mirror of
https://github.com/containers/udica
synced 2024-05-25 01:56:14 +02:00
Rename --device-access to --devices
This makes parameters more consistent. Also, describe the new parameter in man page. Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
This commit is contained in:
parent
0d3e3194e2
commit
34c0f13758
|
@ -361,8 +361,8 @@ class TestBase(unittest.TestCase):
|
|||
"udica",
|
||||
"-j",
|
||||
"tests/test_devices.podman.json",
|
||||
"--device-access",
|
||||
"/dev/fd0",
|
||||
"--devices",
|
||||
"/dev/fb0",
|
||||
"my_container",
|
||||
]
|
||||
)
|
||||
|
|
|
@ -99,6 +99,14 @@ def get_args():
|
|||
dest="Caps",
|
||||
default=None,
|
||||
)
|
||||
parser.add_argument(
|
||||
"--devices",
|
||||
type=str,
|
||||
help='List of devices the container should have access to, e.g "--devices /dev/dri/card0,/dev/dri/renderD128"',
|
||||
dest="Devices",
|
||||
required=False,
|
||||
default=None,
|
||||
)
|
||||
parser.add_argument(
|
||||
"-d",
|
||||
"--ansible",
|
||||
|
@ -127,14 +135,6 @@ def get_args():
|
|||
required=False,
|
||||
default="-",
|
||||
)
|
||||
parser.add_argument(
|
||||
"--device-access",
|
||||
help='List of devices the container should have access to, e.g "--device-access /dev/dri/card0,/dev/dri/renderD128"',
|
||||
required=False,
|
||||
default=None,
|
||||
type=str,
|
||||
dest="DeviceAccess",
|
||||
)
|
||||
args = parser.parse_args()
|
||||
return vars(args)
|
||||
|
||||
|
|
|
@ -53,6 +53,11 @@ Load templates and module created by this tool
|
|||
List of capabilities, for example: "\-c AUDIT\_WRITE,CHOWN,DAC\_OVERRIDE,FOWNER,FSETID,KILL"
|
||||
(mandatory to use for Docker Engine, see the BUGS section)
|
||||
|
||||
.TP
|
||||
.I \-\-devices DEVS
|
||||
List of devices the container should have access to, e.g "\-\-devices /dev/dri/card0,/dev/dri/renderD128"
|
||||
(overrides devices specified in the conatiner JSON)
|
||||
|
||||
.TP
|
||||
.I \-a, \-\-append-rules FILE
|
||||
Append more SELinux allow rules generated from SELinux denials in audit daemon.
|
||||
|
|
|
@ -173,10 +173,8 @@ def create_policy(
|
|||
# devices
|
||||
# Not applicable for CRI-O container engine
|
||||
if inspect_format != "CRI-0":
|
||||
if not devices and opts["DeviceAccess"]:
|
||||
devices = [
|
||||
{"PathOnHost": device} for device in opts["DeviceAccess"].split(",")
|
||||
]
|
||||
if opts["Devices"]:
|
||||
devices = [{"PathOnHost": device} for device in opts["Devices"].split(",")]
|
||||
write_policy_for_podman_devices(devices, policy)
|
||||
|
||||
# mounts
|
||||
|
|
Loading…
Reference in New Issue