Ayush Ranjan
Ayush Ranjan
> No in the setuid root binary case, the access uses the real uid(which is not 0) to do check, and the open syscall uses the euid(which is 0) to...
This issue is still exists.
I think the library does have support for 256 inode size. What makes you say it does not? Ext2/3 had 128 inode size but ext4 introduced the new inode struct...
So if you look at [this line](https://github.com/nerd2/gexto/blob/39468ec063f630a4824d82e1a06e608a07f0aec7/filesystem.go#L214), `int64(fs.sb.Inode_size)` over here would resolve to 256 IF the filesystem being used in ext4. ext2/3 only support 128 sized inodes.
We already support field comments for checklocks, for example: https://github.com/google/gvisor/blob/344f19745f01cb407c714d2a8c95f43022a49ebd/pkg/tcpip/stack/stack.go#L95-L96
Ah, ^ are considered `field.Doc` and not field comments. LGTM.
The `--nvproxy-docker` flag semantics is a bit confusing... TLDR; it is needed sometimes in non-Docker environments too. Here is a brief summary of what's going on. The NVIDIA GPU Container...
HI @PedroRibeiro95, Hmm I don't think `--nvproxy-docker` will help in this case. That flag will try running the `nvidia-hook` as a prestart hook. I don't think in k8s environment, the...
> but it's unclear how I'd make nvidia-container-runtime provide the runsc flag. The runtimes config for the NVIDIA runtime seems to just take executables, so runsc would be the natural...
Yeah that is strange. If you see the boot logs, the StartSubcontainer RPC has the device gofer configuration set (search for `IsDevIoFilePresent:true` in logs). The gofer logs also have the...