- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 20 for fsGroup (0.1 sec)
-
releasenotes/notes/drop-legacy-fsgroup-injection.yaml
John Howard <******@****.***> 1682631570 -0700
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Apr 27 21:39:30 UTC 2023 - 227 bytes - Viewed (0) -
pkg/volume/volume_linux.go
) // SetVolumeOwnership modifies the given volume to be owned by // fsGroup, and sets SetGid so that newly created files are owned by // fsGroup. If fsGroup is nil nothing is done. func SetVolumeOwnership(mounter Mounter, dir string, fsGroup *int64, fsGroupChangePolicy *v1.PodFSGroupChangePolicy, completeFunc func(types.CompleteFuncParam)) error { if fsGroup == nil { return nil } timer := time.AfterFunc(30*time.Second, func() {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Mon Apr 03 19:34:37 UTC 2023 - 6.5K bytes - Viewed (0) -
pkg/volume/flexvolume/mounter.go
os.Remove(dir) return err } // Implicit parameters if mounterArgs.FsGroup != nil { extraOptions[optionFSGroup] = strconv.FormatInt(int64(*mounterArgs.FsGroup), 10) } call.AppendSpec(f.spec, f.plugin.host, extraOptions) _, err = call.Run() if isCmdNotSupportedErr(err) {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Mon Apr 03 19:34:37 UTC 2023 - 2.9K bytes - Viewed (0) -
staging/src/k8s.io/client-go/applyconfigurations/core/v1/podsecuritycontext.go
return b } // WithFSGroup sets the FSGroup field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the FSGroup field is set to the value of the last call. func (b *PodSecurityContextApplyConfiguration) WithFSGroup(value int64) *PodSecurityContextApplyConfiguration { b.FSGroup = &value return b }
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed May 29 22:40:29 UTC 2024 - 8.1K bytes - Viewed (0) -
tests/integration/pilot/testdata/external-forward-proxy-deployment.yaml
app: external-forward-proxy template: metadata: labels: app: external-forward-proxy spec: securityContext: runAsUser: 65534 runAsGroup: 65534 fsGroup: 65534 containers: - name: external-forward-proxy image: envoyproxy/envoy:v1.21.0 imagePullPolicy: IfNotPresent volumeMounts: - name: external-forward-proxy-config
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Jul 11 08:07:45 UTC 2023 - 701 bytes - Viewed (0) -
pkg/volume/fc/disk_manager.go
DetachBlockFCDisk(disk fcDiskUnmapper, mntPath, devicePath string) error } // utility to mount a disk based filesystem func diskSetUp(manager diskManager, b fcDiskMounter, volPath string, mounter mount.Interface, fsGroup *int64, fsGroupChangePolicy *v1.PodFSGroupChangePolicy) error { globalPDPath := manager.MakeGlobalPDName(*b.fcDisk) noMnt, err := mounter.IsLikelyNotMountPoint(volPath) if err != nil && !os.IsNotExist(err) {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Mon Apr 03 19:34:37 UTC 2023 - 3K bytes - Viewed (0) -
pkg/volume/iscsi/disk_manager.go
// volPath: pod volume dir path like, /var/lib/kubelet/pods/{podUID}/volumes/kubernetes.io~iscsi/{volumeName} func diskSetUp(manager diskManager, b iscsiDiskMounter, volPath string, mounter mount.Interface, fsGroup *int64, fsGroupChangePolicy *v1.PodFSGroupChangePolicy) error { notMnt, err := mounter.IsLikelyNotMountPoint(volPath) if err != nil && !os.IsNotExist(err) { klog.Errorf("cannot validate mountpoint: %s", volPath) return err
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Mon Apr 03 19:34:37 UTC 2023 - 3.4K bytes - Viewed (0) -
samples/security/psp/sidecar-psp.yaml
spec: # Allow the istio sidecar injector to work allowedCapabilities: - NET_ADMIN - NET_RAW seLinux: rule: RunAsAny supplementalGroups: rule: RunAsAny runAsUser: rule: RunAsAny fsGroup: rule: RunAsAny volumes: - '*' --- kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: name: istio-sidecar-psp rules: - apiGroups: - extensions resources:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Nov 27 17:55:37 UTC 2023 - 881 bytes - Viewed (0) -
pkg/volume/volume_unsupported.go
limitations under the License. */ package volume import ( v1 "k8s.io/api/core/v1" "k8s.io/kubernetes/pkg/volume/util/types" ) func SetVolumeOwnership(mounter Mounter, dir string, fsGroup *int64, fsGroupChangePolicy *v1.PodFSGroupChangePolicy, completeFunc func(types.CompleteFuncParam)) error { return nil
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Mon Apr 03 19:34:37 UTC 2023 - 886 bytes - Viewed (0) -
pkg/kubelet/kuberuntime/security_context.go
if err != nil { return nil, err } synthesized.NamespaceOptions = namespaceOptions podSc := pod.Spec.SecurityContext if podSc != nil { if podSc.FSGroup != nil { synthesized.SupplementalGroups = append(synthesized.SupplementalGroups, int64(*podSc.FSGroup)) } if podSc.SupplementalGroups != nil { for _, sg := range podSc.SupplementalGroups {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed May 29 22:40:29 UTC 2024 - 5.2K bytes - Viewed (0)