search

containers / virtcontainers

A Go package for building hardware virtualized container runtimes
Apache License 2.0
139 stars 43 forks source link

Add support for NoNewPrivileges in oci spec #529

Closed amshinde closed 6 years ago

sboeuf commented 6 years ago

@amshinde also please fix unit tests.

jodh-intel commented 6 years ago

lgtm

Can you raise an issue on https://github.com/clearcontainers/tests to capture the requirement for a new set of tests for this option when it lands in the runtime?

Approved with PullApprove Approved with PullApprove

sameo commented 6 years ago

LGTM

I suppose this depends on an agent change as well?

Approved with PullApprove Approved with PullApprove

amshinde commented 6 years ago

@sameo Yes, here is the agent change : https://github.com/clearcontainers/agent/pull/186

amshinde commented 6 years ago

@jodh-intel I have submitted an issue to follow up on adding a new test for this: https://github.com/clearcontainers/tests/issues/811

amshinde commented 6 years ago

@sboeuf Can you merge if this looks good?

sboeuf commented 6 years ago

LGTM

Approved with PullApprove Approved with PullApprove