diff options
| author | Nicolas Lacasse <nlacasse@google.com> | 2018-10-03 10:31:01 -0700 |
|---|---|---|
| committer | Shentubot <shentubot@google.com> | 2018-10-03 10:32:03 -0700 |
| commit | e215b9970ad82915a8d544b81b3c49d7d84a0eb0 (patch) | |
| tree | ca7fafed97a41307243ab7fc84d0a19e285dee53 /runsc/cmd | |
| parent | 77e43adeab4abcd301d76222e0304f551fbcf0cc (diff) | |
runsc: Pass root container's stdio via FD.
We were previously using the sandbox process's stdio as the root container's
stdio. This makes it difficult/impossible to distinguish output application
output from sandbox output, such as panics, which are always written to stderr.
Also close the console socket when we are done with it.
PiperOrigin-RevId: 215585180
Change-Id: I980b8c69bd61a8b8e0a496fd7bc90a06446764e0
Diffstat (limited to 'runsc/cmd')
| -rw-r--r-- | runsc/cmd/boot.go | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/runsc/cmd/boot.go b/runsc/cmd/boot.go index 82e534479..c6f78f63f 100644 --- a/runsc/cmd/boot.go +++ b/runsc/cmd/boot.go @@ -48,6 +48,10 @@ type Boot struct { // ioFDs is the list of FDs used to connect to FS gofers. ioFDs intFlags + // stdioFDs are the fds for stdin, stdout, and stderr. They must be + // provided in that order. + stdioFDs intFlags + // console is set to true if the sandbox should allow terminal ioctl(2) // syscalls. console bool @@ -79,6 +83,7 @@ func (b *Boot) SetFlags(f *flag.FlagSet) { f.IntVar(&b.controllerFD, "controller-fd", -1, "required FD of a stream socket for the control server that must be donated to this process") f.IntVar(&b.deviceFD, "device-fd", -1, "FD for the platform device file") f.Var(&b.ioFDs, "io-fds", "list of FDs to connect 9P clients. They must follow this order: root first, then mounts as defined in the spec") + f.Var(&b.stdioFDs, "stdio-fds", "list of FDs containing sandbox stdin, stdout, and stderr in that order") f.BoolVar(&b.console, "console", false, "set to true if the sandbox should allow terminal ioctl(2) syscalls") f.BoolVar(&b.applyCaps, "apply-caps", false, "if true, apply capabilities defined in the spec to the process") } @@ -138,7 +143,7 @@ func (b *Boot) Execute(_ context.Context, f *flag.FlagSet, args ...interface{}) } // Create the loader. - l, err := boot.New(f.Arg(0), spec, conf, b.controllerFD, b.deviceFD, b.ioFDs.GetArray(), b.console) + l, err := boot.New(f.Arg(0), spec, conf, b.controllerFD, b.deviceFD, b.ioFDs.GetArray(), b.stdioFDs.GetArray(), b.console) if err != nil { Fatalf("error creating loader: %v", err) } |