From 28ee9b5b9e09e0b9e4eaf87356af900d0e380ff0 Mon Sep 17 00:00:00 2001
From: zhongtao <zhongtao17@huawei.com>
Date: Thu, 30 Mar 2023 06:15:56 +0800
Subject: [PATCH 40/46] support setting pod to privilege

Signed-off-by: zhongtao <zhongtao17@huawei.com>
---
 src/daemon/entry/cri/cri_security_context.cc | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/daemon/entry/cri/cri_security_context.cc b/src/daemon/entry/cri/cri_security_context.cc
index 1cd9287d..b2843626 100644
--- a/src/daemon/entry/cri/cri_security_context.cc
+++ b/src/daemon/entry/cri/cri_security_context.cc
@@ -209,6 +209,7 @@ void ApplySandboxSecurityContext(const runtime::v1alpha2::LinuxPodSandboxConfig
     }
     if (lc.has_security_context()) {
         const runtime::v1alpha2::LinuxSandboxSecurityContext &old = lc.security_context();
+        sc->set_privileged(old.privileged());
         if (old.has_run_as_user()) {
             *sc->mutable_run_as_user() = old.run_as_user();
         }
-- 
2.25.1