vbatts/cri-o
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Add no-new-keyring flag to conmon

Browse source 
We want to pass the no-new-keyring through conmon down to the OCI
Runtime.

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
This commit is contained in:
Daniel J Walsh 2018-02-05 14:57:48 -05:00
parent 5345c6299a
commit 680e62a459
1 changed files with 9 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
conmon/conmon.c
View file

@ -114,6 +114,7 @@ static char *opt_exit_dir = NULL;
static int opt_timeout = 0; static int opt_timeout = 0;
static int64_t opt_log_size_max = -1; static int64_t opt_log_size_max = -1;
static char *opt_socket_path = DEFAULT_SOCKET_PATH; static char *opt_socket_path = DEFAULT_SOCKET_PATH;
static bool opt_no_new_keyring = false;
static GOptionEntry opt_entries[] = static GOptionEntry opt_entries[] =
{ {
{ "terminal", 't', 0, G_OPTION_ARG_NONE, &opt_terminal, "Terminal", NULL }, { "terminal", 't', 0, G_OPTION_ARG_NONE, &opt_terminal, "Terminal", NULL },
@ -122,7 +123,8 @@ static GOptionEntry opt_entries[] =
{ "cid", 'c', 0, G_OPTION_ARG_STRING, &opt_cid, "Container ID", NULL }, { "cid", 'c', 0, G_OPTION_ARG_STRING, &opt_cid, "Container ID", NULL },
{ "cuuid", 'u', 0, G_OPTION_ARG_STRING, &opt_cuuid, "Container UUID", NULL }, { "cuuid", 'u', 0, G_OPTION_ARG_STRING, &opt_cuuid, "Container UUID", NULL },
{ "runtime", 'r', 0, G_OPTION_ARG_STRING, &opt_runtime_path, "Runtime path", NULL }, { "runtime", 'r', 0, G_OPTION_ARG_STRING, &opt_runtime_path, "Runtime path", NULL },
{ "no-pivot", 0, 0, G_OPTION_ARG_NONE, &opt_no_pivot, "do not use pivot_root", NULL }, { "no-new_keyring", 0, 0, G_OPTION_ARG_NONE, &opt_no_new_keyring, "Do not create a new session keyring for the container", NULL },
{ "no-pivot", 0, 0, G_OPTION_ARG_NONE, &opt_no_pivot, "Do not use pivot_root", NULL },
{ "bundle", 'b', 0, G_OPTION_ARG_STRING, &opt_bundle_path, "Bundle path", NULL }, { "bundle", 'b', 0, G_OPTION_ARG_STRING, &opt_bundle_path, "Bundle path", NULL },
{ "pidfile", 'p', 0, G_OPTION_ARG_STRING, &opt_pid_file, "PID file", NULL }, { "pidfile", 'p', 0, G_OPTION_ARG_STRING, &opt_pid_file, "PID file", NULL },
{ "systemd-cgroup", 's', 0, G_OPTION_ARG_NONE, &opt_systemd_cgroup, "Enable systemd cgroup manager", NULL }, { "systemd-cgroup", 's', 0, G_OPTION_ARG_NONE, &opt_systemd_cgroup, "Enable systemd cgroup manager", NULL },
@ -1275,6 +1277,12 @@ int main(int argc, char *argv[])
NULL); NULL);
} }
if (!opt_exec && opt_no_new_keyring) {
add_argv(runtime_argv,
"--no-new-keyring",
NULL);
}
if (csname != NULL) { if (csname != NULL) {
add_argv(runtime_argv, add_argv(runtime_argv,
"--console-socket", csname, "--console-socket", csname,