From 720fb219cea1fea99c2bba1d01f771eb43b2000b Mon Sep 17 00:00:00 2001 From: Rolf Neugebauer Date: Mon, 25 Dec 2017 15:32:57 +0100 Subject: [PATCH 1/2] pkg/sysctl: Prevent ebpf privilege escalation On 4.9.x and 4.14.x kernels ebpf verifier bugs allow ebpf programs to access (read/write) random memory. Setting kernel.unprivileged_bpf_disabled=1 mitigates this somewhat until it is fixed upstream. See: - https://lwn.net/Articles/742170 - https://lwn.net/Articles/742169 Signed-off-by: Rolf Neugebauer --- pkg/sysctl/etc/sysctl.d/00-linuxkit.conf | 3 +++ 1 file changed, 3 insertions(+) diff --git a/pkg/sysctl/etc/sysctl.d/00-linuxkit.conf b/pkg/sysctl/etc/sysctl.d/00-linuxkit.conf index db498738e..9e7f17dfa 100644 --- a/pkg/sysctl/etc/sysctl.d/00-linuxkit.conf +++ b/pkg/sysctl/etc/sysctl.d/00-linuxkit.conf @@ -26,3 +26,6 @@ kernel.dmesg_restrict = 1 kernel.perf_event_paranoid = 3 fs.protected_hardlinks = 1 fs.protected_symlinks = 1 +# Prevent ebpf privilege escalation +# see: https://lwn.net/Articles/742170 +kernel.unprivileged_bpf_disabled=1 From 9b3f2b301ea581cac57959e8657824e7ef22443d Mon Sep 17 00:00:00 2001 From: Rolf Neugebauer Date: Mon, 25 Dec 2017 15:52:30 +0100 Subject: [PATCH 2/2] Update YAML files with new sysctl package Signed-off-by: Rolf Neugebauer --- blueprints/docker-for-mac/base.yml | 2 +- examples/aws.yml | 2 +- examples/azure.yml | 2 +- examples/cadvisor.yml | 2 +- examples/docker.yml | 2 +- examples/gcp.yml | 2 +- examples/getty.yml | 2 +- examples/openstack.yml | 2 +- examples/packet.yml | 2 +- examples/sshd.yml | 2 +- examples/swap.yml | 2 +- examples/tpm.yml | 2 +- examples/vmware.yml | 2 +- examples/vultr.yml | 2 +- examples/wireguard.yml | 2 +- linuxkit.yml | 2 +- projects/compose/compose-dynamic.yml | 2 +- projects/compose/compose-static.yml | 2 +- projects/etcd/etcd.yml | 2 +- projects/etcd/prom-us-central1-f.yml | 2 +- projects/ima-namespace/ima-namespace.yml | 2 +- projects/logging/examples/logging.yml | 2 +- projects/miragesdk/examples/fdd.yml | 2 +- projects/miragesdk/examples/mirage-dhcp.yml | 2 +- projects/okernel/examples/okernel_simple.yaml | 2 +- projects/shiftfs/shiftfs.yml | 2 +- projects/swarmd/swarmd.yml | 2 +- test/cases/030_security/000_docker-bench/test.yml | 2 +- test/cases/040_packages/003_containerd/test.yml | 2 +- test/cases/040_packages/019_sysctl/test.yml | 2 +- 30 files changed, 30 insertions(+), 30 deletions(-) diff --git a/blueprints/docker-for-mac/base.yml b/blueprints/docker-for-mac/base.yml index c4382b56e..36be49797 100644 --- a/blueprints/docker-for-mac/base.yml +++ b/blueprints/docker-for-mac/base.yml @@ -13,7 +13,7 @@ onboot: - name: metadata image: linuxkit/metadata:2af15c9f4b0e73515c219b7cc14e6e65e1d4fd6d - name: sysctl - image: linuxkit/sysctl:ce3bde5118a41092f1b7048c85d14fb35237ed45 + image: linuxkit/sysctl:db575765635dab6dd1164fce5a39782e0f646b84 - name: sysfs image: linuxkit/sysfs:1284b4a7061a5cc426425f0fb00748192505a05f - name: binfmt diff --git a/examples/aws.yml b/examples/aws.yml index 72cb4d293..272570fef 100644 --- a/examples/aws.yml +++ b/examples/aws.yml @@ -8,7 +8,7 @@ init: - linuxkit/ca-certificates:de21b84d9b055ad9dcecc57965b654a7a24ef8e0 onboot: - name: sysctl - image: linuxkit/sysctl:ce3bde5118a41092f1b7048c85d14fb35237ed45 + image: linuxkit/sysctl:db575765635dab6dd1164fce5a39782e0f646b84 - name: dhcpcd image: linuxkit/dhcpcd:0d59a6cc03412289ef4313f2491ec666c1715cc9 command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] diff --git a/examples/azure.yml b/examples/azure.yml index 98d57bccf..679207188 100644 --- a/examples/azure.yml +++ b/examples/azure.yml @@ -8,7 +8,7 @@ init: - linuxkit/ca-certificates:de21b84d9b055ad9dcecc57965b654a7a24ef8e0 onboot: - name: sysctl - image: linuxkit/sysctl:ce3bde5118a41092f1b7048c85d14fb35237ed45 + image: linuxkit/sysctl:db575765635dab6dd1164fce5a39782e0f646b84 services: - name: rngd image: linuxkit/rngd:94e01a4b16fadb053455cdc2269c4eb0b39199cd diff --git a/examples/cadvisor.yml b/examples/cadvisor.yml index 6949761ac..8ea1338a8 100644 --- a/examples/cadvisor.yml +++ b/examples/cadvisor.yml @@ -8,7 +8,7 @@ init: - linuxkit/ca-certificates:de21b84d9b055ad9dcecc57965b654a7a24ef8e0 onboot: - name: sysctl - image: linuxkit/sysctl:ce3bde5118a41092f1b7048c85d14fb35237ed45 + image: linuxkit/sysctl:db575765635dab6dd1164fce5a39782e0f646b84 - name: dhcpcd image: linuxkit/dhcpcd:0d59a6cc03412289ef4313f2491ec666c1715cc9 command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] diff --git a/examples/docker.yml b/examples/docker.yml index 8f012dce8..e4e8d9a93 100644 --- a/examples/docker.yml +++ b/examples/docker.yml @@ -8,7 +8,7 @@ init: - linuxkit/ca-certificates:de21b84d9b055ad9dcecc57965b654a7a24ef8e0 onboot: - name: sysctl - image: linuxkit/sysctl:ce3bde5118a41092f1b7048c85d14fb35237ed45 + image: linuxkit/sysctl:db575765635dab6dd1164fce5a39782e0f646b84 - name: sysfs image: linuxkit/sysfs:1284b4a7061a5cc426425f0fb00748192505a05f - name: format diff --git a/examples/gcp.yml b/examples/gcp.yml index ed186b6d5..0d946dba3 100644 --- a/examples/gcp.yml +++ b/examples/gcp.yml @@ -8,7 +8,7 @@ init: - linuxkit/ca-certificates:de21b84d9b055ad9dcecc57965b654a7a24ef8e0 onboot: - name: sysctl - image: linuxkit/sysctl:ce3bde5118a41092f1b7048c85d14fb35237ed45 + image: linuxkit/sysctl:db575765635dab6dd1164fce5a39782e0f646b84 - name: dhcpcd image: linuxkit/dhcpcd:0d59a6cc03412289ef4313f2491ec666c1715cc9 command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] diff --git a/examples/getty.yml b/examples/getty.yml index bdf1f83ae..b25bd312c 100644 --- a/examples/getty.yml +++ b/examples/getty.yml @@ -8,7 +8,7 @@ init: - linuxkit/ca-certificates:de21b84d9b055ad9dcecc57965b654a7a24ef8e0 onboot: - name: sysctl - image: linuxkit/sysctl:ce3bde5118a41092f1b7048c85d14fb35237ed45 + image: linuxkit/sysctl:db575765635dab6dd1164fce5a39782e0f646b84 - name: dhcpcd image: linuxkit/dhcpcd:0d59a6cc03412289ef4313f2491ec666c1715cc9 command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] diff --git a/examples/openstack.yml b/examples/openstack.yml index b86502265..f17c546ea 100644 --- a/examples/openstack.yml +++ b/examples/openstack.yml @@ -8,7 +8,7 @@ init: - linuxkit/ca-certificates:de21b84d9b055ad9dcecc57965b654a7a24ef8e0 onboot: - name: sysctl - image: linuxkit/sysctl:ce3bde5118a41092f1b7048c85d14fb35237ed45 + image: linuxkit/sysctl:db575765635dab6dd1164fce5a39782e0f646b84 - name: dhcpcd image: linuxkit/dhcpcd:0d59a6cc03412289ef4313f2491ec666c1715cc9 command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] diff --git a/examples/packet.yml b/examples/packet.yml index f5dc46044..16e49ae78 100644 --- a/examples/packet.yml +++ b/examples/packet.yml @@ -11,7 +11,7 @@ onboot: image: linuxkit/rngd:94e01a4b16fadb053455cdc2269c4eb0b39199cd command: ["/sbin/rngd", "-1"] - name: sysctl - image: linuxkit/sysctl:ce3bde5118a41092f1b7048c85d14fb35237ed45 + image: linuxkit/sysctl:db575765635dab6dd1164fce5a39782e0f646b84 - name: dhcpcd image: linuxkit/dhcpcd:0d59a6cc03412289ef4313f2491ec666c1715cc9 command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] diff --git a/examples/sshd.yml b/examples/sshd.yml index 7a6e222bc..4d228f80a 100644 --- a/examples/sshd.yml +++ b/examples/sshd.yml @@ -8,7 +8,7 @@ init: - linuxkit/ca-certificates:de21b84d9b055ad9dcecc57965b654a7a24ef8e0 onboot: - name: sysctl - image: linuxkit/sysctl:ce3bde5118a41092f1b7048c85d14fb35237ed45 + image: linuxkit/sysctl:db575765635dab6dd1164fce5a39782e0f646b84 - name: rngd1 image: linuxkit/rngd:94e01a4b16fadb053455cdc2269c4eb0b39199cd command: ["/sbin/rngd", "-1"] diff --git a/examples/swap.yml b/examples/swap.yml index fab5e9e2d..27e180b49 100644 --- a/examples/swap.yml +++ b/examples/swap.yml @@ -8,7 +8,7 @@ init: - linuxkit/ca-certificates:de21b84d9b055ad9dcecc57965b654a7a24ef8e0 onboot: - name: sysctl - image: linuxkit/sysctl:ce3bde5118a41092f1b7048c85d14fb35237ed45 + image: linuxkit/sysctl:db575765635dab6dd1164fce5a39782e0f646b84 - name: dhcpcd image: linuxkit/dhcpcd:0d59a6cc03412289ef4313f2491ec666c1715cc9 command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] diff --git a/examples/tpm.yml b/examples/tpm.yml index 876d8f676..2d7d5e9f6 100644 --- a/examples/tpm.yml +++ b/examples/tpm.yml @@ -8,7 +8,7 @@ init: - linuxkit/ca-certificates:de21b84d9b055ad9dcecc57965b654a7a24ef8e0 onboot: - name: sysctl - image: linuxkit/sysctl:ce3bde5118a41092f1b7048c85d14fb35237ed45 + image: linuxkit/sysctl:db575765635dab6dd1164fce5a39782e0f646b84 - name: dhcpcd image: linuxkit/dhcpcd:0d59a6cc03412289ef4313f2491ec666c1715cc9 command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] diff --git a/examples/vmware.yml b/examples/vmware.yml index 7a0c0cdee..4c4a0b7e1 100644 --- a/examples/vmware.yml +++ b/examples/vmware.yml @@ -8,7 +8,7 @@ init: - linuxkit/ca-certificates:de21b84d9b055ad9dcecc57965b654a7a24ef8e0 onboot: - name: sysctl - image: linuxkit/sysctl:ce3bde5118a41092f1b7048c85d14fb35237ed45 + image: linuxkit/sysctl:db575765635dab6dd1164fce5a39782e0f646b84 services: - name: getty image: linuxkit/getty:22e27189b6b354e1d5d38fc0536a5af3f2adb79f diff --git a/examples/vultr.yml b/examples/vultr.yml index ed186b6d5..0d946dba3 100644 --- a/examples/vultr.yml +++ b/examples/vultr.yml @@ -8,7 +8,7 @@ init: - linuxkit/ca-certificates:de21b84d9b055ad9dcecc57965b654a7a24ef8e0 onboot: - name: sysctl - image: linuxkit/sysctl:ce3bde5118a41092f1b7048c85d14fb35237ed45 + image: linuxkit/sysctl:db575765635dab6dd1164fce5a39782e0f646b84 - name: dhcpcd image: linuxkit/dhcpcd:0d59a6cc03412289ef4313f2491ec666c1715cc9 command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] diff --git a/examples/wireguard.yml b/examples/wireguard.yml index b5a666f70..bd9b9aae0 100644 --- a/examples/wireguard.yml +++ b/examples/wireguard.yml @@ -8,7 +8,7 @@ init: - linuxkit/ca-certificates:de21b84d9b055ad9dcecc57965b654a7a24ef8e0 onboot: - name: sysctl - image: linuxkit/sysctl:ce3bde5118a41092f1b7048c85d14fb35237ed45 + image: linuxkit/sysctl:db575765635dab6dd1164fce5a39782e0f646b84 - name: dhcpcd image: linuxkit/dhcpcd:0d59a6cc03412289ef4313f2491ec666c1715cc9 command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] diff --git a/linuxkit.yml b/linuxkit.yml index e94b208db..c733487fe 100644 --- a/linuxkit.yml +++ b/linuxkit.yml @@ -8,7 +8,7 @@ init: - linuxkit/ca-certificates:de21b84d9b055ad9dcecc57965b654a7a24ef8e0 onboot: - name: sysctl - image: linuxkit/sysctl:ce3bde5118a41092f1b7048c85d14fb35237ed45 + image: linuxkit/sysctl:db575765635dab6dd1164fce5a39782e0f646b84 - name: dhcpcd image: linuxkit/dhcpcd:0d59a6cc03412289ef4313f2491ec666c1715cc9 command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] diff --git a/projects/compose/compose-dynamic.yml b/projects/compose/compose-dynamic.yml index eb5f8fbee..3e224996e 100644 --- a/projects/compose/compose-dynamic.yml +++ b/projects/compose/compose-dynamic.yml @@ -8,7 +8,7 @@ init: - linuxkit/ca-certificates:de21b84d9b055ad9dcecc57965b654a7a24ef8e0 onboot: - name: sysctl - image: linuxkit/sysctl:ce3bde5118a41092f1b7048c85d14fb35237ed45 + image: linuxkit/sysctl:db575765635dab6dd1164fce5a39782e0f646b84 - name: sysfs image: linuxkit/sysfs:1284b4a7061a5cc426425f0fb00748192505a05f - name: dhcpcd diff --git a/projects/compose/compose-static.yml b/projects/compose/compose-static.yml index 24813cd80..47af3ec42 100644 --- a/projects/compose/compose-static.yml +++ b/projects/compose/compose-static.yml @@ -8,7 +8,7 @@ init: - linuxkit/ca-certificates:de21b84d9b055ad9dcecc57965b654a7a24ef8e0 onboot: - name: sysctl - image: linuxkit/sysctl:ce3bde5118a41092f1b7048c85d14fb35237ed45 + image: linuxkit/sysctl:db575765635dab6dd1164fce5a39782e0f646b84 - name: sysfs image: linuxkit/sysfs:1284b4a7061a5cc426425f0fb00748192505a05f - name: dhcpcd diff --git a/projects/etcd/etcd.yml b/projects/etcd/etcd.yml index 3a9c861c0..03ab5f023 100644 --- a/projects/etcd/etcd.yml +++ b/projects/etcd/etcd.yml @@ -8,7 +8,7 @@ init: - linuxkit/ca-certificates:de21b84d9b055ad9dcecc57965b654a7a24ef8e0 onboot: - name: sysctl - image: linuxkit/sysctl:ce3bde5118a41092f1b7048c85d14fb35237ed45 + image: linuxkit/sysctl:db575765635dab6dd1164fce5a39782e0f646b84 - name: format image: linuxkit/format:e945016ec780a788a71dcddc81497d54d3b14bc7 - name: mount diff --git a/projects/etcd/prom-us-central1-f.yml b/projects/etcd/prom-us-central1-f.yml index 