From 3d83ba56d9830540c002fa6bfa69dbf662adf041 Mon Sep 17 00:00:00 2001
From: vagrant <vagrant@vagrant.vm>
Date: Tue, 29 Jun 2021 01:25:33 +0000
Subject: [PATCH] Add --pid to enable host pid namespace.

Signed-off-by: Shishir Mahajan <smahajan@roblox.com>
---
 README.md          |  1 +
 cmd/nerdctl/run.go | 14 ++++++++++++++
 2 files changed, 15 insertions(+)

diff --git a/README.md b/README.md
index 44249ae93ca..1675e7968cd 100644
--- a/README.md
+++ b/README.md
@@ -255,6 +255,7 @@ Basic flags:
 - :whale: `--rm`: Automatically remove the container when it exits
 - :whale: `--pull=(always|missing|never)`: Pull image before running
   - Default: "missing"
+- :whale: `--pid=(host)`: PID namespace to use
 
 Network flags:
 - :whale: `--net, --network=(bridge|host|none|<CNI>)`: Connect a container to a network
diff --git a/cmd/nerdctl/run.go b/cmd/nerdctl/run.go
index 3b22126d865..430cb73b449 100644
--- a/cmd/nerdctl/run.go
+++ b/cmd/nerdctl/run.go
@@ -131,6 +131,11 @@ var runCommand = &cli.Command{
 			Aliases: []string{"m"},
 			Usage:   "Memory limit",
 		},
+		// Enable host pid namespace
+		&cli.StringFlag{
+			Name:  "pid",
+			Usage: "PID namespace to use",
+		},
 		&cli.IntFlag{
 			Name:  "pids-limit",
 			Usage: "Tune container pids limit (set -1 for unlimited)",
@@ -484,6 +489,15 @@ func runAction(clicontext *cli.Context) error {
 		opts = append(opts, oci.WithDevShmSize(shmBytes/1024))
 	}
 
+	pidNs := strings.ToLower(clicontext.String("pid"))
+	if pidNs != "" {
+		if pidNs != "host" {
+			return fmt.Errorf("Invalid pid namespace. Set --pid=host to enable host pid namespace.")
+		} else {
+			opts = append(opts, oci.WithHostNamespace(specs.PIDNamespace))
+		}
+	}
+
 	rtCOpts, err := generateRuntimeCOpts(clicontext)
 	if err != nil {
 		return err