Revert "both driver-opt and security-opt options"

This reverts commit a12bc79097.
1 year ago · 17a7e99226
parent 027a8c16e7
commit 17a7e99226
1 changed files with 15 additions and 7 deletions
--- a/driver/docker-container/driver.go
+++ b/driver/docker-container/driver.go
@ -144,13 +144,21 @@ func (d *Driver) create(ctx context.Context, l progress.SubLogger) error {
 					break
 				}
 			}
-			hc.SecurityOpt = append(hc.SecurityOpt, "seccomp=unconfined")
-			hc.SecurityOpt = append(hc.SecurityOpt, "apparmor=unconfined")
-			hc.Privileged = false
-			//hc.SecurityOpt = append(hc.SecurityOpt, "systempaths=unconfined")
+			for i, k := range d.SecurityOpts {
+				switch {
+				case i == "systempaths":
 					hc.MaskedPaths = []string{}
 					hc.ReadonlyPaths = []string{}
-			//cfg.Env= append(cfg.Env,"systempaths=unconfined")
+				case i == "privileged":
+					val, err := strconv.ParseBool(k)
+					if err != nil {
+						return errors.Errorf("invalid value privleged security option, options are true/false")
+					}
+					hc.Privileged = val
+				default:
+					hc.SecurityOpt = append(hc.SecurityOpt, i+"="+k)
+				}
+			}
 		}
 		_, err := d.DockerAPI.ContainerCreate(ctx, cfg, hc, &network.NetworkingConfig{}, nil, d.Name)
 		if err != nil && !errdefs.IsConflict(err) {