9585e53ad..bdc2bfd8c 100644 --- a/projects/etcd/prom-us-central1-f.yml +++ b/projects/etcd/prom-us-central1-f.yml @@ -8,7 +8,7 @@ init: - mobylinux/ca-certificates:eabc5a6e59f05aa91529d80e9a595b85b046f935 onboot: - name: sysctl - image: linuxkit/sysctl:ce3bde5118a41092f1b7048c85d14fb35237ed45 + image: linuxkit/sysctl:db575765635dab6dd1164fce5a39782e0f646b84 - name: dhcpcd image: linuxkit/dhcpcd:0d59a6cc03412289ef4313f2491ec666c1715cc9 command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] diff --git a/projects/ima-namespace/ima-namespace.yml b/projects/ima-namespace/ima-namespace.yml index a79036e27..40f4298eb 100644 --- a/projects/ima-namespace/ima-namespace.yml +++ b/projects/ima-namespace/ima-namespace.yml @@ -9,7 +9,7 @@ init: - linuxkit/ima-utils:dfeb3896fd29308b80ff9ba7fe5b8b767e40ca29 onboot: - name: sysctl - image: linuxkit/sysctl:ce3bde5118a41092f1b7048c85d14fb35237ed45 + image: linuxkit/sysctl:db575765635dab6dd1164fce5a39782e0f646b84 - name: dhcpcd image: linuxkit/dhcpcd:0d59a6cc03412289ef4313f2491ec666c1715cc9 command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] diff --git a/projects/logging/examples/logging.yml b/projects/logging/examples/logging.yml index 9b6653a8d..75c99b9a8 100644 --- a/projects/logging/examples/logging.yml +++ b/projects/logging/examples/logging.yml @@ -9,7 +9,7 @@ init: - linuxkit/memlogd:9b5834189f598f43c507f6938077113906f51012 onboot: - name: sysctl - image: linuxkit/sysctl:ce3bde5118a41092f1b7048c85d14fb35237ed45 + image: linuxkit/sysctl:db575765635dab6dd1164fce5a39782e0f646b84 - name: dhcpcd image: linuxkit/dhcpcd:0d59a6cc03412289ef4313f2491ec666c1715cc9 command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] diff --git a/projects/miragesdk/examples/fdd.yml b/projects/miragesdk/examples/fdd.yml index 2869780ec..718bd4c00 100644 --- a/projects/miragesdk/examples/fdd.yml +++ b/projects/miragesdk/examples/fdd.yml @@ -9,7 +9,7 @@ init: - samoht/fdd onboot: - name: sysctl - image: linuxkit/sysctl:ce3bde5118a41092f1b7048c85d14fb35237ed45 + image: linuxkit/sysctl:db575765635dab6dd1164fce5a39782e0f646b84 services: - name: getty image: linuxkit/getty:22e27189b6b354e1d5d38fc0536a5af3f2adb79f diff --git a/projects/miragesdk/examples/mirage-dhcp.yml b/projects/miragesdk/examples/mirage-dhcp.yml index 17b47afa0..ae912737c 100644 --- a/projects/miragesdk/examples/mirage-dhcp.yml +++ b/projects/miragesdk/examples/mirage-dhcp.yml @@ -7,7 +7,7 @@ init: - linuxkit/containerd:e58a382c33bb509ba3e0e8170dfaa5a100504c5b onboot: - name: sysctl - image: linuxkit/sysctl:ce3bde5118a41092f1b7048c85d14fb35237ed45 + image: linuxkit/sysctl:db575765635dab6dd1164fce5a39782e0f646b84 - name: dhcp-client image: miragesdk/dhcp-client:22aa9d527820534295a8cd59901c0c5197af6585 net: host diff --git a/projects/okernel/examples/okernel_simple.yaml b/projects/okernel/examples/okernel_simple.yaml index eed18ae8e..3c924abd6 100644 --- a/projects/okernel/examples/okernel_simple.yaml +++ b/projects/okernel/examples/okernel_simple.yaml @@ -8,7 +8,7 @@ init: - linuxkit/ca-certificates:de21b84d9b055ad9dcecc57965b654a7a24ef8e0 