Don't bind-mount runsc into a sandbox mntns

PiperOrigin-RevId: 230437407 Change-Id: Id9d8ceeb018aad2fe317407c78c6ee0f4b47aa2b
author: Andrei Vagin <avagin@google.com> 2019-01-22 16:45:45 -0800
committer: Shentubot <shentubot@google.com> 2019-01-22 16:46:42 -0800
commit: 5f08f8fd8162fa2fc2ca7b862263081d8d07b206 (patch)
tree: df94de296220411b976f5730f71f6495ea1dc650 /runsc/container/container.go
parent: ceb3dcfb72fe050bb0d90a7285cd1b56d1b4dfeb (diff)
1 files changed, 2 insertions, 4 deletions
diff --git a/runsc/container/container.go b/runsc/container/container.go
index 2d4b85d9f..6d88dff7f 100644
--- a/runsc/container/container.go
+++ b/runsc/container/container.go
@@ -818,12 +818,10 @@ func (c *Container) createGoferProcess(spec *specs.Spec, conf *boot.Config, bund
 		args = append(args, fmt.Sprintf("--io-fds=%d", nextFD))
 	}
 
-	binPath, err := specutils.BinPath()
-	if err != nil {
-		return nil, err
-	}
+	binPath := specutils.ExePath
 	cmd := exec.Command(binPath, args...)
 	cmd.ExtraFiles = goferEnds
+	cmd.Args[0] = "runsc-gofer"
 
 	// Enter new namespaces to isolate from the rest of the system. Don't unshare
 	// cgroup because gofer is added to a cgroup in the caller's namespace.
author	Andrei Vagin <avagin@google.com>	2019-01-22 16:45:45 -0800
committer	Shentubot <shentubot@google.com>	2019-01-22 16:46:42 -0800
commit	5f08f8fd8162fa2fc2ca7b862263081d8d07b206 (patch)
tree	df94de296220411b976f5730f71f6495ea1dc650 /runsc/container/container.go
parent	ceb3dcfb72fe050bb0d90a7285cd1b56d1b4dfeb (diff)