WithRootFSReadonly sets specs.Root.Readonly to true
()
| 498 | |
| 499 | // WithRootFSReadonly sets specs.Root.Readonly to true |
| 500 | func WithRootFSReadonly() SpecOpts { |
| 501 | return func(_ context.Context, _ Client, _ *containers.Container, s *Spec) error { |
| 502 | setRoot(s) |
| 503 | s.Root.Readonly = true |
| 504 | return nil |
| 505 | } |
| 506 | } |
| 507 | |
| 508 | // WithNoNewPrivileges sets no_new_privileges on the process for the container |
| 509 | func WithNoNewPrivileges(_ context.Context, _ Client, _ *containers.Container, s *Spec) error { |
no test coverage detected
searching dependent graphs…