server(install): remove privileges from install container

This commit is contained in:
Matthew Penner 2023-05-08 14:34:11 -06:00
parent a50e4ce9d1
commit b665c943a2
No known key found for this signature in database

View File

@ -4,7 +4,6 @@ import (
"bufio" "bufio"
"bytes" "bytes"
"context" "context"
"fmt"
"html/template" "html/template"
"io" "io"
"os" "os"
@ -427,10 +426,6 @@ func (ip *InstallationProcess) Execute() (string, error) {
} }
cfg := config.Get() cfg := config.Get()
if cfg.System.User.Rootless.Enabled {
conf.User = fmt.Sprintf("%d:%d", cfg.System.User.Rootless.ContainerUID, cfg.System.User.Rootless.ContainerGID)
}
tmpfsSize := strconv.Itoa(int(cfg.Docker.TmpfsSize)) tmpfsSize := strconv.Itoa(int(cfg.Docker.TmpfsSize))
hostConf := &container.HostConfig{ hostConf := &container.HostConfig{
Mounts: []mount.Mount{ Mounts: []mount.Mount{
@ -453,7 +448,6 @@ func (ip *InstallationProcess) Execute() (string, error) {
}, },
DNS: cfg.Docker.Network.Dns, DNS: cfg.Docker.Network.Dns,
LogConfig: cfg.Docker.ContainerLogConfig(), LogConfig: cfg.Docker.ContainerLogConfig(),
Privileged: true,
NetworkMode: container.NetworkMode(cfg.Docker.Network.Mode), NetworkMode: container.NetworkMode(cfg.Docker.Network.Mode),
UsernsMode: container.UsernsMode(cfg.Docker.UsernsMode), UsernsMode: container.UsernsMode(cfg.Docker.UsernsMode),
} }