diff options
author | Kevin Krakauer <krakauer@google.com> | 2018-06-12 11:02:35 -0700 |
---|---|---|
committer | Shentubot <shentubot@google.com> | 2018-06-12 11:03:25 -0700 |
commit | 2dc9cd7bf73d971a37fa22b52a70961f27f6c970 (patch) | |
tree | 44ea444c2b21d6af8063ee4e740ae5c1d4e1d8b1 /runsc | |
parent | 48335318a23f4f536c395e602c0cd338c4c4e890 (diff) |
runsc: enable terminals in the sandbox.
runsc now mounts the devpts filesystem, so you get a real terminal using
ssh+sshd.
PiperOrigin-RevId: 200244830
Change-Id: If577c805ad0138fda13103210fa47178d8ac6605
Diffstat (limited to 'runsc')
-rw-r--r-- | runsc/boot/BUILD | 1 | ||||
-rw-r--r-- | runsc/boot/fs.go | 11 |
2 files changed, 11 insertions, 1 deletions
diff --git a/runsc/boot/BUILD b/runsc/boot/BUILD index 73893d699..1a81acde5 100644 --- a/runsc/boot/BUILD +++ b/runsc/boot/BUILD @@ -35,6 +35,7 @@ go_library( "//pkg/sentry/fs/ramfs", "//pkg/sentry/fs/sys", "//pkg/sentry/fs/tmpfs", + "//pkg/sentry/fs/tty", "//pkg/sentry/inet", "//pkg/sentry/kernel", "//pkg/sentry/kernel/auth", diff --git a/runsc/boot/fs.go b/runsc/boot/fs.go index 82bbea4d7..28c3e8cd0 100644 --- a/runsc/boot/fs.go +++ b/runsc/boot/fs.go @@ -27,6 +27,7 @@ import ( _ "gvisor.googlesource.com/gvisor/pkg/sentry/fs/proc" _ "gvisor.googlesource.com/gvisor/pkg/sentry/fs/sys" _ "gvisor.googlesource.com/gvisor/pkg/sentry/fs/tmpfs" + _ "gvisor.googlesource.com/gvisor/pkg/sentry/fs/tty" specs "github.com/opencontainers/runtime-spec/specs-go" "gvisor.googlesource.com/gvisor/pkg/abi/linux" @@ -109,6 +110,14 @@ func configureMounts(ctx context.Context, spec *specs.Spec, conf *Config, mns *f return err } + // Always mount /dev/pts. + if err := mountSubmount(ctx, spec, conf, mns, nil, specs.Mount{ + Type: "devpts", + Destination: "/dev/pts", + }); err != nil { + return err + } + // Mount proc and sys even if the user did not ask for it, as the spec // says we SHOULD. if !procMounted { @@ -214,7 +223,7 @@ func mountSubmount(ctx context.Context, spec *specs.Spec, conf *Config, mns *fs. var fsName string var useOverlay bool switch m.Type { - case "proc", "sysfs", "devtmpfs": + case "devpts", "devtmpfs", "proc", "sysfs": fsName = m.Type case "none": fsName = "sysfs" |