diff options
| author | Giuseppe Scrivano <gscrivan@redhat.com> | 2018-06-01 13:11:54 +0200 |
|---|---|---|
| committer | Atomic Bot <atomic-devel@projectatomic.io> | 2018-06-15 14:53:18 +0000 |
| commit | ed0261176b2bd9ccd9a6cbf77727429429b8fedc (patch) | |
| tree | 14d219d94e67a51827cc9d42ced2dd3b83e12d2b | |
| parent | 1e8ef3c89756fbc7a9263c3c6c211c818c814c81 (diff) | |
| download | podman-ed0261176b2bd9ccd9a6cbf77727429429b8fedc.tar.gz podman-ed0261176b2bd9ccd9a6cbf77727429429b8fedc.tar.bz2 podman-ed0261176b2bd9ccd9a6cbf77727429429b8fedc.zip | |
spec: change mount options for /dev/pts in rootless mode
The default /dev/pts has the option gid=5 that might not be mapped in
the rootless case.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #871
Approved by: mheon
| -rw-r--r-- | pkg/spec/spec.go | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/pkg/spec/spec.go b/pkg/spec/spec.go index 75ab03e53..eb0746b2c 100644 --- a/pkg/spec/spec.go +++ b/pkg/spec/spec.go @@ -1,6 +1,7 @@ package createconfig import ( + "os" "strings" "github.com/docker/docker/daemon/caps" @@ -44,6 +45,16 @@ func CreateConfigToOCISpec(config *CreateConfig) (*spec.Spec, error) { //nolint } g.AddMount(sysMnt) } + if os.Getuid() != 0 { + g.RemoveMount("/dev/pts") + devPts := spec.Mount{ + Destination: "/dev/pts", + Type: "devpts", + Source: "devpts", + Options: []string{"nosuid", "noexec", "newinstance", "ptmxmode=0666", "mode=0620"}, + } + g.AddMount(devPts) + } if addCgroup { cgroupMnt := spec.Mount{ |