Skip to content
This repository has been archived by the owner on May 12, 2021. It is now read-only.

Limitations: Remove seccomp limitation. #342

Merged
merged 1 commit into from
Jan 7, 2019
Merged

Limitations: Remove seccomp limitation. #342

merged 1 commit into from
Jan 7, 2019

Conversation

nitkon
Copy link
Contributor

@nitkon nitkon commented Jan 6, 2019

Document that seccomp support is now available.

FIxes: #341

Signed-off-by: Nitesh Konkar niteshkonkar@in.ibm.com

jodh-intel
jodh-intel approved these changes Jan 7, 2019
View reviewed changes
Copy link
Contributor

@jodh-intel jodh-intel left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A couple of nits but generally...

lgtm

Limitations.md Outdated
We only support --security-opt=no-new-privileges option as of today.

See https://github.com/kata-containers/kata-containers/issues/31 for more information.
We only support --security-opt=no-new-privileges and security-opt seccomp=/path/to/seccomp/profile.json
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Missing dashes: --security-opt seccomp=/path/to/seccomp/profile.json.

Also -- although not strictly part of this PR -- it might be worth rendering these options in backticks:

We only support --security-opt=no-new-privileges and --security-opt seccomp=/path/to/seccomp/profile.json ...

Limitations.md Outdated

Note: The `--security-opt apparmor=your_profile` is yet not supported. See https://github.com/kata-containers/runtime/issues/707
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  • I think "not yet" rather than "yet not" ready more clearly.
  • Nit: Missing period at end of sentence.

@nitkon
Limitations: Remove seccomp limitation.
4078d0a 
Document that seccomp support is now available.

FIxes: #341

Signed-off-by: Nitesh Konkar niteshkonkar@in.ibm.com
@nitkon
Copy link
Contributor Author

nitkon commented Jan 7, 2019

Thanks, @jodh-intel , Fixed!

@jodh-intel
Copy link
Contributor

Thanks @nitkon ! ;)

grahamwhaley
grahamwhaley approved these changes Jan 7, 2019
View reviewed changes
Copy link
Contributor

@grahamwhaley grahamwhaley left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@grahamwhaley grahamwhaley merged commit 069987a into kata-containers:master Jan 7, 2019
@grahamwhaley
Copy link
Contributor

Doh, this was nominally blocked on the merge of kata-containers/runtime#689, but that was only noted in the Issue, and there was no DNM on this PR.
I think we can leave this merged for the minute, as I suspect the related PR will get fixed/merged v.soon.
oops...

devimc pushed a commit to devimc/kata-documentation that referenced this pull request Sep 2, 2019
@GabyCT
Merge pull request kata-containers#342 from devimc/topic/rootfs/kmod
88f8216 
Add kmod package
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@jodh-intel jodh-intel jodh-intel approved these changes

@grahamwhaley grahamwhaley grahamwhaley approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@nitkon @jodh-intel @grahamwhaley