onboot: - name: sysctl - image: linuxkit/sysctl:ce3bde5118a41092f1b7048c85d14fb35237ed45 + image: linuxkit/sysctl:db575765635dab6dd1164fce5a39782e0f646b84 services: - name: dhcpcd image: linuxkit/dhcpcd:0d59a6cc03412289ef4313f2491ec666c1715cc9 diff --git a/projects/shiftfs/shiftfs.yml b/projects/shiftfs/shiftfs.yml index cfff15346..0139bba08 100644 --- a/projects/shiftfs/shiftfs.yml +++ b/projects/shiftfs/shiftfs.yml @@ -8,7 +8,7 @@ init: - linuxkit/ca-certificates:de21b84d9b055ad9dcecc57965b654a7a24ef8e0 onboot: - name: sysctl - image: linuxkit/sysctl:ce3bde5118a41092f1b7048c85d14fb35237ed45 + image: linuxkit/sysctl:db575765635dab6dd1164fce5a39782e0f646b84 - name: dhcpcd image: linuxkit/dhcpcd:0d59a6cc03412289ef4313f2491ec666c1715cc9 command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] diff --git a/projects/swarmd/swarmd.yml b/projects/swarmd/swarmd.yml index adc085a9e..5703d62ef 100644 --- a/projects/swarmd/swarmd.yml +++ b/projects/swarmd/swarmd.yml @@ -8,7 +8,7 @@ init: - linuxkit/ca-certificates:de21b84d9b055ad9dcecc57965b654a7a24ef8e0 onboot: - name: sysctl - image: linuxkit/sysctl:ce3bde5118a41092f1b7048c85d14fb35237ed45 + image: linuxkit/sysctl:db575765635dab6dd1164fce5a39782e0f646b84 binds: - /etc/sysctl.d/01-swarmd.conf:/etc/sysctl.d/01-swarmd.conf - name: dhcpcd diff --git a/test/cases/030_security/000_docker-bench/test.yml b/test/cases/030_security/000_docker-bench/test.yml index 7ef5b989f..0d0c0bc0c 100644 --- a/test/cases/030_security/000_docker-bench/test.yml +++ b/test/cases/030_security/000_docker-bench/test.yml @@ -8,7 +8,7 @@ init: - linuxkit/ca-certificates:de21b84d9b055ad9dcecc57965b654a7a24ef8e0 onboot: - name: sysctl - image: linuxkit/sysctl:ce3bde5118a41092f1b7048c85d14fb35237ed45 + image: linuxkit/sysctl:db575765635dab6dd1164fce5a39782e0f646b84 - name: sysfs image: linuxkit/sysfs:1284b4a7061a5cc426425f0fb00748192505a05f - name: format diff --git a/test/cases/040_packages/003_containerd/test.yml b/test/cases/040_packages/003_containerd/test.yml index a16189907..f91212eaa 100644 --- a/test/cases/040_packages/003_containerd/test.yml +++ b/test/cases/040_packages/003_containerd/test.yml @@ -11,7 +11,7 @@ onboot: image: linuxkit/dhcpcd:0d59a6cc03412289ef4313f2491ec666c1715cc9 command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] - name: sysctl - image: linuxkit/sysctl:ce3bde5118a41092f1b7048c85d14fb35237ed45 + image: linuxkit/sysctl:db575765635dab6dd1164fce5a39782e0f646b84 - name: format image: linuxkit/format:e945016ec780a788a71dcddc81497d54d3b14bc7 - name: mount diff --git a/test/cases/040_packages/019_sysctl/test.yml b/test/cases/040_packages/019_sysctl/test.yml index b01e03f80..cbeebb419 100644 --- a/test/cases/040_packages/019_sysctl/test.yml +++ b/test/cases/040_packages/019_sysctl/test.yml @@ -6,7 +6,7 @@ init: - linuxkit/runc:abc3f292653e64a2fd488e9675ace19a55ec7023 onboot: - name: sysctl - image: linuxkit/sysctl:ce3bde5118a41092f1b7048c85d14fb35237ed45 + image: linuxkit/sysctl:db575765635dab6dd1164fce5a39782e0f646b84 - name: test image: alpine:3.7 net: host