mirror of
https://github.com/engineer-man/piston.git
synced 2025-08-05 20:38:46 +02:00
v3 - Remove the use of unshare + privileged mode and instead (#195)
use seccomp to filter for socket syscalls
This commit is contained in:
parent
f6a4e67d5f
commit
552fb91c6b
8 changed files with 75 additions and 10 deletions
|
@ -3,12 +3,10 @@ version: '2.7'
|
|||
services:
|
||||
piston_api:
|
||||
build: api
|
||||
cap_add:
|
||||
- CAP_SYS_ADMIN
|
||||
restart: always
|
||||
ports:
|
||||
- 2000:2000
|
||||
volumes:
|
||||
- ./data/piston:/piston
|
||||
tmpfs:
|
||||
- /piston/jobs:exec
|
||||
- /piston/jobs:exec
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue