mirror of
https://github.com/moby/moby.git
synced 2022-11-09 12:21:53 -05:00
/dev/mqueue should never be mounted readonly
If user specifies --read-only flag it should not effect /dev/mqueue. This is causing SELinux issues in docker-1.10. --read-only blows up on SELinux enabled machines. Mounting /dev/mqueue read/only would also blow up any tool that was going to use /dev/mqueue. Signed-off-by: Dan Walsh <dwalsh@redhat.com>
This commit is contained in:
parent
e5a79c5d99
commit
adb2e3fedc
1 changed files with 1 additions and 1 deletions
|
@ -104,7 +104,7 @@ func (d *Driver) createContainer(c *execdriver.Command, hooks execdriver.Hooks)
|
|||
if container.Readonlyfs {
|
||||
for i := range container.Mounts {
|
||||
switch container.Mounts[i].Destination {
|
||||
case "/proc", "/dev", "/dev/pts":
|
||||
case "/proc", "/dev", "/dev/pts", "/dev/mqueue":
|
||||
continue
|
||||
}
|
||||
container.Mounts[i].Flags |= syscall.MS_RDONLY
|
||||
|
|
Loading…
Reference in a new issue