github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

Fix mounts for FreeBSD

Browse Source 
Signed-off-by: Gijs Peskens <gijs@peskens.net>
This commit is contained in:
Gijs Peskens 2021-05-10 14:56:01 +00:00
parent 1987f0ad1a
commit e1fd6be7e8
3 changed files with 93 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
oci/spec.go
View File

@ -161,50 +161,6 @@ func populateDefaultUnixSpec(ctx context.Context, s *Spec, id string) error {
},
},
},
Mounts: []specs.Mount{
{
Destination: "/proc",
Type: "proc",
Source: "proc",
Options: []string{"nosuid", "noexec", "nodev"},
},
{
Destination: "/dev",
Type: "tmpfs",
Source: "tmpfs",
Options: []string{"nosuid", "strictatime", "mode=755", "size=65536k"},
},
{
Destination: "/dev/pts",
Type: "devpts",
Source: "devpts",
Options: []string{"nosuid", "noexec", "newinstance", "ptmxmode=0666", "mode=0620", "gid=5"},
},
{
Destination: "/dev/shm",
Type: "tmpfs",
Source: "shm",
Options: []string{"nosuid", "noexec", "nodev", "mode=1777", "size=65536k"},
},
{
Destination: "/dev/mqueue",
Type: "mqueue",
Source: "mqueue",
Options: []string{"nosuid", "noexec", "nodev"},
},
{
Destination: "/sys",
Type: "sysfs",
Source: "sysfs",
Options: []string{"nosuid", "noexec", "nodev", "ro"},
},
{
Destination: "/run",
Type: "tmpfs",
Source: "tmpfs",
Options: []string{"nosuid", "strictatime", "mode=755", "size=65536k"},
},
},
Linux: &specs.Linux{
MaskedPaths: []string{
"/proc/acpi",
@ -237,6 +193,7 @@ func populateDefaultUnixSpec(ctx context.Context, s *Spec, id string) error {
Namespaces: defaultUnixNamespaces(),
},
}
s.Mounts = defaultMounts()
return nil
}

40
oci/spec_freebsd.go Normal file
View File

@ -0,0 +1,40 @@
package oci
import (
specs "github.com/opencontainers/runtime-spec/specs-go"
)
func defaultMounts() []specs.Mount {
return []specs.Mount{
{
Destination: "/proc",
Type: "procfs",
Source: "proc",
Options: []string{"nosuid", "noexec"},
},
{
Destination: "/dev",
Type: "devfs",
Source: "devfs",
Options: []string{},
},
{
Destination: "/dev/fd",
Type: "fdescfs",
Source: "fdescfs",
Options: []string{},
},
{
Destination: "/dev/mqueue",
Type: "mqueue",
Source: "mqueue",
Options: []string{"nosuid", "noexec"},
},
{
Destination: "/dev/shm",
Type: "tmpfs",
Source: "shm",
Options: []string{"nosuid", "noexec", "mode=1777"},
},
}
}

52
oci/spec_linux.go Normal file
View File

@ -0,0 +1,52 @@
package oci
import (
specs "github.com/opencontainers/runtime-spec/specs-go"
)
func defaultMounts() []specs.Mount {
return []specs.Mount{
{
Destination: "/proc",
Type: "proc",
Source: "proc",
Options: []string{"nosuid", "noexec", "nodev"},
},
{
Destination: "/dev",
Type: "tmpfs",
Source: "tmpfs",
Options: []string{"nosuid", "strictatime", "mode=755", "size=65536k"},
},
{
Destination: "/dev/pts",
Type: "devpts",
Source: "devpts",
Options: []string{"nosuid", "noexec", "newinstance", "ptmxmode=0666", "mode=0620", "gid=5"},
},
{
Destination: "/dev/shm",
Type: "tmpfs",
Source: "shm",
Options: []string{"nosuid", "noexec", "nodev", "mode=1777", "size=65536k"},
},
{
Destination: "/dev/mqueue",
Type: "mqueue",
Source: "mqueue",
Options: []string{"nosuid", "noexec", "nodev"},
},
{
Destination: "/sys",
Type: "sysfs",
Source: "sysfs",
Options: []string{"nosuid", "noexec", "nodev", "ro"},
},
{
Destination: "/run",
Type: "tmpfs",
Source: "tmpfs",
Options: []string{"nosuid", "strictatime", "mode=755", "size=65536k"},
},
}
}