From e4ddad16bfe15ac1c1b6a0334df084bbb334d4e3 Mon Sep 17 00:00:00 2001
From: Chris <ccbrown112@gmail.com>
Date: Wed, 7 Mar 2018 12:43:26 -0600
Subject: plugin sandbox fixes (#8418)

---
 plugin/rpcplugin/sandbox/sandbox_linux.go | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

(limited to 'plugin')

diff --git a/plugin/rpcplugin/sandbox/sandbox_linux.go b/plugin/rpcplugin/sandbox/sandbox_linux.go
index dad485f68..4ade00cf2 100644
--- a/plugin/rpcplugin/sandbox/sandbox_linux.go
+++ b/plugin/rpcplugin/sandbox/sandbox_linux.go
@@ -267,7 +267,7 @@ func pivotRoot(newRoot string) error {
 func dropInheritableCapabilities() error {
 	type capHeader struct {
 		version uint32
-		pid     int
+		pid     int32
 	}
 
 	type capData struct {
@@ -425,6 +425,15 @@ func checkSupportInNamespace() error {
 		return errors.Wrapf(err, "unable to enable seccomp filter")
 	}
 
+	if f, err := os.Create(os.DevNull); err != nil {
+		return errors.Wrapf(err, "unable to open os.DevNull")
+	} else {
+		defer f.Close()
+		if _, err = f.Write([]byte("foo")); err != nil {
+			return errors.Wrapf(err, "unable to write to os.DevNull")
+		}
+	}
+
 	return nil
 }
 
-- 
cgit v1.2.3-1-g7c22