diff options
author | Giuseppe Scrivano <gscrivan@redhat.com> | 2018-08-27 12:13:04 +0200 |
---|---|---|
committer | Atomic Bot <atomic-devel@projectatomic.io> | 2018-08-27 12:49:32 +0000 |
commit | bee654296baee423c43e903650e4b9ad568943c1 (patch) | |
tree | 2ecb87f931410ddf4c930175c03f8389076c69e0 /pkg/spec | |
parent | bbbdd45b2c901aa58a1f40eb93957908df271bf5 (diff) | |
download | podman-bee654296baee423c43e903650e4b9ad568943c1.tar.gz podman-bee654296baee423c43e903650e4b9ad568943c1.tar.bz2 podman-bee654296baee423c43e903650e4b9ad568943c1.zip |
rootless: fix --ipc=host
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #1349
Approved by: rhatdan
Diffstat (limited to 'pkg/spec')
-rw-r--r-- | pkg/spec/spec.go | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/pkg/spec/spec.go b/pkg/spec/spec.go index 8038dd6ba..ac894c00c 100644 --- a/pkg/spec/spec.go +++ b/pkg/spec/spec.go @@ -69,6 +69,16 @@ func CreateConfigToOCISpec(config *CreateConfig) (*spec.Spec, error) { //nolint } g.AddMount(devPts) } + if inUserNS && config.IpcMode.IsHost() { + g.RemoveMount("/dev/mqueue") + devMqueue := spec.Mount{ + Destination: "/dev/mqueue", + Type: "bind", + Source: "/dev/mqueue", + Options: []string{"bind", "nosuid", "noexec", "nodev"}, + } + g.AddMount(devMqueue) + } if addCgroup { cgroupMnt := spec.Mount{ |