kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Partially implement MountSensitive 

We still don't actually support sensitive options, but it doesn't look
like we need them, MountSensitive is just called with empty
sensitiveOptions in a few places.

Issue #8908
This commit is contained in:
Justin Santa Barbara 2020-04-19 13:26:53 -04:00
parent 06fda7f1fa
commit 145b71b376
1 changed files with 13 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
protokube/pkg/hostmount/nsenter_linux.go
View File

@ -51,7 +51,19 @@ func (*Mounter) List() ([]mount.MountPoint, error) {
// Mount runs mount(8) in the host's root mount namespace. Aside from this
// aspect, Mount has the same semantics as the mounter returned by mount.New()
func (n *Mounter) Mount(source string, target string, fstype string, options []string) error {
bind, bindOpts, bindRemountOpts := mount.MakeBindOpts(options)
return n.MountSensitive(source, target, fstype, options, nil)
}
// MountSensitive is the same as Mount() but this method allows
// sensitiveOptions to be passed in a separate parameter from the normal
// mount options and ensures the sensitiveOptions are never logged. This
// method should be used by callers that pass sensitive material (like
// passwords) as mount options.
func (n *Mounter) MountSensitive(source string, target string, fstype string, options []string, sensitiveOptions []string) error {
bind, bindOpts, bindRemountOpts, bindRemountSensitiveOpts := mount.MakeBindOptsSensitive(options, sensitiveOptions)
if len(bindRemountSensitiveOpts) != 0 {
return fmt.Errorf("sensitiveOptions not supported by implementation of MountSensitive")
}
if bind {
err := n.doNsenterMount(source, target, fstype, bindOpts)
@ -116,10 +128,6 @@ func (n *Mounter) makeNsenterArgs(source, target, fstype string, options []strin
// We deliberately implement only the functions we need, so we don't have to maintain them...
func (n *Mounter) MountSensitive(source string, target string, fstype string, options []string, sensitiveOptions []string) error {
return fmt.Errorf("MountSensitive not implemented for containerized mounter")
}
func (n *Mounter) GetMountRefs(pathname string) ([]string, error) {
return nil, fmt.Errorf("GetMountRefs not implemented for containerized mounter")
}