opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-05-21 09:05:56 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #8806 from rhatdan/keyring

Browse Source 
Pass down EnableKeyring from containers.conf to conmon
This commit is contained in:
OpenShift Merge Robot
2020-12-23 21:41:25 +01:00
committed by GitHub
parent 61a2262e39 b0a738ce79
commit 9ac5ed1e08
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
libpod/oci_conmon_linux.go
View File

@ -69,6 +69,7 @@ type ConmonOCIRuntime struct {
supportsKVM bool supportsKVM bool
supportsNoCgroups bool supportsNoCgroups bool
sdNotify bool sdNotify bool
enableKeyring bool
} }
// Make a new Conmon-based OCI runtime with the given options. // Make a new Conmon-based OCI runtime with the given options.
@ -107,6 +108,7 @@ func newConmonOCIRuntime(name string, paths []string, conmonPath string, runtime
runtime.noPivot = runtimeCfg.Engine.NoPivotRoot runtime.noPivot = runtimeCfg.Engine.NoPivotRoot
runtime.reservePorts = runtimeCfg.Engine.EnablePortReservation runtime.reservePorts = runtimeCfg.Engine.EnablePortReservation
runtime.sdNotify = runtimeCfg.Engine.SDNotify runtime.sdNotify = runtimeCfg.Engine.SDNotify
runtime.enableKeyring = runtimeCfg.Containers.EnableKeyring
// TODO: probe OCI runtime for feature and enable automatically if // TODO: probe OCI runtime for feature and enable automatically if
// available. // available.
@ -1021,6 +1023,9 @@ func (r *ConmonOCIRuntime) createOCIContainer(ctr *Container, restoreOptions *Co
args = append(args, "-i") args = append(args, "-i")
} }
if !r.enableKeyring {
args = append(args, "--no-new-keyring")
}
if ctr.config.ConmonPidFile != "" { if ctr.config.ConmonPidFile != "" {
args = append(args, "--conmon-pidfile", ctr.config.ConmonPidFile) args = append(args, "--conmon-pidfile", ctr.config.ConmonPidFile)
} }