technocloud-public/nginx-unit
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Isolation: added "automount" option.

Browse Source 
Now it's possible to disable default bind mounts of
languages by setting:

  {
      "isolation": {
           "automount": {
               "language_deps": false
           }
     }
  }

In this case, the user is responsible to provide a "rootfs"
containing the language libraries and required files for
the application.
This commit is contained in:
Tiago Natel de Moura
2020-08-25 15:25:51 +01:00
parent 244ffb2829
commit b65a8636bb
9 changed files with 112 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
src/nxt_process.h
View File

@@ -72,18 +72,25 @@ typedef struct {
nxt_port_mmap_t *elts;
} nxt_port_mmaps_t;
typedef struct {
u_char *rootfs;
nxt_array_t *mounts; /* of nxt_mount_t */
nxt_isolation_cleanup_t cleanup;
typedef struct {
uint8_t language_deps; /* 1-byte */
} nxt_process_automount_t;
typedef struct {
u_char *rootfs;
nxt_process_automount_t automount;
nxt_array_t *mounts; /* of nxt_mount_t */
nxt_isolation_cleanup_t cleanup;
#if (NXT_HAVE_CLONE)
nxt_clone_t clone;
nxt_clone_t clone;
#endif
#if (NXT_HAVE_PR_SET_NO_NEW_PRIVS)
uint8_t new_privs; /* 1 bit */
uint8_t new_privs; /* 1 bit */
#endif
} nxt_process_isolation_t;