container: move seccomp preset bits
All checks were successful
Test / Create distribution (push) Successful in 34s
Test / Sandbox (push) Successful in 2m13s
Test / Hpkg (push) Successful in 4m2s
Test / Hakurei (race detector) (push) Successful in 5m16s
Test / Sandbox (race detector) (push) Successful in 2m5s
Test / Hakurei (push) Successful in 2m16s
Test / Flake checks (push) Successful in 1m33s
All checks were successful
Test / Create distribution (push) Successful in 34s
Test / Sandbox (push) Successful in 2m13s
Test / Hpkg (push) Successful in 4m2s
Test / Hakurei (race detector) (push) Successful in 5m16s
Test / Sandbox (race detector) (push) Successful in 2m5s
Test / Hakurei (push) Successful in 2m16s
Test / Flake checks (push) Successful in 1m33s
This allows holding the bits without cgo. Signed-off-by: Ophestra <cat@gensokyo.uk>
This commit is contained in:
@@ -9,6 +9,7 @@ import (
|
||||
"time"
|
||||
|
||||
"hakurei.app/container"
|
||||
"hakurei.app/container/bits"
|
||||
"hakurei.app/container/seccomp"
|
||||
)
|
||||
|
||||
@@ -36,7 +37,7 @@ func Exec(ctx context.Context, msg container.Msg, p string) ([]*Entry, error) {
|
||||
z := container.NewCommand(c, msg, toolPath, lddName, p)
|
||||
z.Hostname = "hakurei-" + lddName
|
||||
z.SeccompFlags |= seccomp.AllowMultiarch
|
||||
z.SeccompPresets |= seccomp.PresetStrict
|
||||
z.SeccompPresets |= bits.PresetStrict
|
||||
stdout, stderr := new(bytes.Buffer), new(bytes.Buffer)
|
||||
z.Stdout = stdout
|
||||
z.Stderr = stderr
|
||||
|
||||
Reference in New Issue
Block a user