Files

Sebastiaan van Stijn 1746a195e9 seccomp: allow adjtimex get time operation

Enabled adjtimex in the default profile without requiring CAP_SYS_TIME privilege.
The kernel will check CAP_SYS_TIME and won't allow setting the time.

Fixes: Getting the system time with ntptime returns an error in an unprivileged
container

To verify, inside a CentOS 7 container:

    yum install -y ntp
    ntptime
    # ntp_gettime() returns code 0 (OK)

    ntpdate -v time.nist.gov
    # ntpdate[84]: Can't adjust the time of day: Operation not permitted

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

2020-08-24 12:16:23 +02:00

apparmor

explicitly fail apparmor when !linux

2020-06-22 12:54:09 -04:00

autocomplete

Fix zsh autocomplete script

2020-02-11 19:56:27 +08:00

aws

Move snapshotters benchmark to a separate package

2019-04-02 14:42:21 -07:00

gce

Create etcd user in cloud init.

2020-08-11 09:15:11 -07:00

nvidia

fix mis-spelling in nvidia.go

2019-08-29 23:03:09 +08:00

seccomp

seccomp: allow adjtimex get time operation

2020-08-24 12:16:23 +02:00

snapshotservice

Add Cleanup to snapshot API

2020-01-07 14:59:20 -08:00

Dockerfile.test

Bump Golang 1.13.15

2020-08-08 15:07:28 +02:00

README.md

Add readme to contib

2017-09-18 11:47:27 -04:00

README.md

contrib

The contrib directory contains packages that do not belong in the core containerd packages but still contribute to overall containerd usability.

Package such as Apparmor or Selinux are placed in contrib because they are platform dependent and often require higher level tools and profiles to work.

Packaging and other built tools can be added to contrib to aid in packaging containerd for various distributions.

Testing

Code in the contrib directory may or may not have been tested in the normal test pipeline for core components.