summaryrefslogtreecommitdiff
path: root/pkg/domain
diff options
context:
space:
mode:
authorcdoern <cdoern@redhat.com>2021-12-20 10:23:08 -0500
committercdoern <cdoern@redhat.com>2021-12-21 17:19:41 -0500
commit20ce6e5c6031bd4180514ec412760a294f8a83a2 (patch)
treed725886615e4353e46cd30a73df188257ff7ade0 /pkg/domain
parentf45070ee0e63ea26e475e618ff32a498096fa561 (diff)
downloadpodman-20ce6e5c6031bd4180514ec412760a294f8a83a2.tar.gz
podman-20ce6e5c6031bd4180514ec412760a294f8a83a2.tar.bz2
podman-20ce6e5c6031bd4180514ec412760a294f8a83a2.zip
Podman run --passwd
added support for a new flag --passwd which, when false prohibits podman from creating entries in /etc/passwd and /etc/groups allowing users to modify those files in the container entrypoint resolves #11805 Signed-off-by: cdoern <cdoern@redhat.com>
Diffstat (limited to 'pkg/domain')
-rw-r--r--pkg/domain/entities/containers.go1
-rw-r--r--pkg/domain/infra/abi/containers.go1
2 files changed, 2 insertions, 0 deletions
diff --git a/pkg/domain/entities/containers.go b/pkg/domain/entities/containers.go
index 1677c067f..ae441b7f3 100644
--- a/pkg/domain/entities/containers.go
+++ b/pkg/domain/entities/containers.go
@@ -341,6 +341,7 @@ type ContainerRunOptions struct {
Rm bool
SigProxy bool
Spec *specgen.SpecGenerator
+ Passwd bool
}
// ContainerRunReport describes the results of running
diff --git a/pkg/domain/infra/abi/containers.go b/pkg/domain/infra/abi/containers.go
index d1af4a479..bf4dcff62 100644
--- a/pkg/domain/infra/abi/containers.go
+++ b/pkg/domain/infra/abi/containers.go
@@ -927,6 +927,7 @@ func (ic *ContainerEngine) ContainerRun(ctx context.Context, opts entities.Conta
for _, w := range warn {
fmt.Fprintf(os.Stderr, "%s\n", w)
}
+
rtSpec, spec, optsN, err := generate.MakeContainer(ctx, ic.Libpod, opts.Spec)
if err != nil {
return nil, err