summaryrefslogtreecommitdiffhomepage
path: root/runsc/main.go
diff options
context:
space:
mode:
Diffstat (limited to 'runsc/main.go')
-rw-r--r--runsc/main.go2
1 files changed, 2 insertions, 0 deletions
diff --git a/runsc/main.go b/runsc/main.go
index 4f89312b3..82c37ec11 100644
--- a/runsc/main.go
+++ b/runsc/main.go
@@ -63,6 +63,7 @@ var (
overlay = flag.Bool("overlay", false, "wrap filesystem mounts with writable overlay. All modifications are stored in memory inside the sandbox.")
watchdogAction = flag.String("watchdog-action", "log", "sets what action the watchdog takes when triggered: log (default), panic.")
panicSignal = flag.Int("panic-signal", -1, "register signal handling that panics. Usually set to SIGUSR2(12) to troubleshoot hangs. -1 disables it.")
+ profile = flag.Bool("profile", false, "prepares the sandbox to use Golang profiler. Note that enabling profiler loosens the seccomp protection added to the sandbox (DO NOT USE IN PRODUCTION).")
testOnlyAllowRunAsCurrentUserWithoutChroot = flag.Bool("TESTONLY-unsafe-nonroot", false, "TEST ONLY; do not ever use! This skips many security measures that isolate the host from the sandbox.")
)
@@ -146,6 +147,7 @@ func main() {
StraceLogSize: *straceLogSize,
WatchdogAction: wa,
PanicSignal: *panicSignal,
+ ProfileEnable: *profile,
TestOnlyAllowRunAsCurrentUserWithoutChroot: *testOnlyAllowRunAsCurrentUserWithoutChroot,
}
if len(*straceSyscalls) != 0 {
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-02 12:34:09 +0000