Aleksa Sarai
Aleksa Sarai
`libc::renameat2` is a fairly commonly used function on Linux (especially since it is the only way of doing atomic file swaps on Linux with `RENAME_EXCHANGE`) that Miri does not yet...
These are quite useful for protecting against a variety of attacks, and mirror the general API from libpathrs but a little bit less fully-featured. Signed-off-by: Aleksa Sarai
Linux platforms that are forced to use the libc backend cannot access MS_NOSYMFOLLOW. The upstream libc crate doesn't expose MS_NOSYMFOLLOW, but on Linux we can just remap linux-raw-sys. FreeBSD also...
At the moment the `NewPty` API is based around the `ptsname`-style API where you get a pathname in `/dev/pts/` that you can open. However, [many years ago I added support...
We've had a fair few requests from folks about the `run.oci.*` extensions and why runc doesn't support them. Given that some of these extensions are likely not going to be...
If you run `runc` under `strace`, it will stall randomly. The stall always happens at the `execve` of the `runc init` process. This was discovered while doing #1018. I will...
While the original wording did not provide any justification for this, some runtimes have incorrectly treated a pids.limit value of 0 as being equivalent to "max" or otherwise handle it...
We need to switch to `go.mod` I believe, as `go run .tool/doc-version.go` doesn't work anymore without a `go.mod`: ``` % make docs go run ./.tool/version-doc.go > version.md .tool/version-doc.go:11:2: no required...
The docs state that storage-repo-branch and storage-repo-branch-coverage are optional, but the actual action description doesn't set the defaults which results in errors when trying to operate on storage-repo: warning: redirecting...
At the moment, we have to use a fork of https://github.com/vbatts/go-mtree that has support for rootless operations ([the fork](https://build.opensuse.org/projects/Virtualization:containers/packages/go-mtree/files/0001-gomtree-add-rootless-flag.patch?expand=1) basically just lets you switch the vfs API to `fseval.Rootless` if...