Justin Cormack
80c9cee485
Make /run nosuid,noexec
...
This was not sufficiently locked down.
Fix #720
Signed-off-by: Justin Cormack <justin.cormack@docker.com >
2016-11-23 12:08:53 +00:00
Justin Cormack
0032e8dcfc
Fix shared mount of /run
...
Needs util-linux for now, see https://github.com/docker/moby/issues/424
Signed-off-by: Justin Cormack <justin.cormack@docker.com >
2016-08-22 23:04:57 +01:00
Justin Cormack
06dd021782
Busybox mount will not mount shared, so add a bind
...
Signed-off-by: Justin Cormack <justin.cormack@docker.com >
2016-08-22 19:09:24 +01:00
Justin Cormack
398ade787e
Mount /run as shared
...
This is needed for volume drivers as they will mount their
volumes under here, and if they are running in a container
docker on the host will need to see these.
Also provide our own fstab, removes the media devices that were
there previously.
Signed-off-by: Justin Cormack <justin.cormack@docker.com >
2016-08-09 11:46:08 +01:00
Justin Cormack
bc0288a2eb
Add in startup code for the pinata specific tools. Should be split out as packages later
...
Signed-off-by: Justin Cormack <justin.cormack@unikernel.com >
2015-12-10 11:26:58 +00:00
Justin Cormack
d82559a915
add fstab for docker mac to mount 9p filesystems, harmless if fails
...
Signed-off-by: Justin Cormack <justin.cormack@unikernel.com >
2015-12-09 15:51:48 +00:00
