From 3259a5b36608cfc4a2a7fe759c4ededcf631bf31 Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Wed, 25 Mar 2020 17:09:21 +0900 Subject: [PATCH] move --enable-sandbox out of experimental Fix #177 Signed-off-by: Akihiro Suda --- main.c | 6 +++--- slirp4netns.1 | 4 ++-- slirp4netns.1.md | 4 ++-- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/main.c b/main.c index 1b07ad3..2272368 100644 --- a/main.c +++ b/main.c @@ -327,8 +327,9 @@ static void usage(const char *argv0) "default=%s)\n", DEFAULT_NETNS_TYPE); printf("--userns-path=PATH specify user namespace path\n"); - printf("--enable-sandbox create a new mount namespace and drop all " - "capabilities except CAP_NET_BIND_SERVICE (experimental)\n"); + printf( + "--enable-sandbox create a new mount namespace (and drop all " + "caps except CAP_NET_BIND_SERVICE if running as the root)\n"); printf("--enable-seccomp enable seccomp to limit syscalls " "(experimental)\n"); /* others */ @@ -493,7 +494,6 @@ static void parse_args(int argc, char *const argv[], struct options *options) "--enable-sandbox instead.\n"); /* FALLTHROUGH */ case ENABLE_SANDBOX: - printf("WARNING: Support for sandboxing is experimental\n"); options->enable_sandbox = true; break; case ENABLE_SECCOMP: diff --git a/slirp4netns.1 b/slirp4netns.1 index 7d3594b..c57c424 100644 --- a/slirp4netns.1 +++ b/slirp4netns.1 @@ -1,5 +1,5 @@ .nh -.TH SLIRP4NETNS 1 "August 2019" "Rootless Containers" "User Commands" +.TH SLIRP4NETNS 1 "March 2020" "Rootless Containers" "User Commands" .SH NAME .PP @@ -87,7 +87,7 @@ specify network namespace type ([path|pid], default=pid) specify user namespace path .PP -\fB\-\-enable\-sandbox\fP (since v0.4.0, EXPERIMENTAL) +\fB\-\-enable\-sandbox\fP (since v0.4.0) enter the user namespace and create a new mount namespace where only /etc and /run are mounted from the host. diff --git a/slirp4netns.1.md b/slirp4netns.1.md index ef2e724..445aebb 100644 --- a/slirp4netns.1.md +++ b/slirp4netns.1.md @@ -1,4 +1,4 @@ -SLIRP4NETNS 1 "August 2019" "Rootless Containers" "User Commands" +SLIRP4NETNS 1 "March 2020" "Rootless Containers" "User Commands" ================================================== # NAME @@ -62,7 +62,7 @@ specify network namespace type ([path|pid], default=pid) **--userns-path=PATH** (since v0.4.0) specify user namespace path -**--enable-sandbox** (since v0.4.0, EXPERIMENTAL) +**--enable-sandbox** (since v0.4.0) enter the user namespace and create a new mount namespace where only /etc and /run are mounted from the host.