github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

seccomp: kernel 5.12 (mount_setattr)

Browse Source 
Allow `mount_setattr` when `CAP_SYS_ADMIN` is granted.

See https://man7.org/linux/man-pages/man2/mount_setattr.2.html

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
This commit is contained in:
Akihiro Suda 2022-01-31 15:28:11 +09:00
parent 52b8ca5545
commit 1329ea3716
No known key found for this signature in database
GPG Key ID: 49524C6F9F638F1A
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
contrib/seccomp/seccomp_default.go
View File

@ -537,6 +537,7 @@ func DefaultProfile(sp *specs.Spec) *specs.LinuxSeccomp {
"fspick",
"lookup_dcookie",
"mount",
"mount_setattr",
"move_mount",
"name_to_handle_at",
"open_tree",