Allow device through cgroupv1/eBPF device filter
parent
bdc2402131
commit
af821dd392
10
runc-wrapper
10
runc-wrapper
|
@ -11,7 +11,17 @@ if [ -f config.json ]; then
|
||||||
"source": "/dev/kvm",
|
"source": "/dev/kvm",
|
||||||
"options": [ "bind", "rw" ]
|
"options": [ "bind", "rw" ]
|
||||||
}
|
}
|
||||||
|
] |
|
||||||
|
.linux.resources.devices |= . + [
|
||||||
|
{
|
||||||
|
"allow": true,
|
||||||
|
"type": "c",
|
||||||
|
"major": 10,
|
||||||
|
"minor": 232,
|
||||||
|
"access": "rwm"
|
||||||
|
}
|
||||||
]' config.old.json > config.json
|
]' config.old.json > config.json
|
||||||
|
cp config.json /tmp/config.json
|
||||||
fi
|
fi
|
||||||
|
|
||||||
exec $RUNC "$@"
|
exec $RUNC "$@"
|
||||||
|
|
Loading…
Reference in New Issue