From ad3576c16467d8b36452307b005b6af0d0f0f9d2 Mon Sep 17 00:00:00 2001
From: Ophestra <cat@gensokyo.uk>
Date: Mon, 24 Mar 2025 15:28:25 +0900
Subject: [PATCH] sandbox: resolve tty name

Signed-off-by: Ophestra <cat@gensokyo.uk>
---
 sandbox/container_test.go | 12 ++++++------
 sandbox/init.go           |  1 -
 sandbox/sequential.go     | 10 ++++++----
 3 files changed, 12 insertions(+), 11 deletions(-)

diff --git a/sandbox/container_test.go b/sandbox/container_test.go
index f6e6562..f3d0854 100644
--- a/sandbox/container_test.go
+++ b/sandbox/container_test.go
@@ -57,12 +57,12 @@ func TestContainer(t *testing.T) {
 				Mqueue("/dev/mqueue"),
 			[]*vfs.MountInfoEntry{
 				e("/", "/dev", "rw,nosuid,nodev,relatime", "tmpfs", "devtmpfs", ignore),
-				e("/null", "/dev/null", "ro,nosuid", "devtmpfs", "devtmpfs", ignore),
-				e("/zero", "/dev/zero", "ro,nosuid", "devtmpfs", "devtmpfs", ignore),
-				e("/full", "/dev/full", "ro,nosuid", "devtmpfs", "devtmpfs", ignore),
-				e("/random", "/dev/random", "ro,nosuid", "devtmpfs", "devtmpfs", ignore),
-				e("/urandom", "/dev/urandom", "ro,nosuid", "devtmpfs", "devtmpfs", ignore),
-				e("/tty", "/dev/tty", "ro,nosuid", "devtmpfs", "devtmpfs", ignore),
+				e("/null", "/dev/null", "rw,nosuid", "devtmpfs", "devtmpfs", ignore),
+				e("/zero", "/dev/zero", "rw,nosuid", "devtmpfs", "devtmpfs", ignore),
+				e("/full", "/dev/full", "rw,nosuid", "devtmpfs", "devtmpfs", ignore),
+				e("/random", "/dev/random", "rw,nosuid", "devtmpfs", "devtmpfs", ignore),
+				e("/urandom", "/dev/urandom", "rw,nosuid", "devtmpfs", "devtmpfs", ignore),
+				e("/tty", "/dev/tty", "rw,nosuid", "devtmpfs", "devtmpfs", ignore),
 				e("/", "/dev/pts", "rw,nosuid,noexec,relatime", "devpts", "devpts", "rw,mode=620,ptmxmode=666"),
 				e("/", "/dev/mqueue", "rw,nosuid,nodev,noexec,relatime", "mqueue", "mqueue", "rw"),
 			}, ""},
diff --git a/sandbox/init.go b/sandbox/init.go
index cf7fd1b..8c2918c 100644
--- a/sandbox/init.go
+++ b/sandbox/init.go
@@ -239,7 +239,6 @@ func Init(prepare func(prefix string), setVerbose func(verbose bool)) {
 
 	cmd := exec.Command(params.Path)
 	cmd.Stdin, cmd.Stdout, cmd.Stderr = os.Stdin, os.Stdout, os.Stderr
-	cmd.SysProcAttr = &syscall.SysProcAttr{Setpgid: true}
 	cmd.Args = params.Args
 	cmd.Env = params.Env
 	cmd.ExtraFiles = extraFiles
diff --git a/sandbox/sequential.go b/sandbox/sequential.go
index f37567d..d696703 100644
--- a/sandbox/sequential.go
+++ b/sandbox/sequential.go
@@ -156,7 +156,7 @@ func (d MountDev) apply(params *Params) error {
 		if err := hostProc.bindMount(
 			toHost("/dev/"+name),
 			targetPath,
-			syscall.MS_RDONLY,
+			0,
 			true,
 		); err != nil {
 			return err
@@ -204,10 +204,12 @@ func (d MountDev) apply(params *Params) error {
 			if err := ensureFile(consolePath, 0444, 0755); err != nil {
 				return err
 			}
-			if err := hostProc.bindMount(
-				hostProc.stdout(),
+			if name, err := os.Readlink(hostProc.stdout()); err != nil {
+				return msg.WrapErr(err, err.Error())
+			} else if err = hostProc.bindMount(
+				toHost(name),
 				consolePath,
-				syscall.MS_RDONLY,
+				0,
 				false,
 			); err != nil {
 				return err