Skip to content

Commit a3b9322

Browse files
daryllimytdaryllimyt
committed
fix: keep agent-executor nsjail opt-in
1 parent cee86be commit a3b9322

1 file changed

Lines changed: 4 additions & 4 deletions

File tree

docker-compose.dev.yml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -345,10 +345,10 @@ services:
345345
target: development
346346
restart: unless-stopped
347347
# Required for nsjail sandbox (agent runtime isolation)
348-
cap_add:
349-
- SYS_ADMIN
350-
security_opt:
351-
- seccomp:unconfined
348+
# cap_add:
349+
# - SYS_ADMIN
350+
# security_opt:
351+
# - seccomp:unconfined
352352
# Required for pasta userspace networking (creates TAP device in sandbox netns)
353353
# devices:
354354
# - /dev/net/tun:/dev/net/tun

0 commit comments

Comments
 (0)