Add `skip_setsid` option to nsjail for sbox.

ABFS project uses the process group to trace all the file-system activities of a given build command. The assumption is that the build commands do not change the process group, otherwise some of the file operations can be missed. Bug: 376530561 Change-Id: Iff32df924e1cb20be2ce4dfe3355d833c0fb9e8e
author: Haamed Gheibi <haamed@google.com> 2024-11-13 13:27:53 -0800
committer: Haamed Gheibi <haamed@google.com> 2024-11-18 12:29:15 -0800
commit: c128dd7e43e13fef1af1cfbcc14a1bf64465be48 (patch)
tree: 9ee96cf186e5cc0b0d3ed83ad599364be34f46f0
parent: 51778812b42be9eb3f3855b44e43c820faf2d04f (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/android/rule_builder.go b/android/rule_builder.go
index 403c18418..a1573868b 100644
--- a/android/rule_builder.go
+++ b/android/rule_builder.go
@@ -611,6 +611,7 @@ func (r *RuleBuilder) build(name string, desc string, ninjaEscapeCommandString b
 		nsjailCmd.WriteString(" -m none:/tmp:tmpfs:size=1073741824") // 1GB, should be enough
 		nsjailCmd.WriteString(" -D nsjail_build_sandbox")
 		nsjailCmd.WriteString(" --disable_rlimits")
+		nsjailCmd.WriteString(" --skip_setsid") // ABFS relies on process-groups to track file operations
 		nsjailCmd.WriteString(" -q")
 		nsjailCmd.WriteString(" -- ")
 		nsjailCmd.WriteString("/bin/bash -c ")
author	Haamed Gheibi <haamed@google.com>	2024-11-13 13:27:53 -0800
committer	Haamed Gheibi <haamed@google.com>	2024-11-18 12:29:15 -0800
commit	c128dd7e43e13fef1af1cfbcc14a1bf64465be48 (patch)
tree	9ee96cf186e5cc0b0d3ed83ad599364be34f46f0
parent	51778812b42be9eb3f3855b44e43c820faf2d04f (diff)