Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove mounting the /var/run path from host to agent #1386

Open
anubhabMajumdar opened this issue Feb 25, 2025 · 0 comments
Open

Remove mounting the /var/run path from host to agent #1386

anubhabMajumdar opened this issue Feb 25, 2025 · 0 comments

Comments

@anubhabMajumdar
Copy link
Contributor

anubhabMajumdar commented Feb 25, 2025
edited
Loading

Describe the bug

retina-agent mounts /var/run from host directory. This can have potential issue as it can overwrite data in the directory.

Fixes:

  • Restrict access to only /var/run/cilium directory for retina-agent
  • Investigate if we can use DirectoryOrCreate and remove pkg/ciliumfs/setup.go .

Platform (please complete the following information):

  • OS: Linux
  • Kubernetes Version: All versions
  • Host: AKS
  • Retina Version:
@anubhabMajumdar anubhabMajumdar changed the title Remove mounting Remove mounting the /var/run path from host to agent Feb 25, 2025
@alexcastilio alexcastilio mentioned this issue Feb 26, 2025
Open
7 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
Retina Triage Board
Status: No status
Milestone
No milestone
Development

No branches or pull requests
1 participant
@anubhabMajumdar