- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 21 for seLinuxOptions (0.19 sec)
-
pkg/securitycontext/util.go
return effectiveSc } if effectiveSc == nil && containerSc != nil { return containerSc } if containerSc.SELinuxOptions != nil { effectiveSc.SELinuxOptions = new(v1.SELinuxOptions) *effectiveSc.SELinuxOptions = *containerSc.SELinuxOptions } if containerSc.WindowsOptions != nil { // only override fields that are set at the container level, not the whole thing
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed Feb 15 07:28:24 UTC 2023 - 7.5K bytes - Viewed (0) -
pkg/volume/util/selinux.go
"k8s.io/kubernetes/pkg/features" "k8s.io/kubernetes/pkg/volume" ) // SELinuxLabelTranslator translates v1.SELinuxOptions of a process to SELinux file label. type SELinuxLabelTranslator interface { // SELinuxOptionsToFileLabel returns SELinux file label for given SELinuxOptions // of a container process. // When Role, User or Type are empty, they're read from the system defaults.
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Tue Feb 20 14:40:21 UTC 2024 - 6.3K bytes - Viewed (0) -
pkg/kubelet/kuberuntime/security_context.go
if securityContext == nil { return nil } sc := &runtimeapi.LinuxContainerSecurityContext{ Capabilities: convertToRuntimeCapabilities(securityContext.Capabilities), SelinuxOptions: convertToRuntimeSELinuxOption(securityContext.SELinuxOptions), } if securityContext.RunAsUser != nil { sc.RunAsUser = &runtimeapi.Int64Value{Value: int64(*securityContext.RunAsUser)} } if securityContext.RunAsGroup != nil {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed May 29 22:40:29 UTC 2024 - 5.2K bytes - Viewed (0) -
pkg/kubelet/kuberuntime/kuberuntime_sandbox_linux_test.go
SelinuxOptions: &runtimeapi.SELinuxOption{ User: "qux", }, RunAsUser: &runtimeapi.Int64Value{Value: 1000}, RunAsGroup: &runtimeapi.Int64Value{Value: 10}, }, } podSandboxConfig, err := m.generatePodSandboxConfig(pod, 1) assert.NoError(t, err)
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed May 29 22:40:29 UTC 2024 - 8K bytes - Viewed (0) -
staging/src/k8s.io/client-go/applyconfigurations/core/v1/podsecuritycontext.go
// PodSecurityContextApplyConfiguration represents an declarative configuration of the PodSecurityContext type for use // with apply. type PodSecurityContextApplyConfiguration struct { SELinuxOptions *SELinuxOptionsApplyConfiguration `json:"seLinuxOptions,omitempty"` WindowsOptions *WindowsSecurityContextOptionsApplyConfiguration `json:"windowsOptions,omitempty"`
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed May 29 22:40:29 UTC 2024 - 8.1K bytes - Viewed (0) -
manifests/charts/ztunnel/templates/daemonset.yaml
readOnlyRootFilesystem: true runAsGroup: 1337 runAsNonRoot: false runAsUser: 0 {{- if .Values.seLinuxOptions }} seLinuxOptions: {{ toYaml .Values.seLinuxOptions | trim | indent 12 }} {{- end }} readinessProbe: httpGet: port: 15021 path: /healthz/ready args: - proxy
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Jun 11 01:33:52 UTC 2024 - 5.6K bytes - Viewed (0) -
pkg/kubelet/kuberuntime/security_context_windows_test.go
{ desc: "Pass if container's user and image's user aren't set and RunAsNonRoot is true", sc: &v1.SecurityContext{ // verifyRunAsNonRoot should ignore the RunAsUser, SELinuxOptions, and RunAsGroup options. RunAsUser: &uid, SELinuxOptions: &v1.SELinuxOptions{}, RunAsGroup: &uid, RunAsNonRoot: &runAsNonRootTrue, }, fail: false, }, {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Sat Jul 30 02:29:11 UTC 2022 - 4.6K bytes - Viewed (0) -
manifests/charts/ztunnel/files/profile-openshift-ambient.yaml
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 30 20:24:06 UTC 2024 - 883 bytes - Viewed (0) -
manifests/helm-profiles/openshift-ambient.yaml
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 30 20:24:06 UTC 2024 - 664 bytes - Viewed (0) -
manifests/charts/base/files/profile-openshift-ambient.yaml
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 30 20:24:06 UTC 2024 - 883 bytes - Viewed (0)