diff options
Diffstat (limited to 'runsc/config')
| -rw-r--r-- | runsc/config/config.go | 6 | ||||
| -rw-r--r-- | runsc/config/flags.go | 4 |
2 files changed, 9 insertions, 1 deletions
diff --git a/runsc/config/config.go b/runsc/config/config.go index 1e5858837..fa550ebf7 100644 --- a/runsc/config/config.go +++ b/runsc/config/config.go @@ -55,6 +55,9 @@ type Config struct { // PanicLog is the path to log GO's runtime messages, if not empty. PanicLog string `flag:"panic-log"` + // CoverageReport is the path to write Go coverage information, if not empty. + CoverageReport string `flag:"coverage-report"` + // DebugLogFormat is the log format for debug. DebugLogFormat string `flag:"debug-log-format"` @@ -172,6 +175,9 @@ type Config struct { // Enables seccomp inside the sandbox. OCISeccomp bool `flag:"oci-seccomp"` + // Mounts the cgroup filesystem backed by the sentry's cgroupfs. + Cgroupfs bool `flag:"cgroupfs"` + // TestOnlyAllowRunAsCurrentUserWithoutChroot should only be used in // tests. It allows runsc to start the sandbox process as the current // user, and without chrooting the sandbox process. This can be diff --git a/runsc/config/flags.go b/runsc/config/flags.go index 1d996c841..c3dca2352 100644 --- a/runsc/config/flags.go +++ b/runsc/config/flags.go @@ -44,7 +44,8 @@ func RegisterFlags() { // Debugging flags. flag.String("debug-log", "", "additional location for logs. If it ends with '/', log files are created inside the directory with default names. The following variables are available: %TIMESTAMP%, %COMMAND%.") - flag.String("panic-log", "", "file path were panic reports and other Go's runtime messages are written.") + flag.String("panic-log", "", "file path where panic reports and other Go's runtime messages are written.") + flag.String("coverage-report", "", "file path where Go coverage reports are written. Reports will only be generated if runsc is built with --collect_code_coverage and --instrumentation_filter Bazel flags.") flag.Bool("log-packets", false, "enable network packet logging.") flag.String("debug-log-format", "text", "log format: text (default), json, or json-k8s.") flag.Bool("alsologtostderr", false, "send log messages to stderr.") @@ -75,6 +76,7 @@ func RegisterFlags() { flag.Bool("fsgofer-host-uds", false, "allow the gofer to mount Unix Domain Sockets.") flag.Bool("vfs2", false, "enables VFSv2. This uses the new VFS layer that is faster than the previous one.") flag.Bool("fuse", false, "TEST ONLY; use while FUSE in VFSv2 is landing. This allows the use of the new experimental FUSE filesystem.") + flag.Bool("cgroupfs", false, "Automatically mount cgroupfs.") // Flags that control sandbox runtime behavior: network related. flag.Var(networkTypePtr(NetworkSandbox), "network", "specifies which network to use: sandbox (default), host, none. Using network inside the sandbox is more secure because it's isolated from the host network.") |