diff --git a/internal/discover/char_devices.go b/internal/discover/char_devices.go index bd83e995..2b149142 100644 --- a/internal/discover/char_devices.go +++ b/internal/discover/char_devices.go @@ -58,7 +58,11 @@ func (d *charDevices) Devices() ([]Device, error) { } var devices []Device for _, mount := range devicesAsMounts { - devices = append(devices, Device(mount)) + device := Device{ + HostPath: mount.HostPath, + Path: mount.Path, + } + devices = append(devices, device) } return devices, nil diff --git a/internal/discover/discover.go b/internal/discover/discover.go index 94e610ec..0687055f 100644 --- a/internal/discover/discover.go +++ b/internal/discover/discover.go @@ -32,6 +32,7 @@ type Device struct { type Mount struct { HostPath string Path string + Options []string } // Hook represents a discovered hook. diff --git a/internal/discover/mounts.go b/internal/discover/mounts.go index 3c026aea..1c9d27ff 100644 --- a/internal/discover/mounts.go +++ b/internal/discover/mounts.go @@ -93,6 +93,12 @@ func (d *mounts) Mounts() ([]Mount, error) { uniqueMounts[p] = Mount{ HostPath: p, Path: r, + Options: []string{ + "ro", + "nosuid", + "nodev", + "bind", + }, } } } diff --git a/internal/discover/mounts_test.go b/internal/discover/mounts_test.go index ee5254ac..14598cc6 100644 --- a/internal/discover/mounts_test.go +++ b/internal/discover/mounts_test.go @@ -35,6 +35,14 @@ func TestMountsReturnsEmptyDevices(t *testing.T) { } func TestMounts(t *testing.T) { + + mountOptions := []string{ + "ro", + "nosuid", + "nodev", + "bind", + } + logger, logHook := testlog.NewNullLogger() testCases := []struct { @@ -70,7 +78,7 @@ func TestMounts(t *testing.T) { }, required: []string{"required"}, }, - expectedMounts: []Mount{{Path: "located", HostPath: "located"}}, + expectedMounts: []Mount{{Path: "located", HostPath: "located", Options: mountOptions}}, }, { description: "mounts removes located duplicates", @@ -83,7 +91,7 @@ func TestMounts(t *testing.T) { }, required: []string{"required0", "required1"}, }, - expectedMounts: []Mount{{Path: "located", HostPath: "located"}}, + expectedMounts: []Mount{{Path: "located", HostPath: "located", Options: mountOptions}}, }, { description: "mounts skips located errors", @@ -98,7 +106,7 @@ func TestMounts(t *testing.T) { }, required: []string{"required0", "error", "required1"}, }, - expectedMounts: []Mount{{Path: "required0", HostPath: "required0"}, {Path: "required1", HostPath: "required1"}}, + expectedMounts: []Mount{{Path: "required0", HostPath: "required0", Options: mountOptions}, {Path: "required1", HostPath: "required1", Options: mountOptions}}, }, { description: "mounts skips unlocated", @@ -113,7 +121,7 @@ func TestMounts(t *testing.T) { }, required: []string{"required0", "empty", "required1"}, }, - expectedMounts: []Mount{{Path: "required0", HostPath: "required0"}, {Path: "required1", HostPath: "required1"}}, + expectedMounts: []Mount{{Path: "required0", HostPath: "required0", Options: mountOptions}, {Path: "required1", HostPath: "required1", Options: mountOptions}}, }, { description: "mounts adds multiple", @@ -129,10 +137,10 @@ func TestMounts(t *testing.T) { required: []string{"required0", "multiple", "required1"}, }, expectedMounts: []Mount{ - {Path: "required0", HostPath: "required0"}, - {Path: "multiple0", HostPath: "multiple0"}, - {Path: "multiple1", HostPath: "multiple1"}, - {Path: "required1", HostPath: "required1"}, + {Path: "required0", HostPath: "required0", Options: mountOptions}, + {Path: "multiple0", HostPath: "multiple0", Options: mountOptions}, + {Path: "multiple1", HostPath: "multiple1", Options: mountOptions}, + {Path: "required1", HostPath: "required1", Options: mountOptions}, }, }, { @@ -147,7 +155,7 @@ func TestMounts(t *testing.T) { required: []string{"required0", "multiple", "required1"}, }, expectedMounts: []Mount{ - {Path: "/located", HostPath: "/some/root/located"}, + {Path: "/located", HostPath: "/some/root/located", Options: mountOptions}, }, }, } diff --git a/internal/edits/mount.go b/internal/edits/mount.go index 46386322..a5c45582 100644 --- a/internal/edits/mount.go +++ b/internal/edits/mount.go @@ -40,12 +40,7 @@ func (d mount) toSpec() *specs.Mount { s := specs.Mount{ HostPath: d.HostPath, ContainerPath: d.Path, - Options: []string{ - "ro", - "nosuid", - "nodev", - "bind", - }, + Options: d.Options, } return &s