agw/overleaf-cep
1
0
Fork 0
mirror of https://github.com/yu-i-i/overleaf-cep.git synced 2026-06-03 14:19:01 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #263 from overleaf/bg-add-option-for-apparmor-profile

Browse Source 
add option for apparmor profile
This commit is contained in:
Brian Gough
2021-07-22 09:11:45 +01:00
committed by GitHub
parent 3de07dbef2 262793c04f
commit 6a3da482c4
2 changed files with 15 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
services/clsi/app/js/DockerRunner.js
+6
View File
@@ -270,6 +270,12 @@ const DockerRunner = {
)
}
if (Settings.clsi.docker.apparmor_profile != null) {
options.HostConfig.SecurityOpt.push(
`apparmor=${Settings.clsi.docker.apparmor_profile}`
)
}
if (Settings.clsi.docker.runtime) {
options.HostConfig.Runtime = Settings.clsi.docker.runtime
}
services/clsi/config/settings.defaults.js
+9
View File
@@ -143,6 +143,15 @@ if (process.env.DOCKER_RUNNER) {
process.exit(1)
}
if (process.env.APPARMOR_PROFILE) {
try {
module.exports.clsi.docker.apparmor_profile = process.env.APPARMOR_PROFILE
} catch (error) {
console.error(error, 'could not apply apparmor profile setting')
process.exit(1)
}
}
if (process.env.ALLOWED_IMAGES) {
try {
module.exports.clsi.docker.allowedImages =