|
|
@@ -160,29 +160,30 @@ func parseSecurityOpt(container *container.Container, config *containertypes.Hos
|
|
|
for _, opt := range config.SecurityOpt {
|
|
|
if opt == "no-new-privileges" {
|
|
|
container.NoNewPrivileges = true
|
|
|
- } else {
|
|
|
- var con []string
|
|
|
- if strings.Contains(opt, "=") {
|
|
|
- con = strings.SplitN(opt, "=", 2)
|
|
|
- } else if strings.Contains(opt, ":") {
|
|
|
- con = strings.SplitN(opt, ":", 2)
|
|
|
- logrus.Warn("Security options with `:` as a separator are deprecated and will be completely unsupported in 1.13, use `=` instead.")
|
|
|
- }
|
|
|
+ continue
|
|
|
+ }
|
|
|
|
|
|
- if len(con) != 2 {
|
|
|
- return fmt.Errorf("Invalid --security-opt 1: %q", opt)
|
|
|
- }
|
|
|
+ var con []string
|
|
|
+ if strings.Contains(opt, "=") {
|
|
|
+ con = strings.SplitN(opt, "=", 2)
|
|
|
+ } else if strings.Contains(opt, ":") {
|
|
|
+ con = strings.SplitN(opt, ":", 2)
|
|
|
+ logrus.Warn("Security options with `:` as a separator are deprecated and will be completely unsupported in 1.13, use `=` instead.")
|
|
|
+ }
|
|
|
|
|
|
- switch con[0] {
|
|
|
- case "label":
|
|
|
- labelOpts = append(labelOpts, con[1])
|
|
|
- case "apparmor":
|
|
|
- container.AppArmorProfile = con[1]
|
|
|
- case "seccomp":
|
|
|
- container.SeccompProfile = con[1]
|
|
|
- default:
|
|
|
- return fmt.Errorf("Invalid --security-opt 2: %q", opt)
|
|
|
- }
|
|
|
+ if len(con) != 2 {
|
|
|
+ return fmt.Errorf("invalid --security-opt 1: %q", opt)
|
|
|
+ }
|
|
|
+
|
|
|
+ switch con[0] {
|
|
|
+ case "label":
|
|
|
+ labelOpts = append(labelOpts, con[1])
|
|
|
+ case "apparmor":
|
|
|
+ container.AppArmorProfile = con[1]
|
|
|
+ case "seccomp":
|
|
|
+ container.SeccompProfile = con[1]
|
|
|
+ default:
|
|
|
+ return fmt.Errorf("invalid --security-opt 2: %q", opt)
|
|
|
}
|
|
|
}
|
|
|
|
Yanqiang Miao