File tree Expand file tree Collapse file tree 3 files changed +10
-10
lines changed Expand file tree Collapse file tree 3 files changed +10
-10
lines changed Original file line number Diff line number Diff line change @@ -11,7 +11,7 @@ require (
1111 github.com/cyphar/filepath-securejoin v0.2.3
1212 github.com/docker/go-units v0.4.0
1313 github.com/godbus/dbus/v5 v5.0.4
14- github.com/landlock-lsm/go-landlock v0.0.0-20210828133255-ec6c6b87a946
14+ github.com/landlock-lsm/go-landlock v0.0.0-20210908180355-c56710719da4
1515 github.com/moby/sys/mountinfo v0.4.1
1616 github.com/mrunalp/fileutils v0.5.0
1717 github.com/opencontainers/runtime-spec v1.0.3-0.20210326190908-1c3f411f0417
Original file line number Diff line number Diff line change @@ -40,8 +40,8 @@ github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfn
4040github.com/kr/pty v1.1.1 /go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ =
4141github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE =
4242github.com/kr/text v0.1.0 /go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI =
43- github.com/landlock-lsm/go-landlock v0.0.0-20210828133255-ec6c6b87a946 h1:RRTOwBnwZR4a3IMyPq1uchxJcrLKWF4NTCHB2fbvo5Y =
44- github.com/landlock-lsm/go-landlock v0.0.0-20210828133255-ec6c6b87a946 /go.mod h1:wjznJ04q4Tvsbx3vkzfmgfEOe6w5dSGlXFa+xbSl9X8 =
43+ github.com/landlock-lsm/go-landlock v0.0.0-20210908180355-c56710719da4 h1:5FNPB9FxONNZ10VtNC2n15+0O4O6wfCqCBmkxm2O5x0 =
44+ github.com/landlock-lsm/go-landlock v0.0.0-20210908180355-c56710719da4 /go.mod h1:wjznJ04q4Tvsbx3vkzfmgfEOe6w5dSGlXFa+xbSl9X8 =
4545github.com/moby/sys/mountinfo v0.4.1 h1:1O+1cHA1aujwEwwVMa2Xm2l+gIpUHyd3+D+d7LZh1kM =
4646github.com/moby/sys/mountinfo v0.4.1 /go.mod h1:rEr8tzG/lsIZHBtN/JjGG+LMYx9eXgW2JI+6q0qou+A =
4747github.com/mrunalp/fileutils v0.5.0 h1:NKzVxiH7eSk+OQ4M+ZYW1K6h27RUV3MI6NUTsHhU6Z4 =
Original file line number Diff line number Diff line change @@ -21,14 +21,14 @@ func InitLandlock(config *configs.Landlock) error {
2121 return errors .New ("cannot initialize Landlock - nil config passed" )
2222 }
2323
24- var llConfig landlock.Config
25-
2624 ruleset := config .Ruleset .HandledAccessFS
27- // Panic on error when constructing the Landlock configuration using invalid config values.
28- if config .DisableBestEffort {
29- llConfig = landlock .MustConfig (ruleset )
30- } else {
31- llConfig = landlock .MustConfig (ruleset ).BestEffort ()
25+ llConfig , err := landlock .NewConfig (ruleset )
26+ if err != nil {
27+ return fmt .Errorf ("could not create ruleset: %w" , err )
28+ }
29+
30+ if ! config .DisableBestEffort {
31+ * llConfig = llConfig .BestEffort ()
3232 }
3333
3434 if err := llConfig .RestrictPaths (
You can’t perform that action at this time.
0 commit comments