Allow to set security.nesting param

-- Signed Off: Malte Wagner <git@monkz.de>

src/components/forms/SecurityPoliciesForm.tsx

@@ -19,6 +19,7 @@ import { optionRenderer } from "util/formFields";
 export interface SecurityPoliciesFormValues {
   security_protection_delete?: string;
   security_privileged?: string;
+  security_nesting?: string;
   security_protection_shift?: string;
   security_idmap_base?: string;
   security_idmap_size?: number;
@@ -35,6 +36,7 @@ export const securityPoliciesPayload = (
     [getInstanceKey("security_protection_delete")]:
       values.security_protection_delete,
     [getInstanceKey("security_privileged")]: values.security_privileged,
+    [getInstanceKey("security_nesting")]: values.security_nesting,
     [getInstanceKey("security_protection_shift")]:
       values.security_protection_shift,
     [getInstanceKey("security_idmap_base")]: values.security_idmap_base,
@@ -88,6 +90,21 @@ const SecurityPoliciesForm: FC<Props> = ({ formik }) => {
           ),
         }),
 
+        getConfigurationRow({
+          formik,
+          label: "Nesting (Containers only)",
+          name: "security_nesting",
+          defaultValue: "",
+          disabled: isContainerOnlyDisabled,
+          readOnlyRenderer: (val) => optionRenderer(val, optionAllowDeny),
+          children: (
+            <Select
+              options={optionAllowDeny}
+              disabled={isContainerOnlyDisabled}
+            />
+          ),
+        }),
+
         getConfigurationRow({
           formik,
           label: "Protect UID/GID shift (Containers only)",

src/util/instanceConfigFields.tsx

@@ -6,6 +6,7 @@ const instanceConfigFormFieldsToPayload: Record<string, string> = {
   limits_disk_priority: "limits.disk.priority",
   limits_processes: "limits.processes",
   security_privileged: "security.privileged",
+  security_nesting: "security.nesting",
   security_protection_delete: "security.protection.delete",
   security_protection_shift: "security.protection.shift",
   security_idmap_base: "security.idmap.base",

src/util/instanceEdit.tsx

@@ -34,6 +34,7 @@ const getEditValues = (
 
     security_protection_delete: item.config["security.protection.delete"],
     security_privileged: item.config["security.privileged"],
+    security_nesting: item.config["security.nesting"],
     security_protection_shift: item.config["security.protection.shift"],
     security_idmap_base: item.config["security.idmap.base"],
     security_idmap_size: item.config["security.idmap.size"]