summaryrefslogtreecommitdiffhomepage
path: root/runsc/cmd
diff options
context:
space:
mode:
Diffstat (limited to 'runsc/cmd')
-rw-r--r--runsc/cmd/BUILD1
-rw-r--r--runsc/cmd/gofer.go5
2 files changed, 6 insertions, 0 deletions
diff --git a/runsc/cmd/BUILD b/runsc/cmd/BUILD
index 5dee26a5c..f9c091ba2 100644
--- a/runsc/cmd/BUILD
+++ b/runsc/cmd/BUILD
@@ -42,6 +42,7 @@ go_library(
"//runsc/console",
"//runsc/container",
"//runsc/fsgofer",
+ "//runsc/fsgofer/filter",
"//runsc/specutils",
"@com_github_google_subcommands//:go_default_library",
"@com_github_opencontainers_runtime-spec//specs-go:go_default_library",
diff --git a/runsc/cmd/gofer.go b/runsc/cmd/gofer.go
index ab76734fc..f28e02798 100644
--- a/runsc/cmd/gofer.go
+++ b/runsc/cmd/gofer.go
@@ -28,6 +28,7 @@ import (
"gvisor.googlesource.com/gvisor/pkg/p9"
"gvisor.googlesource.com/gvisor/pkg/unet"
"gvisor.googlesource.com/gvisor/runsc/fsgofer"
+ "gvisor.googlesource.com/gvisor/runsc/fsgofer/filter"
"gvisor.googlesource.com/gvisor/runsc/specutils"
)
@@ -151,6 +152,10 @@ func (g *Gofer) Execute(_ context.Context, f *flag.FlagSet, args ...interface{})
Fatalf("too many FDs passed for mounts. mounts: %d, FDs: %d", mountIdx, len(g.ioFDs))
}
+ if err := filter.Install(); err != nil {
+ Fatalf("Failed to install seccomp filters: %v", err)
+ }
+
runServers(ats, g.ioFDs)
return subcommands.ExitSuccess
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-15 17:40:36 +0000