From d4d3fbc155419f4017064a65e718ad78d50115cc Mon Sep 17 00:00:00 2001
From: Ashley Cui <acui@redhat.com>
Date: Thu, 16 Jul 2020 21:49:47 -0400
Subject: Add --umask flag for create, run

--umask sets the umask inside the container
Defaults to 0022

Co-authored-by: Daniel J Walsh <dwalsh@redhat.com>
Signed-off-by: Ashley Cui <acui@redhat.com>
---
 pkg/specgen/specgen.go | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'pkg/specgen/specgen.go')

diff --git a/pkg/specgen/specgen.go b/pkg/specgen/specgen.go
index c6079be33..84a6c36a0 100644
--- a/pkg/specgen/specgen.go
+++ b/pkg/specgen/specgen.go
@@ -287,6 +287,8 @@ type ContainerSecurityConfig struct {
 	// ReadOnlyFilesystem indicates that everything will be mounted
 	// as read-only
 	ReadOnlyFilesystem bool `json:"read_only_filesystem,omittempty"`
+	// Umask is the umask the init process of the container will be run with.
+	Umask string `json:"umask,omitempty"`
 }
 
 // ContainerCgroupConfig contains configuration information about a container's
-- 
cgit v1.2.3-54-g00ecf