aboutsummaryrefslogtreecommitdiff
path: root/pkg
diff options
context:
space:
mode:
Diffstat (limited to 'pkg')
-rw-r--r--pkg/api/handlers/compat/images_build.go2
-rw-r--r--pkg/bindings/images/build.go3
-rw-r--r--pkg/specgen/generate/config_linux.go23
3 files changed, 17 insertions, 11 deletions
diff --git a/pkg/api/handlers/compat/images_build.go b/pkg/api/handlers/compat/images_build.go
index 43478c1d3..415ff85cd 100644
--- a/pkg/api/handlers/compat/images_build.go
+++ b/pkg/api/handlers/compat/images_build.go
@@ -71,6 +71,7 @@ func BuildImage(w http.ResponseWriter, r *http.Request) {
ForceRm bool `schema:"forcerm"`
HTTPProxy bool `schema:"httpproxy"`
Labels string `schema:"labels"`
+ Layers bool `schema:"layers"`
MemSwap int64 `schema:"memswap"`
Memory int64 `schema:"memory"`
NetworkMode string `schema:"networkmode"`
@@ -165,6 +166,7 @@ func BuildImage(w http.ResponseWriter, r *http.Request) {
Registry: query.Registry,
IgnoreUnrecognizedInstructions: true,
Quiet: query.Quiet,
+ Layers: query.Layers,
Isolation: buildah.IsolationChroot,
Compression: archive.Gzip,
Args: buildArgs,
diff --git a/pkg/bindings/images/build.go b/pkg/bindings/images/build.go
index 815ab4e86..d34ab87d9 100644
--- a/pkg/bindings/images/build.go
+++ b/pkg/bindings/images/build.go
@@ -41,6 +41,9 @@ func Build(ctx context.Context, containerFiles []string, options entities.BuildO
if options.NoCache {
params.Set("nocache", "1")
}
+ if options.Layers {
+ params.Set("layers", "1")
+ }
// TODO cachefrom
if options.PullPolicy == buildah.PullAlways {
params.Set("pull", "1")
diff --git a/pkg/specgen/generate/config_linux.go b/pkg/specgen/generate/config_linux.go
index 1808f99b8..e0b039fb7 100644
--- a/pkg/specgen/generate/config_linux.go
+++ b/pkg/specgen/generate/config_linux.go
@@ -167,22 +167,23 @@ func BlockAccessToKernelFilesystems(privileged, pidModeIsHost bool, mask, unmask
g.AddLinuxMaskedPaths(mp)
}
}
+ for _, rp := range []string{
+ "/proc/asound",
+ "/proc/bus",
+ "/proc/fs",
+ "/proc/irq",
+ "/proc/sys",
+ "/proc/sysrq-trigger",
+ } {
+ if !util.StringInSlice(rp, unmask) {
+ g.AddLinuxReadonlyPaths(rp)
+ }
+ }
}
if pidModeIsHost && rootless.IsRootless() {
return
}
-
- for _, rp := range []string{
- "/proc/asound",
- "/proc/bus",
- "/proc/fs",
- "/proc/irq",
- "/proc/sys",
- "/proc/sysrq-trigger",
- } {
- g.AddLinuxReadonlyPaths(rp)
- }
}
// mask the paths provided by the user