opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-06-13 11:44:19 +08:00
Code Issues Packages Projects Releases Wiki Activity

spec: change mount options for /dev/pts in rootless mode

Browse Source 
The default /dev/pts has the option gid=5 that might not be mapped in
the rootless case.

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>

Closes: #871
Approved by: mheon
This commit is contained in:
Giuseppe Scrivano
2018-06-01 13:11:54 +02:00
committed by Atomic Bot
parent 1e8ef3c897
commit ed0261176b
1 changed files with 11 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
pkg/spec/spec.go
View File

@ -1,6 +1,7 @@
package createconfig package createconfig
import ( import (
"os"
"strings" "strings"
"github.com/docker/docker/daemon/caps" "github.com/docker/docker/daemon/caps"
@ -44,6 +45,16 @@ func CreateConfigToOCISpec(config *CreateConfig) (*spec.Spec, error) { //nolint
} }
g.AddMount(sysMnt) g.AddMount(sysMnt)
} }
if os.Getuid() != 0 {
g.RemoveMount("/dev/pts")
devPts := spec.Mount{
Destination: "/dev/pts",
Type: "devpts",
Source: "devpts",
Options: []string{"nosuid", "noexec", "newinstance", "ptmxmode=0666", "mode=0620"},
}
g.AddMount(devPts)
}
if addCgroup { if addCgroup {
cgroupMnt := spec.Mount{ cgroupMnt := spec.Mount{