Commit bff8f548 authored by David Johnson's avatar David Johnson

When emulabizing docker images, do not trust certain base image values.

Particularly, override Entrypoint and User.
parent 1d0ed64f
......@@ -4330,7 +4330,9 @@ sub analyzeImage($$)
my $args = {
'HostConfig' => {
'Binds' => [ "/etc/emulab/docker/container-utils:/tmp/docker:ro" ]
}
},
'Entrypoint' => '',
'User' => 'root',
};
my $tmpname = "analyzer-".int(rand(POSIX::INT_MAX));
our $buf = '';
......@@ -4900,6 +4902,8 @@ sub emulabizeImage($;$$$$$$$$)
];
$args{'Image'} = $image;
$args{'Cmd'} = ["/bin/sh","-c","cd \$CONTEXT && $ascript"];
$args{'Entrypoint'} = '';
$args{'User'} = 'root';
my $tmpname = "artifact-".sha1_hex($image . rand(POSIX::INT_MAX));
TBDebugTimeStamp("creating artifact container $tmpname for".
" artifact script $ascript...");
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment