Merge release-20190806.1-195-gdd0e5ee (automated)

author: gVisor bot <gvisor-bot@google.com> 2019-09-25 23:48:18 +0000
committer: gVisor bot <gvisor-bot@google.com> 2019-09-25 23:48:18 +0000
commit: bf8a45ee0966b102081833e859135ea2f7aea7cc (patch)
tree: b5d3f2d5b8cdb480df02e6c5a5641a681d4ace77 /runsc/cmd
parent: 38a7d3675851376a176b90d4480f4d70d1448d83 (diff)
parent: dd0e5eedaeb21582820856cbe68eb2a625f395aa (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/runsc/cmd/gofer.go b/runsc/cmd/gofer.go
index 9faabf494..fbd579fb8 100644
--- a/runsc/cmd/gofer.go
+++ b/runsc/cmd/gofer.go
@@ -182,6 +182,7 @@ func (g *Gofer) Execute(_ context.Context, f *flag.FlagSet, args ...interface{})
 			cfg := fsgofer.Config{
 				ROMount:      isReadonlyMount(m.Options),
 				PanicOnWrite: g.panicOnWrite,
+				HostUDS:      conf.FSGoferHostUDS,
 			}
 			ap, err := fsgofer.NewAttachPoint(m.Destination, cfg)
 			if err != nil {
@@ -200,6 +201,10 @@ func (g *Gofer) Execute(_ context.Context, f *flag.FlagSet, args ...interface{})
 		Fatalf("too many FDs passed for mounts. mounts: %d, FDs: %d", mountIdx, len(g.ioFDs))
 	}
 
+	if conf.FSGoferHostUDS {
+		filter.InstallUDSFilters()
+	}
+
 	if err := filter.Install(); err != nil {
 		Fatalf("installing seccomp filters: %v", err)
 	}
author	gVisor bot <gvisor-bot@google.com>	2019-09-25 23:48:18 +0000
committer	gVisor bot <gvisor-bot@google.com>	2019-09-25 23:48:18 +0000
commit	bf8a45ee0966b102081833e859135ea2f7aea7cc (patch)
tree	b5d3f2d5b8cdb480df02e6c5a5641a681d4ace77 /runsc/cmd
parent	38a7d3675851376a176b90d4480f4d70d1448d83 (diff)
parent	dd0e5eedaeb21582820856cbe68eb2a625f395aa (diff)