moby/oci
Sebastiaan van Stijn 1cd1925acd
oci.Device() fix FileMode to match runtime spec
The runtime spec expects the FileMode field to only hold file permissions,
however `unix.Stat_t.Mode` contains both file type and mode.

This patch strips file type so that only file mode is included in the Device.

Thanks to Iceber Gu, who noticed the same issue in containerd and runc.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-02-18 10:48:24 +01:00
..
caps Temporarily disable CAP_PERFMON, CAP_BPF, and CAP_CHECKPOINT_RESTORE 2020-10-16 17:52:27 +02:00
fixtures Fix permissions on oci fixtures files 2020-11-27 10:29:47 +07:00
defaults.go Move DefaultCapabilities() to caps package 2019-11-14 21:13:16 +02:00
devices_linux.go oci.Device() fix FileMode to match runtime spec 2021-02-18 10:48:24 +01:00
devices_linux_test.go oci.Device() fix FileMode to match runtime spec 2021-02-18 10:48:24 +01:00
devices_unsupported.go Add canonical import comment 2018-02-05 16:51:57 -05:00
namespaces.go goimports: fix imports 2019-09-18 12:56:54 +02:00
oci.go Fix daemon panic when starting container with invalid device cgroup rule 2021-01-22 16:02:19 +01:00
oci_test.go Fix daemon panic when starting container with invalid device cgroup rule 2021-01-22 16:02:19 +01:00
seccomp_test.go oci: add tests for loading seccomp profiles 2020-09-29 20:15:43 +02:00