func (d *driver) setupMounts(container *libcontainer.Container, c *execdriver.Command) error { for _, m := range c.Mounts { container.Mounts = append(container.Mounts, libcontainer.Mount{ Type: "bind", Source: m.Source, Destination: m.Destination, Writable: m.Writable, Private: m.Private, }) } return nil }
func (d *driver) setPrivileged(container *libcontainer.Container) error { for _, c := range container.CapabilitiesMask { c.Enabled = true } container.Cgroups.DeviceAccess = true // add sysfs as a mount for privileged containers container.Mounts = append(container.Mounts, libcontainer.Mount{Type: "sysfs"}) delete(container.Context, "restriction_path") if apparmor.IsEnabled() { container.Context["apparmor_profile"] = "unconfined" } return nil }
func (d *driver) setupMounts(container *libcontainer.Container, c *execdriver.Command) error { for _, m := range c.Mounts { container.Mounts = append(container.Mounts, libcontainer.Mount{m.Source, m.Destination, m.Writable, m.Private}) } return nil }