Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
container_create: fix /etc/resolv.conf to be ro
... for a read-only container. So, here is a story. Commit 0dfec71 (PR #599, merged Jun 14 2017) fixed the `/etc/resolv.conf` and `/etc/hosts` bind mounts to be read-only in case the container has `readonly_rootfs = true`. A test case was added by commit 8b4e303 (PR #603, merged Jun 16 2017) to verify that `/etc/resolv.conf` is indeed read-only for a read-only container. Later, the test case was broken by commit 25dfde9 (PR #1159, merged Nov 20 2017) to expect success from writing to `/etc/resolv.conf` for read-only container. Later, `ro` for `/etc/resolv.conf` was broken by commit 4c096f2 (PR #1562, merged May 18 2018), which went unnoticed until now because of the broken test case. This commit reinstates the `ro` flag, and fixes the test case. This is important since this file is outside of a container, and not having it ro basically enables a container to write to a file system outside of the container. Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
- Loading branch information