From bee654296baee423c43e903650e4b9ad568943c1 Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Mon, 27 Aug 2018 12:13:04 +0200 Subject: rootless: fix --ipc=host Signed-off-by: Giuseppe Scrivano Closes: #1349 Approved by: rhatdan --- pkg/spec/spec.go | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'pkg/spec') diff --git a/pkg/spec/spec.go b/pkg/spec/spec.go index 8038dd6ba..ac894c00c 100644 --- a/pkg/spec/spec.go +++ b/pkg/spec/spec.go @@ -69,6 +69,16 @@ func CreateConfigToOCISpec(config *CreateConfig) (*spec.Spec, error) { //nolint } g.AddMount(devPts) } + if inUserNS && config.IpcMode.IsHost() { + g.RemoveMount("/dev/mqueue") + devMqueue := spec.Mount{ + Destination: "/dev/mqueue", + Type: "bind", + Source: "/dev/mqueue", + Options: []string{"bind", "nosuid", "noexec", "nodev"}, + } + g.AddMount(devMqueue) + } if addCgroup { cgroupMnt := spec.Mount{ -- cgit v1.2.3-54-g00ecf