Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 10 of 145 for ProcMount (0.19 sec)

  2. github.com/kubernetes/kubernetes

    pkg/securitycontext/util_test.go 

    	uPM := v1.UnmaskedProcMount
	tests := map[string]struct {
		pm     *v1.ProcMountType
		expect []string
	}{
		"procMount nil": {
			pm:     nil,
			expect: defaultMaskedPaths,
		},
		"procMount default": {
			pm:     &dPM,
			expect: defaultMaskedPaths,
		},
		"procMount unmasked": {
			pm:     &uPM,
			expect: []string{},
		},
	}

	for k, v := range tests {
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Tue May 05 01:25:23 UTC 2020
    - 5K bytes
    - Viewed (0)
  3. github.com/kubernetes/kubernetes

    pkg/kubelet/kuberuntime/security_context.go 

    	if synthesized == nil {
		synthesized = &runtimeapi.LinuxContainerSecurityContext{
			MaskedPaths:   securitycontext.ConvertToRuntimeMaskedPaths(effectiveSc.ProcMount),
			ReadonlyPaths: securitycontext.ConvertToRuntimeReadonlyPaths(effectiveSc.ProcMount),
		}
	}
	var err error

	synthesized.Seccomp, err = m.getSeccompProfile(pod.Annotations, container.Name, pod.Spec.SecurityContext, container.SecurityContext, m.seccompDefault)
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Wed May 29 22:40:29 UTC 2024
    - 5.2K bytes
    - Viewed (0)
  4. github.com/kubernetes/kubernetes

    pkg/securitycontext/fake.go 

    func ValidSecurityContextWithContainerDefaults() *v1.SecurityContext {
	priv := false
	defProcMount := v1.DefaultProcMount
	return &v1.SecurityContext{
		Capabilities: &v1.Capabilities{},
		Privileged:   &priv,
		ProcMount:    &defProcMount,
	}
}

// ValidInternalSecurityContextWithContainerDefaults creates a valid security context provider based on
// empty container defaults.  Used for testing.
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Thu Dec 20 19:43:52 UTC 2018
    - 1.4K bytes
    - Viewed (0)
  5. github.com/kubernetes/kubernetes

    pkg/securitycontext/util.go 

    		effectiveSc.AllowPrivilegeEscalation = new(bool)
		*effectiveSc.AllowPrivilegeEscalation = *containerSc.AllowPrivilegeEscalation
	}

	if containerSc.ProcMount != nil {
		effectiveSc.ProcMount = new(v1.ProcMountType)
		*effectiveSc.ProcMount = *containerSc.ProcMount
	}

	return effectiveSc
}

// DetermineEffectiveRunAsUser returns a pointer of UID from the provided pod's
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Wed Feb 15 07:28:24 UTC 2023
    - 7.5K bytes
    - Viewed (0)
  6. github.com/kubernetes/kubernetes

    pkg/securitycontext/accessors.go 

    		return
	}
	w.ensureContainerSC()
	w.containerSC.Privileged = v
}
func (w *containerSecurityContextWrapper) ProcMount() api.ProcMountType {
	if w.containerSC == nil {
		return api.DefaultProcMount
	}
	if w.containerSC.ProcMount == nil {
		return api.DefaultProcMount
	}
	return *w.containerSC.ProcMount
}
func (w *containerSecurityContextWrapper) SELinuxOptions() *api.SELinuxOptions {
	if w.containerSC == nil {
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Wed Feb 22 16:15:27 UTC 2023
    - 14.4K bytes
    - Viewed (0)
  7. github.com/kubernetes/kubernetes

    pkg/api/pod/util.go 

    			if c.SecurityContext != nil && c.SecurityContext.ProcMount != nil {
				// The ProcMount field was improperly forced to non-nil in 1.12.
				// If the feature is disabled, and the existing object is not using any non-default values, and the ProcMount field is present in the incoming object, force to the default value.
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Wed May 29 22:40:29 UTC 2024
    - 41.3K bytes
    - Viewed (0)
  8. github.com/kubernetes/kubernetes

    pkg/api/pod/util_test.go 

    }

func TestDropProcMount(t *testing.T) {
	procMount := api.UnmaskedProcMount
	defaultProcMount := api.DefaultProcMount
	podWithProcMount := func() *api.Pod {
		return &api.Pod{
			Spec: api.PodSpec{
				RestartPolicy:  api.RestartPolicyNever,
				Containers:     []api.Container{{Name: "container1", Image: "testimage", SecurityContext: &api.SecurityContext{ProcMount: &procMount}}},
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Wed May 29 22:40:29 UTC 2024
    - 108.8K bytes
    - Viewed (0)
  9. github.com/kubernetes/kubernetes

    staging/src/k8s.io/api/testdata/v1.29.0/apps.v1.DaemonSet.json 

                  "runAsUser": 4,
              "runAsGroup": 8,
              "runAsNonRoot": true,
              "readOnlyRootFilesystem": true,
              "allowPrivilegeEscalation": true,
              "procMount": "procMountValue",
              "seccompProfile": {
                "type": "typeValue",
                "localhostProfile": "localhostProfileValue"
              }
            },
            "stdin": true,
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Fri Dec 15 04:12:07 UTC 2023
    - 53.6K bytes
    - Viewed (0)
  10. github.com/kubernetes/kubernetes

    staging/src/k8s.io/api/testdata/v1.29.0/apps.v1.Deployment.json 

                  "runAsUser": 4,
              "runAsGroup": 8,
              "runAsNonRoot": true,
              "readOnlyRootFilesystem": true,
              "allowPrivilegeEscalation": true,
              "procMount": "procMountValue",
              "seccompProfile": {
                "type": "typeValue",
                "localhostProfile": "localhostProfileValue"
              }
            },
            "stdin": true,
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Fri Dec 15 04:12:07 UTC 2023
    - 53.7K bytes
    - Viewed (0)
  11. github.com/kubernetes/kubernetes

    staging/src/k8s.io/api/testdata/v1.29.0/apps.v1beta2.ReplicaSet.yaml 

              allowPrivilegeEscalation: true
          capabilities:
            add:
            - addValue
            drop:
            - dropValue
          privileged: true
          procMount: procMountValue
          readOnlyRootFilesystem: true
          runAsGroup: 8
          runAsNonRoot: true
          runAsUser: 4
          seLinuxOptions:
            level: levelValue
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Fri Dec 15 04:12:07 UTC 2023
    - 34.2K bytes
    - Viewed (0)
Back to top