github/containerd
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

Add --seccomp flag to ctr

Browse Source 
This enables testing of containers with the default seccomp profile

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
This commit is contained in:
Michael Crosby
2019-08-29 11:07:17 -04:00
parent 86f8be86e1
commit 779701b29c
4 changed files with 34 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
cmd/ctr/commands/run/run_unix.go
View File

@@ -26,6 +26,7 @@ import (
"github.com/containerd/containerd"
"github.com/containerd/containerd/cmd/ctr/commands"
"github.com/containerd/containerd/contrib/nvidia"
"github.com/containerd/containerd/contrib/seccomp"
"github.com/containerd/containerd/oci"
"github.com/containerd/containerd/platforms"
"github.com/opencontainers/runtime-spec/specs-go"
@@ -126,6 +127,9 @@ func NewContainer(ctx gocontext.Context, client *containerd.Client, context *cli
if context.Bool("net-host") {
opts = append(opts, oci.WithHostNamespace(specs.NetworkNamespace), oci.WithHostHostsFile, oci.WithHostResolvconf)
}
if context.Bool("seccomp") {
opts = append(opts, seccomp.WithDefaultProfile())
}
joinNs := context.StringSlice("with-ns")
for _, ns := range joinNs {