From 2fe64148a81f0d78050c302f34a6853d21f7cae4 Mon Sep 17 00:00:00 2001 From: DJ Delorie Date: Mon, 28 Mar 2022 23:53:33 -0400 Subject: Allow for unpriviledged nested containers If the build itself is run in a container, we may not be able to fully set up a nested container for test-container testing. Notably is the mounting of /proc, since it's critical that it be mounted from within the same PID namespace as its users, and thus cannot be bind mounted from outside the container like other mounts. This patch defaults to using the parent's PID namespace instead of creating a new one, as this is more likely to be allowed. If the test needs an isolated PID namespace, it should add the "pidns" command to its init script. Reviewed-by: Carlos O'Donell --- support/Makefile | 1 + 1 file changed, 1 insertion(+) (limited to 'support/Makefile') diff --git a/support/Makefile b/support/Makefile index 5ddcb8d..f036a81 100644 --- a/support/Makefile +++ b/support/Makefile @@ -64,6 +64,7 @@ libsupport-routines = \ support_format_netent \ support_isolate_in_subprocess \ support_mutex_pi_monotonic \ + support_need_proc \ support_path_support_time64 \ support_process_state \ support_ptrace \ -- cgit v1.1