github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity
1,914 Commits 3 Branches 2 Tags 112 MiB
72edf3016d
Commit Graph

7 Commits

Author SHA1 Message Date
Michael Crosby
72edf3016d Use new SELinux APIs 
This moves most of the API calls off of the `labels` package onto the root
selinux package.  This is the newer API for most selinux operations.

Signed-off-by: Michael Crosby <michael@thepasture.io>
 2020-05-26 15:18:46 -04:00
Darren Shepherd
24209b91bf Add MCS label support 
Carry of #1246

Signed-off-by: Darren Shepherd <darren@rancher.com>
Signed-off-by: Michael Crosby <michael@thepasture.io>
 2020-05-20 13:59:51 -05:00
Maksym Pavlenko
38f19f991e Add config flag to default empty seccomp profile 
This changes adds `default_seccomp_profile` config switch to apply default seccomp profile when not provided by k8s.a

Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2020-05-08 13:24:38 -07:00
Mike Brown
1b60224e2e use containerd/project header test 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2020-04-22 19:35:37 -05:00
Akihiro Suda
aaddaa2732 bump up the default runtime to "io.containerd.runc.v2" 
The former default runtime "io.containerd.runc.v1" won't support new features
like support for cgroup v2: containerd/containerd#3726

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2019-12-16 11:53:58 +09:00
Li Yuxuan
dbc1fb37d0 Provide resolvConf to sandbox container's mounts 
As https://github.com/kata-containers/runtime/issues/1603 discussed,
kata relies on such mount spec to setup resolv.conf for pod VM properly.

Signed-off-by: Li Yuxuan <liyuxuan04@baidu.com>
 2019-11-28 12:05:05 +08:00
Lantao Liu
50c73e6dc5 Move unix specific logic into _unix.go 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2019-09-03 16:23:42 -07:00