vbatts/cri-o
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

add seccomp support

Browse source 
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
This commit is contained in:
Antonio Murdaca 2016-11-23 10:41:48 +01:00
parent 1bd0ba8516
commit 78ee03a8fc
No known key found for this signature in database
GPG key ID: B2BEAD150DE936B9
90 changed files with 4745 additions and 629 deletions
Download patch file Download diff file Expand all files Collapse all files

9
cmd/server/main.go
View file

@ -14,7 +14,7 @@ import (
"k8s.io/kubernetes/pkg/kubelet/api/v1alpha1/runtime"
)
const ociConfigPath = "/etc/ocid.conf"
const ociConfigPath = "/etc/ocid/ocid.conf"
func mergeConfig(config *server.Config, ctx *cli.Context) error {
// Don't parse the config if the user explicitly set it to "".
@ -56,6 +56,9 @@ func mergeConfig(config *server.Config, ctx *cli.Context) error {
if ctx.GlobalIsSet("selinux") {
config.SELinux = ctx.GlobalBool("selinux")
}
if ctx.GlobalIsSet("seccomp-profile") {
config.SeccompProfile = ctx.GlobalString("seccomp-profile")
}
return nil
}
@ -128,6 +131,10 @@ func main() {
Name: "sandboxdir",
Usage: "ocid pod sandbox dir",
},
cli.StringFlag{
Name: "seccomp-profile",
Usage: "default seccomp profile path",
},
cli.BoolFlag{
Name: "selinux",
Usage: "enable selinux support",