We use cookies to ensure you get the best experience on our website
Home Explore Help
Register Sign In
0ct0pu5
/
moby
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Merge pull request #35344 from rhatdan/readonly-/dev

/dev should not be readonly with --readonly flag
Sebastiaan van Stijn 7 years ago
parent
47b3209f68 5f3bd2473e
commit
7d8affa3ef
2 changed files with 2 additions and 2 deletions
Split View Show Diff Stats
  1. 1 1
      daemon/oci_linux.go
  2. 1 1
      integration-cli/docker_cli_run_test.go

+ 1 - 1
daemon/oci_linux.go
View File 

@@ -628,7 +628,7 @@ func setMounts(daemon *Daemon, s *specs.Spec, c *container.Container, mounts []c
 
 	if s.Root.Readonly {
 
 		for i, m := range s.Mounts {
 
 			switch m.Destination {
 
-			case "/proc", "/dev/pts", "/dev/mqueue": // /dev is remounted by runc
 
+			case "/proc", "/dev/pts", "/dev/mqueue", "/dev":
 
 				continue
 
 			}
 
 			if _, ok := userMounts[m.Destination]; !ok {

+ 1 - 1
integration-cli/docker_cli_run_test.go
View File 

@@ -2729,7 +2729,7 @@ func (s *DockerSuite) TestRunContainerWithReadonlyRootfs(c *check.C) {
 
 	if root := os.Getenv("DOCKER_REMAP_ROOT"); root != "" {
 
 		testPriv = false
 
 	}
 
-	testReadOnlyFile(c, testPriv, "/file", "/etc/hosts", "/etc/resolv.conf", "/etc/hostname", "/sys/kernel", "/dev/.dont.touch.me")
 
+	testReadOnlyFile(c, testPriv, "/file", "/etc/hosts", "/etc/resolv.conf", "/etc/hostname", "/sys/kernel")
 
 }
 
 
 func (s *DockerSuite) TestPermissionsPtsReadonlyRootfs(c *check.C) {

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5