github/containerd
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

Fix privileged devices.

Browse Source 
Signed-off-by: Lantao Liu <lantaol@google.com>
This commit is contained in:
Lantao Liu
2019-12-09 17:42:14 -08:00
parent 78708b20c7
commit 0c2d3b718d
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
pkg/server/container_create_unix.go
View File

@@ -170,7 +170,7 @@ func (c *criService) containerSpec(id string, sandboxID string, sandboxPid uint3
}
specOpts = append(specOpts, oci.WithPrivileged)
if !ociRuntime.PrivilegedWithoutHostDevices {
specOpts = append(specOpts, oci.WithHostDevices)
specOpts = append(specOpts, oci.WithHostDevices, oci.WithAllDevicesAllowed)
}
} else { // not privileged
specOpts = append(specOpts, customopts.WithDevices(c.os, config), customopts.WithCapabilities(securityContext))