From 348f2df0c09e2e3b517add5271e6eee583800be3 Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Mon, 5 Oct 2020 16:33:09 -0400 Subject: Support max_size logoptions Docker supports log-opt max_size and so does conmon (ALthough poorly). Adding support for this allows users to at least make sure their containers logs do not become a DOS vector. Signed-off-by: Daniel J Walsh --- pkg/specgen/generate/container_create.go | 3 +++ pkg/specgen/specgen.go | 3 +++ 2 files changed, 6 insertions(+) (limited to 'pkg') diff --git a/pkg/specgen/generate/container_create.go b/pkg/specgen/generate/container_create.go index 147450703..105e36bc6 100644 --- a/pkg/specgen/generate/container_create.go +++ b/pkg/specgen/generate/container_create.go @@ -260,6 +260,9 @@ func createContainerOptions(ctx context.Context, rt *libpod.Runtime, s *specgen. if len(s.LogConfiguration.Path) > 0 { options = append(options, libpod.WithLogPath(s.LogConfiguration.Path)) } + if s.LogConfiguration.Size > 0 { + options = append(options, libpod.WithMaxLogSize(s.LogConfiguration.Size)) + } if len(s.LogConfiguration.Options) > 0 && s.LogConfiguration.Options["tag"] != "" { // Note: I'm really guessing here. options = append(options, libpod.WithLogTag(s.LogConfiguration.Options["tag"])) diff --git a/pkg/specgen/specgen.go b/pkg/specgen/specgen.go index b8f37ec7a..fa4af7b2b 100644 --- a/pkg/specgen/specgen.go +++ b/pkg/specgen/specgen.go @@ -19,6 +19,9 @@ type LogConfig struct { // Only available if LogDriver is set to "json-file" or "k8s-file". // Optional. Path string `json:"path,omitempty"` + // Size is the maximimup size of the log file + // Optional. + Size int64 `json:"size,omitempty"` // A set of options to accompany the log driver. // Optional. Options map[string]string `json:"options,omitempty"` -- cgit v1.2.3-54-g00ecf