[WIP] Fix Divingbell privileged issues1

Change-Id: I01c4018790dcd7d94d9bb2c26571f28f884e10f9
2021-08-06 07:31:17 -05:00 · 2021-08-06 07:31:17 -05:00 · bbb01c5f13
parent 07ff23944f
commit bbb01c5f13
1 changed files with 2 additions and 3 deletions
--- a/divingbell/values.yaml
+++ b/divingbell/values.yaml
@ -124,7 +124,7 @@ pod:
        apt:
          readOnlyRootFilesystem: true
          runAsUser: 0
-          privileged: false
+          privileged: true
        apparmor:
          capabilities:
            add:
@ -140,7 +140,7 @@ pod:
        exec:
          readOnlyRootFilesystem: true
          runAsUser: 0
-          privileged: false
+          privileged: true
        limits:
          readOnlyRootFilesystem: true
          runAsUser: 0
@ -154,7 +154,6 @@ pod:
          capabilities:
            add:
              - 'SYS_PTRACE'
-              - 'SYS_ADMIN'
              - 'SYS_RAWIO'
          readOnlyRootFilesystem: true
          runAsUser: 0