maemachinebroke/hakurei
1
0
Fork 0
forked from security/hakurei
Code Pull Requests Activity

internal/pkg: use short wait delay

Browse Source 
The cure is condemned at the point of cancellation and all of its state is destroyed by the deferred cleanup, so it makes little sense to wait for it much.

Signed-off-by: Ophestra <cat@gensokyo.uk>
This commit is contained in:
Ophestra
2026-01-08 18:58:51 +09:00
parent 863e6f5db6
commit f2430b5f5e
1 changed files with 1 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
internal/pkg/exec.go
View File

@@ -194,7 +194,7 @@ func (a *execArtifact) Cure(c *CureContext) (err error) {
const ( const (
// execWaitDelay is passed through to [container.Params]. // execWaitDelay is passed through to [container.Params].
execWaitDelay = 15 * time.Second execWaitDelay = time.Nanosecond
) )
// cure is like Cure but allows optional host net namespace. This is used for // cure is like Cure but allows optional host net namespace. This is used for
@@ -294,7 +294,6 @@ func (a *execArtifact) cure(c *CureContext, hostNet bool) (err error) {
defer cancel() defer cancel()
z := container.New(ctx, a.msg) z := container.New(ctx, a.msg)
z.ForwardCancel = true
z.WaitDelay = execWaitDelay z.WaitDelay = execWaitDelay
z.SeccompPresets |= std.PresetStrict z.SeccompPresets |= std.PresetStrict
z.ParentPerm = 0700 z.ParentPerm = 0700