Skip to content

Instantly share code, notes, and snippets.

View woshahua's full-sized avatar
🦍
On vacation

Fat Shady woshahua

🦍
On vacation
10 followers · 47 following
  • freee
  • Tokyo, Japan
View GitHub Profile
@woshahua
woshahua / docker.md
Created December 15, 2019 05:51
docker making tutorial
  • clone一个namespace隔离的进程???
  • fork什么意思

MountFlag

  • MSNOEXEC no other application is allowed to run inside this system
  • MS_NOSUID not allowed to do set-user-ID or set-group-ID
  • MS_NODEV this is a default parameter set for linux

syscall.Exec

  • what is the point, this is like run the command inside the system ?
  1. the first process inside the container, which PID = 1 is the process init