aboutsummaryrefslogtreecommitdiff
path: root/src/main/java/io/github/jshipit/ContainerManager.java
diff options
context:
space:
mode:
Diffstat (limited to 'src/main/java/io/github/jshipit/ContainerManager.java')
-rw-r--r--src/main/java/io/github/jshipit/ContainerManager.java19
1 files changed, 8 insertions, 11 deletions
diff --git a/src/main/java/io/github/jshipit/ContainerManager.java b/src/main/java/io/github/jshipit/ContainerManager.java
index eed8e48..d97f1f3 100644
--- a/src/main/java/io/github/jshipit/ContainerManager.java
+++ b/src/main/java/io/github/jshipit/ContainerManager.java
@@ -209,13 +209,6 @@ public class ContainerManager {
}
}
- if (configParser.getBoolean("permissions.mount-dev")) {
- bwrapCommand.add("--dev /dev"); // Mount /dev
- }
-
- if (configParser.getBoolean("permissions.mount-proc")) {
- bwrapCommand.add("--proc /proc"); // Mount /proc
- }
if (!configParser.getBoolean("permissions.unshare-net")) {
bwrapCommand.add("--ro-bind /etc/resolv.conf /etc/resolv.conf"); // Bind the host resolv.conf to the container
@@ -251,12 +244,16 @@ public class ContainerManager {
}
if (configParser.getBoolean("permissions.mount-dev")) {
- bwrapCommand.add("--dev /dev"); // Mount /dev
- }
+ bwrapCommand.add("--dev-bind /dev /dev"); // Mount /dev
+ } else {
+ bwrapCommand.add("--dev /dev"); // Make sure a seperate devfs exists
+ }
if (configParser.getBoolean("permissions.mount-proc")) {
- bwrapCommand.add("--proc /proc"); // Mount /proc
- }
+ bwrapCommand.add("--bind /proc /proc"); // Mount /proc
+ } else {
+ bwrapCommand.add("--proc /proc"); // Make sure a seperate procfs exists
+ }
}
/*
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-16 09:01:38 +0000