Number of bytes to allocate for tmpfsmounts (default: 4194304)
--disable_proc
Disable mounting /proc in the jail
+ --cgroup_mem_max VALUE
+ Maximum number of bytes to use in the group (default: '0' - disabled)
--cgroup_mem_mount VALUE
- Where to mount memory cgroup FS (default: '/cgroup_memory'
+ Location of memory cgroup FS (default: '/sys/fs/cgroup/memory')
--cgroup_mem_parent VALUE
- Which memory cgroup to use (default: 'NSJAIL')
- --cgroup_mem_max VALUE
- Maximum number of bytes to use in the group
+ Which pre-existing memory cgroup to use as a parent (default: 'NSJAIL')
--iface_no_lo
Don't bring up the 'lo' interface
--iface|-I VALUE
nsjail -Mr --chroot / -- /bin/echo "ABC"
Run echo command once only, as a sub-process
nsjail -Mo --chroot / -- /bin/echo "ABC"
- Execute echo command directly, without a supervising proces
+ Execute echo command directly, without a supervising process
+ nsjail -Me --chroot / --disable_proc -- /bin/echo "ABC"
```
* Use OOM-killer instead of making processes hang/sleep
*/
snprintf(fname, sizeof(fname), "%s/memory.oom_control", mem_cgroup_path);
- LOG_D("Writting '1' '%s'", fname);
+ LOG_D("Writting '0' '%s'", fname);
if (utilWriteBufToFile(fname, "0", strlen("0"), O_WRONLY) == false) {
LOG_E("Could not update memory cgroup oom control");
return false;
projects / platform / upstream / nsjail.git / commitdiff