spec: change mount options for /dev/pts in rootless mode

The default /dev/pts has the option gid=5 that might not be mapped in the rootless case. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #871 Approved by: mheon
2024-10-21 17:53:44 +00:00 · 2018-06-01 13:11:54 +02:00 · 2018-06-01 13:11:54 +02:00 · ed0261176b
parent 1e8ef3c897
commit ed0261176b
1 changed files with 11 additions and 0 deletions
--- a/pkg/spec/spec.go
+++ b/pkg/spec/spec.go
@ -1,6 +1,7 @@
 package createconfig

 import (
+	"os"
 	"strings"

 	"github.com/docker/docker/daemon/caps"
@ -44,6 +45,16 @@ func CreateConfigToOCISpec(config *CreateConfig) (*spec.Spec, error) { //nolint
 		}
 		g.AddMount(sysMnt)
 	}
+	if os.Getuid() != 0 {
+		g.RemoveMount("/dev/pts")
+		devPts := spec.Mount{
+			Destination: "/dev/pts",
+			Type:        "devpts",
+			Source:      "devpts",
+			Options:     []string{"nosuid", "noexec", "newinstance", "ptmxmode=0666", "mode=0620"},
+		}
+		g.AddMount(devPts)
+	}

 	if addCgroup {
 		cgroupMnt := spec.Mount{