Merge "Run as ceph user and disallow privilege escalation"

This commit is contained in:
Zuul
2021-01-12 20:09:50 +00:00
committed by Gerrit Code Review
2 changed files with 5 additions and 3 deletions

View File

@@ -15,6 +15,6 @@ apiVersion: v1
appVersion: v1.0.0
description: OpenStack-Helm Ceph Client
name: ceph-client
version: 0.1.2
version: 0.1.3
home: https://github.com/ceph/ceph-client
...

View File

@@ -71,8 +71,9 @@ pod:
runAsUser: 0
readOnlyRootFilesystem: true
mds:
runAsUser: 0
runAsUser: 64045
readOnlyRootFilesystem: true
allowPrivilegeEscalation: false
mgr:
pod:
runAsUser: 65534
@@ -81,8 +82,9 @@ pod:
runAsUser: 0
readOnlyRootFilesystem: true
mgr:
runAsUser: 0
runAsUser: 64045
readOnlyRootFilesystem: true
allowPrivilegeEscalation: false
bootstrap:
pod:
runAsUser: 65534