github/linuxkit
1
0
Fork 0
mirror of https://github.com/linuxkit/linuxkit.git synced 2025-10-31 12:07:48 +00:00
Code Issues Projects Releases Wiki Activity

Add the standard options Docker sets for /proc

Browse Source 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
This commit is contained in:
Justin Cormack
2017-04-05 11:40:22 +01:00
parent dd58bd75eb
commit 297f41e25a
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/cmd/moby/config.go
View File

@@ -116,6 +116,7 @@ func ConfigInspectToOCI(image *MobyImage, inspect types.ImageInspect) ([]byte, e
if cwd == "" { if cwd == "" {
cwd = "/" cwd = "/"
} }
procOptions := []string{"nosuid", "nodev", "noexec", "relatime"}
devOptions := []string{"nosuid", "strictatime", "mode=755", "size=65536k"} devOptions := []string{"nosuid", "strictatime", "mode=755", "size=65536k"}
if image.Readonly { if image.Readonly {
devOptions = append(devOptions, "ro") devOptions = append(devOptions, "ro")
@@ -128,7 +129,7 @@ func ConfigInspectToOCI(image *MobyImage, inspect types.ImageInspect) ([]byte, e
cgroupOptions := []string{"nosuid", "noexec", "nodev", "relatime", "ro"} cgroupOptions := []string{"nosuid", "noexec", "nodev", "relatime", "ro"}
// note omits "standard" /dev/shm and /dev/mqueue // note omits "standard" /dev/shm and /dev/mqueue
mounts := []specs.Mount{ mounts := []specs.Mount{
{Destination: "/proc", Type: "proc", Source: "proc"}, {Destination: "/proc", Type: "proc", Source: "proc", Options: procOptions},
{Destination: "/dev", Type: "tmpfs", Source: "tmpfs", Options: devOptions}, {Destination: "/dev", Type: "tmpfs", Source: "tmpfs", Options: devOptions},
{Destination: "/dev/pts", Type: "devpts", Source: "devpts", Options: ptsOptions}, {Destination: "/dev/pts", Type: "devpts", Source: "devpts", Options: ptsOptions},
{Destination: "/sys", Type: "sysfs", Source: "sysfs", Options: sysOptions}, {Destination: "/sys", Type: "sysfs", Source: "sysfs", Options: sysOptions},