github/kata-containers
1
0
Fork 1
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-04-29 20:24:31 +00:00
Code Issues Projects Releases Wiki Activity

rustjail: allow network sysctls

Browse Source 
The network ns is shared with the guest skip looking for it
in the spec

Fixes: #1228
Signed-off-by: Snir Sheriber <ssheribe@redhat.com>
This commit is contained in:
Snir Sheriber 2021-01-05 16:36:22 +02:00
parent 91c6ba74fa
commit 894fa42a57
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/agent/rustjail/src/validator.rs
View File

@ -207,6 +207,11 @@ fn sysctl(oci: &Spec) -> Result<()> {
}
}
if key.starts_with("net.") {
// the network ns is shared with the guest, don't expect to find it in spec
continue;
}
if contain_namespace(&linux.namespaces, "uts") {
if key == "kernel.domainname" {
continue;