Skip to content

Commit

Permalink
Revert "Run the container of the helper pod in privileged mode"
Browse files Browse the repository at this point in the history 
This reverts commit bd0bc31.

Signed-off-by: Derek Su <derek.su@suse.com>
  • Loading branch information
@derekbit
derekbit committed Dec 2, 2023
1 parent 61e3b3c commit 910bf42
Showing 1 changed file with 0 additions and 4 deletions.
4 changes: 0 additions & 4 deletions provisioner.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -567,7 +567,6 @@ func (p *LocalPathProvisioner) createHelperPod(action ActionType, cmd []string,
if o.Node != "" {
helperPod.Spec.NodeName = o.Node
}
privileged := true
helperPod.Spec.ServiceAccountName = p.serviceAccountName
helperPod.Spec.RestartPolicy = v1.RestartPolicyNever
helperPod.Spec.Tolerations = append(helperPod.Spec.Tolerations, lpvTolerations...)
Expand All @@ -578,9 +577,6 @@ func (p *LocalPathProvisioner) createHelperPod(action ActionType, cmd []string,
"-s", strconv.FormatInt(o.SizeInBytes, 10),
"-m", string(o.Mode),
"-a", string(action)}
helperPod.Spec.Containers[0].SecurityContext = &v1.SecurityContext{
Privileged: &privileged,
}

// If it already exists due to some previous errors, the pod will be cleaned up later automatically
// https://github.com/rancher/local-path-provisioner/issues/27
Expand Down

0 comments on commit 910bf42

Please sign in to comment.