summaryrefslogtreecommitdiffhomepage
path: root/runsc
diff options
context:
space:
mode:
authorKevin Krakauer <krakauer@google.com>2018-06-12 11:02:35 -0700
committerShentubot <shentubot@google.com>2018-06-12 11:03:25 -0700
commit2dc9cd7bf73d971a37fa22b52a70961f27f6c970 (patch)
tree44ea444c2b21d6af8063ee4e740ae5c1d4e1d8b1 /runsc
parent48335318a23f4f536c395e602c0cd338c4c4e890 (diff)
runsc: enable terminals in the sandbox.
runsc now mounts the devpts filesystem, so you get a real terminal using ssh+sshd. PiperOrigin-RevId: 200244830 Change-Id: If577c805ad0138fda13103210fa47178d8ac6605
Diffstat (limited to 'runsc')
-rw-r--r--runsc/boot/BUILD1
-rw-r--r--runsc/boot/fs.go11
2 files changed, 11 insertions, 1 deletions
diff --git a/runsc/boot/BUILD b/runsc/boot/BUILD
index 73893d699..1a81acde5 100644
--- a/runsc/boot/BUILD
+++ b/runsc/boot/BUILD
@@ -35,6 +35,7 @@ go_library(
"//pkg/sentry/fs/ramfs",
"//pkg/sentry/fs/sys",
"//pkg/sentry/fs/tmpfs",
+ "//pkg/sentry/fs/tty",
"//pkg/sentry/inet",
"//pkg/sentry/kernel",
"//pkg/sentry/kernel/auth",
diff --git a/runsc/boot/fs.go b/runsc/boot/fs.go
index 82bbea4d7..28c3e8cd0 100644
--- a/runsc/boot/fs.go
+++ b/runsc/boot/fs.go
@@ -27,6 +27,7 @@ import (
_ "gvisor.googlesource.com/gvisor/pkg/sentry/fs/proc"
_ "gvisor.googlesource.com/gvisor/pkg/sentry/fs/sys"
_ "gvisor.googlesource.com/gvisor/pkg/sentry/fs/tmpfs"
+ _ "gvisor.googlesource.com/gvisor/pkg/sentry/fs/tty"
specs "github.com/opencontainers/runtime-spec/specs-go"
"gvisor.googlesource.com/gvisor/pkg/abi/linux"
@@ -109,6 +110,14 @@ func configureMounts(ctx context.Context, spec *specs.Spec, conf *Config, mns *f
return err
}
+ // Always mount /dev/pts.
+ if err := mountSubmount(ctx, spec, conf, mns, nil, specs.Mount{
+ Type: "devpts",
+ Destination: "/dev/pts",
+ }); err != nil {
+ return err
+ }
+
// Mount proc and sys even if the user did not ask for it, as the spec
// says we SHOULD.
if !procMounted {
@@ -214,7 +223,7 @@ func mountSubmount(ctx context.Context, spec *specs.Spec, conf *Config, mns *fs.
var fsName string
var useOverlay bool
switch m.Type {
- case "proc", "sysfs", "devtmpfs":
+ case "devpts", "devtmpfs", "proc", "sysfs":
fsName = m.Type
case "none":
fsName = "sysfs"