Skip to content

Commit 131222d

Browse files
AkihiroSudaAkihiroSuda
authored
Merge pull request #3493 from cyphar/1.1-ns_last_pid
[1.1] Allow mounting of /proc/sys/kernel/ns_last_pid
2 parents 9d00472 + 51649a7 commit 131222d

File tree

2 files changed

+9
-0
lines changed

2 files changed

+9
-0
lines changed

libcontainer/rootfs_linux.go

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -577,6 +577,7 @@ func checkProcMount(rootfs, dest, source string) error {
577577
"/proc/loadavg",
578578
"/proc/slabinfo",
579579
"/proc/net/dev",
580+
"/proc/sys/kernel/ns_last_pid",
580581
}
581582
for _, valid := range validProcMounts {
582583
path, err := filepath.Rel(filepath.Join(rootfs, valid), dest)

libcontainer/rootfs_linux_test.go

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -38,6 +38,14 @@ func TestCheckMountDestFalsePositive(t *testing.T) {
3838
}
3939
}
4040

41+
func TestCheckMountDestNsLastPid(t *testing.T) {
42+
dest := "/rootfs/proc/sys/kernel/ns_last_pid"
43+
err := checkProcMount("/rootfs", dest, "/proc")
44+
if err != nil {
45+
t.Fatal("/proc/sys/kernel/ns_last_pid should not return an error")
46+
}
47+
}
48+
4149
func TestNeedsSetupDev(t *testing.T) {
4250
config := &configs.Config{
4351
Mounts: []*configs.Mount{

0 commit comments

Comments
 (0)