diff options
author | Tiago Natel de Moura <t.nateldemoura@f5.com> | 2020-08-25 15:25:51 +0100 |
---|---|---|
committer | Tiago Natel de Moura <t.nateldemoura@f5.com> | 2020-08-25 15:25:51 +0100 |
commit | b65a8636bb5b2ee61c69660aa6f7edc7d909e632 (patch) | |
tree | b089b6c7633eb03170d8aab0a8ede14fbcf457c2 /src/nxt_process.h | |
parent | 244ffb2829cfbac26e013988474184d6050504fe (diff) | |
download | unit-b65a8636bb5b2ee61c69660aa6f7edc7d909e632.tar.gz unit-b65a8636bb5b2ee61c69660aa6f7edc7d909e632.tar.bz2 |
Isolation: added "automount" option.
Now it's possible to disable default bind mounts of
languages by setting:
{
"isolation": {
"automount": {
"language_deps": false
}
}
}
In this case, the user is responsible to provide a "rootfs"
containing the language libraries and required files for
the application.
Diffstat (limited to '')
-rw-r--r-- | src/nxt_process.h | 17 |
1 files changed, 12 insertions, 5 deletions
diff --git a/src/nxt_process.h b/src/nxt_process.h index f2383687..d9b4dff1 100644 --- a/src/nxt_process.h +++ b/src/nxt_process.h @@ -72,18 +72,25 @@ typedef struct { nxt_port_mmap_t *elts; } nxt_port_mmaps_t; + +typedef struct { + uint8_t language_deps; /* 1-byte */ +} nxt_process_automount_t; + + typedef struct { - u_char *rootfs; - nxt_array_t *mounts; /* of nxt_mount_t */ + u_char *rootfs; + nxt_process_automount_t automount; + nxt_array_t *mounts; /* of nxt_mount_t */ - nxt_isolation_cleanup_t cleanup; + nxt_isolation_cleanup_t cleanup; #if (NXT_HAVE_CLONE) - nxt_clone_t clone; + nxt_clone_t clone; #endif #if (NXT_HAVE_PR_SET_NO_NEW_PRIVS) - uint8_t new_privs; /* 1 bit */ + uint8_t new_privs; /* 1 bit */ #endif } nxt_process_isolation_t; |