5ec852595b
Signed-off-by: zhangxiaoyu <zhangxiaoyu58@huawei.com> (cherry picked from commit 9c3acba9915c23718ae8a806daa49022a73756eb)
26 lines
987 B
Diff
26 lines
987 B
Diff
From 28ee9b5b9e09e0b9e4eaf87356af900d0e380ff0 Mon Sep 17 00:00:00 2001
|
|
From: zhongtao <zhongtao17@huawei.com>
|
|
Date: Thu, 30 Mar 2023 06:15:56 +0800
|
|
Subject: [PATCH 40/46] support setting pod to privilege
|
|
|
|
Signed-off-by: zhongtao <zhongtao17@huawei.com>
|
|
---
|
|
src/daemon/entry/cri/cri_security_context.cc | 1 +
|
|
1 file changed, 1 insertion(+)
|
|
|
|
diff --git a/src/daemon/entry/cri/cri_security_context.cc b/src/daemon/entry/cri/cri_security_context.cc
|
|
index 1cd9287d..b2843626 100644
|
|
--- a/src/daemon/entry/cri/cri_security_context.cc
|
|
+++ b/src/daemon/entry/cri/cri_security_context.cc
|
|
@@ -209,6 +209,7 @@ void ApplySandboxSecurityContext(const runtime::v1alpha2::LinuxPodSandboxConfig
|
|
}
|
|
if (lc.has_security_context()) {
|
|
const runtime::v1alpha2::LinuxSandboxSecurityContext &old = lc.security_context();
|
|
+ sc->set_privileged(old.privileged());
|
|
if (old.has_run_as_user()) {
|
|
*sc->mutable_run_as_user() = old.run_as_user();
|
|
}
|
|
--
|
|
2.25.1
|
|
|