Skip to content
This repository was archived by the owner on Jul 23, 2025. It is now read-only.

Commit 0eadd57

Browse files
bketelsenbketelsen
authored
feat: security.nesting for docker (#77)
* feat: security.nesting for docker * fix: nesting for docker
1 parent b68424d commit 0eadd57

File tree

1 file changed

+5
-0
lines changed

1 file changed

+5
-0
lines changed

cli/cmd/launch.go

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -478,6 +478,11 @@ func (c *cmdLaunch) launch(app string, instanceName string) error {
478478
}
479479
extraConfigs := make(map[string]string)
480480
deviceOverrides := make(map[string]map[string]string)
481+
// enable nesting
482+
extraConfigs["security.nesting"] = "true"
483+
extraConfigs["security.syscalls.intercept.mknod"] = "true"
484+
extraConfigs["security.syscalls.intercept.setxattr"] = "true"
485+
481486
// set environment variables
482487
// SSH Enable
483488
if launchSettings.EnableSSH {

0 commit comments

Comments
 (0)