mirror of
https://github.com/linuxkit/linuxkit.git
synced 2025-07-21 10:09:07 +00:00
Revert "runc: don't mount /dev with ro"
This reverts commit 380f36cc1a.
Now that runc includes a fix for this, this patch can be reverted
Signed-off-by: Frédéric Dalleau <frederic.dalleau@docker.com>
This commit is contained in:
Frédéric Dalleau
parent
be43e99310
commit
36853c74ef
@ -747,6 +747,9 @@ func ConfigToOCI(yaml *Image, config imagespec.ImageConfig, idMap map[string]uin
|
|||||||
// default options match what Docker does
|
// default options match what Docker does
|
||||||
procOptions := []string{"nosuid", "nodev", "noexec", "relatime"}
|
procOptions := []string{"nosuid", "nodev", "noexec", "relatime"}
|
||||||
devOptions := []string{"nosuid", "strictatime", "mode=755", "size=65536k"}
|
devOptions := []string{"nosuid", "strictatime", "mode=755", "size=65536k"}
|
||||||
|
if readonly {
|
||||||
|
devOptions = append(devOptions, "ro")
|
||||||
|
}
|
||||||
ptsOptions := []string{"nosuid", "noexec", "newinstance", "ptmxmode=0666", "mode=0620"}
|
ptsOptions := []string{"nosuid", "noexec", "newinstance", "ptmxmode=0666", "mode=0620"}
|
||||||
sysOptions := []string{"nosuid", "noexec", "nodev"}
|
sysOptions := []string{"nosuid", "noexec", "nodev"}
|
||||||
if readonly {
|
if readonly {
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user