Skip to content

Commit

Permalink
whitelist CNI binaries
Browse files Browse the repository at this point in the history
  • Loading branch information
@BenTheElder
BenTheElder committed Dec 20, 2019
1 parent f9868d4 commit 281a20c
Showing 1 changed file with 6 additions and 0 deletions.
6 changes: 6 additions & 0 deletions images/base/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -94,6 +94,12 @@ RUN echo "Ensuring scripts are executable ..." \
&& mkdir -p /opt/cni/bin \
&& tar -C /opt/cni/bin -xzf /tmp/cni.tgz \
&& rm -rf /tmp/cni.tgz \
&& find /opt/cni/bin -type f -not \( \
-iname host-local \
-o -iname ptp \
-o -iname portmap \
-o -iname loopback \
\) \
&& echo "Ensuring /etc/kubernetes/manifests" \
&& mkdir -p /etc/kubernetes/manifests \
&& echo "Adjusting systemd-tmpfiles timer" \
Expand Down

0 comments on commit 281a20c

Please sign in to comment.