Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add "privileged container" mode to
sandbox.c
(JuliaPackaging#132)
* Add "privileged container" mode to `sandbox.c` On some Linux kernels, mounting overlay filesystems within user namespaces is broken, see [0] for an Ubuntu issue tracking this and their patch to fix it. To work around this, we allow the user to enable running the sandbox through `sudo`, which adds another path through the already convoluted `sandbox.c`. After a thorough reorganization of `sandbox.c`, we now have three well-defined execution modes (init, unprivileged and privileged) and a `sandbox` that can either mount overlay filesystems as root within a user namespace, or can mount overlay filesystems as root outside of a user namespace, then enter the user namespace. [0] https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1531747 * Bump rootfs version * Quash some small bugs
- Loading branch information