/dev/nvme0n1p3 hash=/dev/nvme0n1p4 priority=1 tries_left=0 successful=true
Set B:   boot=/dev/nvme0n1p6 root=/dev/nvme0n1p7 hash=/dev/nvme0n1p8 priority=0 tries_left=0 successful=false
Active:  Set A
Next:    Set A
bash-5.0# dd if=/dev/nvme0n1 of=/tmp/foo bs=4k count=8 
8+0 records in
8+0 records out
32768 bytes (33 kB, 32 KiB) copied, 6.5269e-05 s, 502 MB/s
bash-5.0# updog update -i 0.4.1 -r -n                  
Starting update to 0.4.1
Cannot schedule shutdown without logind support, proceeding with immediate shutdown.

Terms of contribution:

By submitting this pull request, I agree that this contribution is dual-licensed under the terms of both the Apache License, version 2.0, and the MIT license.

[etungsten]

Push above is for changes after go mod tidy

[etungsten]

Push above addresses @bcressey and @jahkeup 's comments.

[etungsten]

Separated out withAllDevicesAllowed to its file with a SPDX-License-Identifier at the top for Apache-2.0

[iliana]

OK with regards to attribution on all_devices_allowed.go

[iliana]

Can this become an issue, and we can reference the issue ID here?

[etungsten]

#1038

[bcressey]

nit: if we import this as "specs" then it will get rid of most of the delta from the source

[etungsten]

Push above adds a comment describing the modification to withAllDevicesAllowed and changes runtimespec to spec to better align with original source.

[jahkeup]

If we're sticking with the drop-in function route, then.. ship it! 👍