From c1a0e2cd1660d77c984c51f337a75e31e3e6fb10 Mon Sep 17 00:00:00 2001
From: Bill Nottingham <notting@splat.cc>
Date: Wed, 7 Feb 2018 15:47:03 -0500
Subject: [PATCH] Have bubblewrap mount a new /proc in the wrapped environment.

Since we're running with a new pid namespace, we should have
a new /proc that is in that namespace. Otherwise things will
be weird.
---
 awx/main/utils/common.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/awx/main/utils/common.py b/awx/main/utils/common.py
index f2ea63c4ed..c32821169a 100644
--- a/awx/main/utils/common.py
+++ b/awx/main/utils/common.py
@@ -766,7 +766,7 @@ def wrap_args_with_proot(args, cwd, **kwargs):
     '''
     from django.conf import settings
     cwd = os.path.realpath(cwd)
-    new_args = [getattr(settings, 'AWX_PROOT_CMD', 'bwrap'), '--unshare-pid', '--dev-bind', '/', '/']
+    new_args = [getattr(settings, 'AWX_PROOT_CMD', 'bwrap'), '--unshare-pid', '--dev-bind', '/', '/', '--proc', '/proc']
     hide_paths = [settings.AWX_PROOT_BASE_PATH]
     if not kwargs.get('isolated'):
         hide_paths.extend(['/etc/tower', '/var/lib/awx', '/var/log',