Skip to content

Remove mounting the /var/run path from host to agent #1386

New issue
New issue
Open
Open
Remove mounting the /var/run path from host to agent#1386
@anubhabMajumdar

Description

@anubhabMajumdar
anubhabMajumdar
opened on Feb 25, 2025

Describe the bug

retina-agent mounts /var/run from host directory. This can have potential issue as it can overwrite data in the directory.

Fixes:

  • Restrict access to only /var/run/cilium directory for retina-agent
  • Investigate if we can use DirectoryOrCreate and remove pkg/ciliumfs/setup.go .

Platform (please complete the following information):

  • OS: Linux
  • Kubernetes Version: All versions
  • Host: AKS
  • Retina Version:

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    Retina Triage Board

    Status

    No status

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions