diff options
| author |  Ming Zhao <mzhao@luminatewireless.com> | 2015-10-07 14:06:20 +0000 |
|---|---|---|
| committer |  Han-Wen Nienhuys <hanwen@google.com> | 2015-10-08 12:11:17 +0000 |
| commit | 1940933a4191846f9349ecd45976dff3cab976d6 (patch) | |
| tree | 1d3ac628ffe66bd963e75d2e1ace23f1b6dc67e8 /scripts | |
| parent | fdc46c9d1c731b76a8b61393d36cf3ee9edad46d (diff) | |
Introduce two new options to Linux sandbox wrapper:
* -n: Create a new network namespace with only loopback interface.
* -r: set the uid/gid inside the sandbox to be root (instead of nobody)
so that setuid programs like ping can still run when needed.
--
Change-Id: I8ab434e47e0f6933ee9de02e135c8daec39fe73f
Reviewed-on: https://bazel-review.googlesource.com/#/c/2101/
MOS_MIGRATED_REVID=104858163
Diffstat (limited to 'scripts')
| -rwxr-xr-x | scripts/bootstrap/compile.sh | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/scripts/bootstrap/compile.sh b/scripts/bootstrap/compile.sh index 523dab5499..f9605b5b1e 100755 --- a/scripts/bootstrap/compile.sh +++ b/scripts/bootstrap/compile.sh @@ -332,7 +332,7 @@ run_silent "${CC}" -o ${OUTPUT_DIR}/process-wrapper -std=c99 src/main/tools/proc log "Compiling namespace-sandbox..." if [[ $PLATFORM == "linux" ]]; then - run_silent "${CC}" -o ${OUTPUT_DIR}/namespace-sandbox -std=c99 src/main/tools/namespace-sandbox.c src/main/tools/process-tools.c -lm + run_silent "${CC}" -o ${OUTPUT_DIR}/namespace-sandbox -std=c99 src/main/tools/namespace-sandbox.c src/main/tools/network-tools.c src/main/tools/process-tools.c -lm else run_silent "${CC}" -o ${OUTPUT_DIR}/namespace-sandbox -std=c99 src/main/tools/namespace-sandbox-dummy.c -lm fi |