Job79/devcontainer
1
0
Fork 1
Code Issues Pull Requests Actions Packages Activity

refactor: restrict container host access

Browse Source
This commit is contained in:
Job
2025-08-27 21:03:38 +02:00
parent 2f41c16957
commit 27024a0158
3 changed files with 4 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
containers/go/config.sh
View File

@@ -1,3 +1,3 @@
for dir in "Code" "Documents" "Downloads" ".config/devcontainer"; do for dir in "Code" "Downloads" ".config/devcontainer"; do
arg "-v $HOME/$dir:/home/user/$dir" arg "-v $HOME/$dir:/home/user/$dir"
done done

2
containers/kube/config.sh
View File

@@ -1,3 +1,3 @@
for dir in "Code" "Documents" "Downloads" ".config/devcontainer"; do for dir in "Code" "Downloads" ".config/devcontainer"; do
arg "-v $HOME/$dir:/home/user/$dir" arg "-v $HOME/$dir:/home/user/$dir"
done done

3
enter.sh
View File

@@ -23,6 +23,7 @@ run_args() {
# container. # container.
[ -e "/run/user/$UID/bus" ] && arg "-v /run/user/$UID/bus:/tmp/bus" # Use host dbus. [ -e "/run/user/$UID/bus" ] && arg "-v /run/user/$UID/bus:/tmp/bus" # Use host dbus.
arg "-e HOST_HOME=$HOME" # Used to translate container path to host. arg "-e HOST_HOME=$HOME" # Used to translate container path to host.
arg "-e CONTAINER_NAME=$name"
# Use host networking. # Use host networking.
arg "--net=host" arg "--net=host"
@@ -82,4 +83,4 @@ if [ "$pull" = true ] || [ "$(podman container inspect "$name" -f {{.State.Runni
fi fi
podman start "$name" 1>/dev/null podman start "$name" 1>/dev/null
podman exec -e CONTAINER_NAME="$name" -e ENTER_DIR="${PWD/#$HOME/\~}" --detach-keys "ctrl-@" -it "$name" bash -l podman exec -e ENTER_DIR="${PWD/#$HOME/\~}" --detach-keys "ctrl-@" -it "$name" bash -l