vbatts/cri-o
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

sandbox, ctrs: fixup seccomp for 1.8

Browse source 
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
This commit is contained in:
Antonio Murdaca 2017-09-27 20:46:31 +02:00
parent c70198617f
commit 7d7024999b
No known key found for this signature in database
GPG key ID: B2BEAD150DE936B9
10 changed files with 290 additions and 394 deletions
Download patch file Download diff file Expand all files Collapse all files

5
libkpod/container_server.go
View file

@ -325,6 +325,8 @@ func (c *ContainerServer) LoadSandbox(id string) error {
return err
}
spp := m.Annotations[annotations.SeccompProfilePath]
kubeAnnotations := make(map[string]string)
if err = json.Unmarshal([]byte(m.Annotations[annotations.Annotations]), &kubeAnnotations); err != nil {
return err
@ -339,6 +341,7 @@ func (c *ContainerServer) LoadSandbox(id string) error {
}
sb.AddHostnamePath(m.Annotations[annotations.HostnamePath])
sb.AddIP(ip)
sb.SetSeccompProfilePath(spp)
// We add a netNS only if we can load a permanent one.
// Otherwise, the sandbox will live in the host namespace.
@ -516,6 +519,8 @@ func (c *ContainerServer) LoadContainer(id string) error {
}
ctr.SetSpec(&m)
ctr.SetMountPoint(m.Annotations[annotations.MountPoint])
spp := m.Annotations[annotations.SeccompProfilePath]
ctr.SetSeccompProfilePath(spp)
c.ContainerStateFromDisk(ctr)