diff options
author | Michael Pratt <mpratt@google.com> | 2020-04-24 16:45:31 -0400 |
---|---|---|
committer | Michael Pratt <mpratt@google.com> | 2020-04-27 16:36:07 -0400 |
commit | 147c8ba1f74133990f19b5c0e6dfd0fa28855f52 (patch) | |
tree | 869ee899b5b17e09edad630824a117875e08d04d /pkg/sentry/fsimpl/host/socket_iovec.go | |
parent | 2cc0fd42f462f3942230c4b33ca2825e2a28765d (diff) |
runsc: extend do network cleanup
Previously we unconditionally failed to cleanup the networking files
(hostname, resolve.conf, hosts), and failed to cleanup the netns, etc on
partial setup failure.
We can drop the iptables commands from cleanup, as the routes
automatically go away when the device is deleted. Those commands were
failing previously.
Forward signals to the container, allowing it to exit normally when a
signal is received, and then for runsc to run the cleanup. This doesn't
cover cleanup when runsc is signalled before the container start, it
covers the most common case.
Fixes #2539
Fixes #2540
Diffstat (limited to 'pkg/sentry/fsimpl/host/socket_iovec.go')
0 files changed, 0 insertions, 0 deletions