mrunalp

#!/bin/bash
set -e
set -x

RUNC_GOPATH="$(mktemp -d)"
CONTAINERD_GOPATH="$(mktemp -d)"
PWD="$(pwd)"

function cleanup() {
        rm -rf "${RUNC_GOPATH}"

mrunalp

package main

import (
        "log"

        "github.com/fsouza/go-dockerclient"
)

func main() {
        endpoint := "unix:///var/run/docker.sock"

mrunalp

{
	"version": "pre-draft",
	"platform": {
		"os": "linux",
		"arch": "amd64"
	},
	"process": {
		"terminal": false,
		"user": {
			"uid": 0,

mrunalp

package main

import (
        "flag"
        "log"
        "os"
        "path/filepath"
        "syscall"
)

mrunalp

#define _GNU_SOURCE
#include <stdio.h>
#include <stdlib.h>
#include <sys/mount.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <fcntl.h>
#include <sched.h>
#include <unistd.h>
#include <errno.h>

mrunalp

package main

import (
	"encoding/hex"
	"flag"
	"log"

	"github.com/godbus/dbus"
)

mrunalp

#!/bin/bash

umount /busybox/var/log/journal/9876
rm -rf /var/log/journal/9876

umount /busybox/etc/machine-id
rm -rf /busybox/etc/machine-id
rm -rf /tmp/busybox/etc/

mrunalp

#!/bin/bash

while read line
do
        echo $line > /tmp/myoutput
done < /dev/stdin

mkdir -p /var/log/journal/9876
mkdir -p /busybox/var/log/journal/9876

mrunalp

1. Apply this simple patch so that bind mounts aren't converted to private in runc

diff --git a/libcontainer/rootfs_linux.go b/libcontainer/rootfs_linux.go
index 21f380d..c1dfce5 100644
--- a/libcontainer/rootfs_linux.go
+++ b/libcontainer/rootfs_linux.go
@@ -400,7 +400,7 @@ func mknodDevice(dest string, node *configs.Device) error {
 func prepareRoot(config *configs.Config) error {
        flag := syscall.MS_SLAVE | syscall.MS_REC
        if config.Privatefs {

mrunalp

unshare -Urm --mount-proc