From c063a1350f4ac6249fb26e6125c9cc99db14263b Mon Sep 17 00:00:00 2001
From: Andrei Vagin <avagin@google.com>
Date: Fri, 18 Jan 2019 12:16:24 -0800
Subject: runsc: create a new proc mount if the sandbox process is running in a
 new pidns

PiperOrigin-RevId: 229971902
Change-Id: Ief4fac731e839ef092175908de9375d725eaa3aa
---
 runsc/sandbox/sandbox.go | 1 +
 1 file changed, 1 insertion(+)

(limited to 'runsc/sandbox/sandbox.go')

diff --git a/runsc/sandbox/sandbox.go b/runsc/sandbox/sandbox.go
index 411200793..d28d93b0a 100644
--- a/runsc/sandbox/sandbox.go
+++ b/runsc/sandbox/sandbox.go
@@ -458,6 +458,7 @@ func (s *Sandbox) createSandboxProcess(spec *specs.Spec, conf *boot.Config, bund
 	} else {
 		log.Infof("Sandbox will be started in a new PID namespace")
 		nss = append(nss, specs.LinuxNamespace{Type: specs.PIDNamespace})
+		cmd.Args = append(cmd.Args, "--pidns=true")
 	}
 
 	// Joins the network namespace if network is enabled. the sandbox talks
-- 
cgit v1.2.3