search

rootless-containers / subuidless

[POC] Rootless Containers without `/etc/subuid` and `/etc/subgid`
Apache License 2.0
17 stars 3 forks source link

Move to *.so (?) plugin #3

Closed AkihiroSuda closed 4 years ago

AkihiroSuda commented 4 years ago

https://github.com/containers/crun/pull/438#issuecomment-665857771

The API could be quite simple, just pass down a FD or have an exported function like int handle_req(struct seccomp_notif sreq, struct seccomp_notif_resp sresp){...}

AkihiroSuda commented 4 years ago

This might not be going to happen, as it wouldn't be runnable in the parent namespace