helper/bwrap: pass --unshare-user when unshare everything
Bubblewrap apparently requires --unshare-user even when --unshare-all is set to apply --disable-userns. This behaviour is not clearly documented. Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
This commit is contained in:
parent
c201c30c7f
commit
b99ed94386
|
@ -21,7 +21,7 @@ const (
|
||||||
)
|
)
|
||||||
|
|
||||||
var boolArgs = func() (b [boolC][]string) {
|
var boolArgs = func() (b [boolC][]string) {
|
||||||
b[UnshareAll] = []string{"--unshare-all"}
|
b[UnshareAll] = []string{"--unshare-all", "--unshare-user"}
|
||||||
b[UnshareUser] = []string{"--unshare-user"}
|
b[UnshareUser] = []string{"--unshare-user"}
|
||||||
b[UnshareIPC] = []string{"--unshare-ipc"}
|
b[UnshareIPC] = []string{"--unshare-ipc"}
|
||||||
b[UnsharePID] = []string{"--unshare-pid"}
|
b[UnsharePID] = []string{"--unshare-pid"}
|
||||||
|
|
|
@ -49,6 +49,7 @@ func TestConfig_Args(t *testing.T) {
|
||||||
},
|
},
|
||||||
want: []string{
|
want: []string{
|
||||||
"--unshare-all",
|
"--unshare-all",
|
||||||
|
"--unshare-user",
|
||||||
"--disable-userns",
|
"--disable-userns",
|
||||||
"--assert-userns-disabled",
|
"--assert-userns-disabled",
|
||||||
"--clearenv",
|
"--clearenv",
|
||||||
|
|
Loading…
Reference in New Issue