This repository was archived by the owner on Mar 9, 2022. It is now read-only.
Commit 1debf36
Set masked and readonly paths based on default Unix spec
The default values of masked and readonly paths are defined
in populateDefaultUnixSpec, and are used when a sandbox is
created. It is not, however, used for new containers. If
a container definition does not contain a security context
specifying masked/readonly paths, a container created from
it does not have masked and readonly paths.
This patch applies the default values to masked and
readonly paths of a new container, when any specific values
are not specified.
Fixes #1569
Signed-off-by: Yohei Ueda <[email protected]>
(cherry picked from commit b582da4)
Signed-off-by: Sebastiaan van Stijn <[email protected]>1 parent 26815e2 commit 1debf36
2 files changed
Lines changed: 9 additions & 5 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
182 | 182 | | |
183 | 183 | | |
184 | 184 | | |
185 | | - | |
| 185 | + | |
| 186 | + | |
| 187 | + | |
186 | 188 | | |
187 | 189 | | |
188 | 190 | | |
189 | | - | |
| 191 | + | |
| 192 | + | |
| 193 | + | |
190 | 194 | | |
191 | 195 | | |
192 | 196 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
959 | 959 | | |
960 | 960 | | |
961 | 961 | | |
962 | | - | |
| 962 | + | |
963 | 963 | | |
964 | 964 | | |
965 | 965 | | |
966 | | - | |
967 | | - | |
| 966 | + | |
| 967 | + | |
968 | 968 | | |
969 | 969 | | |
970 | 970 | | |
| |||
0 commit comments