summaryrefslogtreecommitdiff
path: root/pkg/specgen/specgen.go
diff options
context:
space:
mode:
authorAshley Cui <acui@redhat.com>2020-07-16 21:49:47 -0400
committerAshley Cui <acui@redhat.com>2020-07-21 14:22:30 -0400
commitd4d3fbc155419f4017064a65e718ad78d50115cc (patch)
tree4f73ccfa606a6f8a0d4de07749ce2323687b870d /pkg/specgen/specgen.go
parentdf6920aa79073b2767d24c6524367384b6284b31 (diff)
downloadpodman-d4d3fbc155419f4017064a65e718ad78d50115cc.tar.gz
podman-d4d3fbc155419f4017064a65e718ad78d50115cc.tar.bz2
podman-d4d3fbc155419f4017064a65e718ad78d50115cc.zip
Add --umask flag for create, run
--umask sets the umask inside the container Defaults to 0022 Co-authored-by: Daniel J Walsh <dwalsh@redhat.com> Signed-off-by: Ashley Cui <acui@redhat.com>
Diffstat (limited to 'pkg/specgen/specgen.go')
-rw-r--r--pkg/specgen/specgen.go2
1 files changed, 2 insertions, 0 deletions
diff --git a/pkg/specgen/specgen.go b/pkg/specgen/specgen.go
index c6079be33..84a6c36a0 100644
--- a/pkg/specgen/specgen.go
+++ b/pkg/specgen/specgen.go
@@ -287,6 +287,8 @@ type ContainerSecurityConfig struct {
// ReadOnlyFilesystem indicates that everything will be mounted
// as read-only
ReadOnlyFilesystem bool `json:"read_only_filesystem,omittempty"`
+ // Umask is the umask the init process of the container will be run with.
+ Umask string `json:"umask,omitempty"`
}
// ContainerCgroupConfig contains configuration information about a container's