diff options
Diffstat (limited to 'pkg')
-rw-r--r-- | pkg/domain/entities/pods.go | 1 | ||||
-rw-r--r-- | pkg/specgen/generate/container_create.go | 4 | ||||
-rw-r--r-- | pkg/specgen/specgen.go | 4 | ||||
-rw-r--r-- | pkg/specgenutil/specgen.go | 3 |
4 files changed, 12 insertions, 0 deletions
diff --git a/pkg/domain/entities/pods.go b/pkg/domain/entities/pods.go index 6fb3db1b5..da93d3f8b 100644 --- a/pkg/domain/entities/pods.go +++ b/pkg/domain/entities/pods.go @@ -263,6 +263,7 @@ type ContainerCreateOptions struct { Workdir string SeccompPolicy string PidFile string + ChrootDirs []string IsInfra bool IsClone bool diff --git a/pkg/specgen/generate/container_create.go b/pkg/specgen/generate/container_create.go index c0b23953f..8ab0eae5a 100644 --- a/pkg/specgen/generate/container_create.go +++ b/pkg/specgen/generate/container_create.go @@ -526,6 +526,10 @@ func createContainerOptions(ctx context.Context, rt *libpod.Runtime, s *specgen. options = append(options, libpod.WithPidFile(s.PidFile)) } + if len(s.ChrootDirs) != 0 { + options = append(options, libpod.WithChrootDirs(s.ChrootDirs)) + } + options = append(options, libpod.WithSelectedPasswordManagement(s.Passwd)) return options, nil diff --git a/pkg/specgen/specgen.go b/pkg/specgen/specgen.go index 7f6f79b87..27d77af9f 100644 --- a/pkg/specgen/specgen.go +++ b/pkg/specgen/specgen.go @@ -301,6 +301,10 @@ type ContainerStorageConfig struct { // Volatile specifies whether the container storage can be optimized // at the cost of not syncing all the dirty files in memory. Volatile bool `json:"volatile,omitempty"` + // ChrootDirs is an additional set of directories that need to be + // treated as root directories. Standard bind mounts will be mounted + // into paths relative to these directories. + ChrootDirs []string `json:"chroot_directories,omitempty"` } // ContainerSecurityConfig is a container's security features, including diff --git a/pkg/specgenutil/specgen.go b/pkg/specgenutil/specgen.go index b037e14cc..b87da61fb 100644 --- a/pkg/specgenutil/specgen.go +++ b/pkg/specgenutil/specgen.go @@ -819,6 +819,9 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *entities.ContainerCreateOptions if !s.UnsetEnvAll { s.UnsetEnvAll = c.UnsetEnvAll } + if len(s.ChrootDirs) == 0 || len(c.ChrootDirs) != 0 { + s.ChrootDirs = c.ChrootDirs + } // Initcontainers if len(s.InitContainerType) == 0 || len(c.InitContainerType) != 0 { |