- Sort Score
- Result 10 results
- Languages All
Results 1 - 3 of 3 for ConvertToRuntimeReadonlyPaths (0.39 sec)
-
pkg/kubelet/kuberuntime/security_context.go
if synthesized == nil { synthesized = &runtimeapi.LinuxContainerSecurityContext{ MaskedPaths: securitycontext.ConvertToRuntimeMaskedPaths(effectiveSc.ProcMount), ReadonlyPaths: securitycontext.ConvertToRuntimeReadonlyPaths(effectiveSc.ProcMount), } } var err error synthesized.Seccomp, err = m.getSeccompProfile(pod.Annotations, container.Name, pod.Spec.SecurityContext, container.SecurityContext, m.seccompDefault)
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed May 29 22:40:29 UTC 2024 - 5.2K bytes - Viewed (0) -
pkg/securitycontext/util.go
return []string{} } // Otherwise, add the default masked paths to the runtime security context. return defaultMaskedPaths } // ConvertToRuntimeReadonlyPaths converts the ProcMountType to the specified or default // readonly paths. func ConvertToRuntimeReadonlyPaths(opt *v1.ProcMountType) []string { if opt != nil && *opt == v1.UnmaskedProcMount { // Unmasked proc mount should have no paths set as readonly.
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed Feb 15 07:28:24 UTC 2023 - 7.5K bytes - Viewed (0) -
pkg/securitycontext/util_test.go
pm: &dPM, expect: defaultReadonlyPaths, }, "procMount unmasked": { pm: &uPM, expect: []string{}, }, } for k, v := range tests { actual := ConvertToRuntimeReadonlyPaths(v.pm) if !reflect.DeepEqual(actual, v.expect) { t.Errorf("%s failed, expected %#v but received %#v", k, v.expect, actual) } } } func TestDetermineEffectiveRunAsUser(t *testing.T) {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Tue May 05 01:25:23 UTC 2020 - 5K bytes - Viewed (0)