diff options
| author | OpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com> | 2019-11-08 12:37:49 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-11-08 12:37:49 +0100 |
| commit | 92af260346676ce8dcf2be19d95bfed55124a3aa (patch) | |
| tree | 2112a19ba95287179b0a44bbd90719a86d317c5d /pkg/spec/storage.go | |
| parent | 3463a7194c504790e73a1750109c1813a7c3cfe9 (diff) | |
| parent | dcf3c742b1ac4d641d66810113f3d17441a412f4 (diff) | |
| download | podman-92af260346676ce8dcf2be19d95bfed55124a3aa.tar.gz podman-92af260346676ce8dcf2be19d95bfed55124a3aa.tar.bz2 podman-92af260346676ce8dcf2be19d95bfed55124a3aa.zip | |
Merge pull request #4265 from haircommander/infra-namespaces-submit
Split up create config handling of namespaces and security
Diffstat (limited to 'pkg/spec/storage.go')
| -rw-r--r-- | pkg/spec/storage.go | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/pkg/spec/storage.go b/pkg/spec/storage.go index e30bdfc67..79c065b5d 100644 --- a/pkg/spec/storage.go +++ b/pkg/spec/storage.go @@ -160,7 +160,7 @@ func (config *CreateConfig) parseVolumes(runtime *libpod.Runtime) ([]spec.Mount, } // If requested, add tmpfs filesystems for read-only containers. - if config.ReadOnlyRootfs && config.ReadOnlyTmpfs { + if config.Security.ReadOnlyRootfs && config.Security.ReadOnlyTmpfs { readonlyTmpfs := []string{"/tmp", "/var/tmp", "/run"} options := []string{"rw", "rprivate", "nosuid", "nodev", "tmpcopyup"} for _, dest := range readonlyTmpfs { @@ -807,7 +807,7 @@ func (config *CreateConfig) addContainerInitBinary(path string) (spec.Mount, err if path == "" { return mount, fmt.Errorf("please specify a path to the container-init binary") } - if !config.PidMode.IsPrivate() { + if !config.Pid.PidMode.IsPrivate() { return mount, fmt.Errorf("cannot add init binary as PID 1 (PID namespace isn't private)") } if config.Systemd { |