Revert "nfs: do not run privileged nfs container"

author Guillaume Abrioux <gabrioux@redhat.com>

Wed, 18 Dec 2019 15:14:21 +0000 (16:14 +0100)

committer Guillaume Abrioux <gabrioux@redhat.com>

Wed, 8 Jan 2020 13:18:21 +0000 (14:18 +0100)
author Guillaume Abrioux <gabrioux@redhat.com>
Wed, 18 Dec 2019 15:14:21 +0000 (16:14 +0100)
committer Guillaume Abrioux <gabrioux@redhat.com>
Wed, 8 Jan 2020 13:18:21 +0000 (14:18 +0100)
diff --git a/roles/ceph-nfs/templates/ceph-nfs.service.j2 b/roles/ceph-nfs/templates/ceph-nfs.service.j2

index 3f64ce058bb1ab08d60857efe1b6470daeb62706..459689ef88b32e79a95a85b1a8742549c9f18414 100644 (file)
--- a/roles/ceph-nfs/templates/ceph-nfs.service.j2
+++ b/roles/ceph-nfs/templates/ceph-nfs.service.j2
@@ -18,6 +18,10 @@ ExecStart=/usr/bin/{{ container_binary }} run --rm --net=host \
    -v /etc/ganesha:/etc/ganesha:z \
    -v /var/run/ceph:/var/run/ceph:z \
    -v /var/log/ceph:/var/log/ceph:z \
+  {% if ceph_nfs_dynamic_exports %}
+  --privileged \
+  -v /var/run/dbus/system_bus_socket:/var/run/dbus/system_bus_socket \
+  {% endif -%}
    -v /etc/localtime:/etc/localtime:ro \
    -e CLUSTER={{ cluster }} \
    -e CEPH_DAEMON=NFS \
author	Guillaume Abrioux <gabrioux@redhat.com>
	Wed, 18 Dec 2019 15:14:21 +0000 (16:14 +0100)
committer	Guillaume Abrioux <gabrioux@redhat.com>
	Wed, 8 Jan 2020 13:18:21 +0000 (14:18 +0100)