vbatts/cri-o
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

sandbox, ctrs: fixup seccomp for 1.8

Browse source 
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
This commit is contained in:
Antonio Murdaca 2017-09-27 20:46:31 +02:00
parent c70198617f
commit 7d7024999b
No known key found for this signature in database
GPG key ID: B2BEAD150DE936B9
10 changed files with 290 additions and 394 deletions
Download patch file Download diff file Expand all files Collapse all files

9
server/sandbox_run.go
View file

@ -504,6 +504,15 @@ func (s *Server) RunPodSandbox(ctx context.Context, req *pb.RunPodSandboxRequest
g.AddAnnotation(annotations.IP, ip)
sb.AddIP(ip)
spp := req.GetConfig().GetLinux().GetSecurityContext().GetSeccompProfilePath()
g.AddAnnotation(annotations.SeccompProfilePath, spp)
sb.SetSeccompProfilePath(spp)
if !privileged {
if err = s.setupSeccomp(&g, spp); err != nil {
return nil, err
}
}
err = g.SaveToFile(filepath.Join(podContainer.Dir, "config.json"), saveOptions)
if err != nil {
return nil, fmt.Errorf("failed to save template configuration for pod sandbox %s(%s): %v", sb.Name(), id, err)