aboutsummaryrefslogtreecommitdiff
path: root/libpod
diff options
context:
space:
mode:
authorbaude <bbaude@redhat.com>2018-02-20 12:09:28 -0600
committerAtomic Bot <atomic-devel@projectatomic.io>2018-02-24 09:15:47 +0000
commit5e7979f016d6cf1a6a050810af47c75ea16a2c9e (patch)
tree72b0cf958531ea26cf493954be9bc9213a5e5b2d /libpod
parent831dc488833e055dce1f1ba4c09f09346c85b67d (diff)
downloadpodman-5e7979f016d6cf1a6a050810af47c75ea16a2c9e.tar.gz
podman-5e7979f016d6cf1a6a050810af47c75ea16a2c9e.tar.bz2
podman-5e7979f016d6cf1a6a050810af47c75ea16a2c9e.zip
Address review comments
Review comments to delete WithNoNew function and its append. Signed-off-by: baude <bbaude@redhat.com> Closes: #369 Approved by: rhatdan
Diffstat (limited to 'libpod')
-rw-r--r--libpod/container_api.go3
-rw-r--r--libpod/options.go12
2 files changed, 2 insertions, 13 deletions
diff --git a/libpod/container_api.go b/libpod/container_api.go
index f79be4ac7..eeba36a44 100644
--- a/libpod/container_api.go
+++ b/libpod/container_api.go
@@ -236,11 +236,12 @@ func (c *Container) Exec(tty, privileged bool, env, cmd []string, user string) e
globalOpts := runcGlobalOptions{
log: c.LogPath(),
}
+
execOpts := runcExecOptions{
capAdd: capList,
pidFile: filepath.Join(c.state.RunDir, fmt.Sprintf("%s-execpid", stringid.GenerateNonCryptoID()[:12])),
env: env,
- noNewPrivs: c.config.NoNewPrivs,
+ noNewPrivs: c.config.Spec.Process.NoNewPrivileges,
user: user,
cwd: c.config.Spec.Process.Cwd,
tty: tty,
diff --git a/libpod/options.go b/libpod/options.go
index 6982a26c2..56e8fa203 100644
--- a/libpod/options.go
+++ b/libpod/options.go
@@ -272,18 +272,6 @@ func WithPrivileged(privileged bool) CtrCreateOption {
}
}
-// WithNoNewPrivs sets the noNewPrivs flag in the container runtime
-func WithNoNewPrivs(noNewPrivs bool) CtrCreateOption {
- return func(ctr *Container) error {
- if ctr.valid {
- return ErrCtrFinalized
- }
-
- ctr.config.NoNewPrivs = noNewPrivs
- return nil
- }
-}
-
// WithSELinuxLabels sets the mount label for SELinux
func WithSELinuxLabels(processLabel, mountLabel string) CtrCreateOption {
return func(ctr *Container) error {