Skip to content

Commit

Permalink
Try fixing CI
Browse files Browse the repository at this point in the history
  • Loading branch information
@varqox
varqox committed Oct 15, 2024
1 parent ef78716 commit 2e6cae4
Showing 1 changed file with 10 additions and 10 deletions.
20 changes: 10 additions & 10 deletions .github/workflows/ci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ jobs:
image: debian:bookworm
options: --security-opt seccomp=unconfined --privileged --security-opt systempaths=unconfined # needed to make clone3() work in the container, and mount cgroup2 read-write, and /proc mountable
steps:
- run: sysctl -w kernel.apparmor_restrict_unprivileged_userns=0
- run: echo 0 > /proc/sys/kernel/apparmor_restrict_unprivileged_userns
- run: mount -t cgroup2 -o nsdelegate,remount none /sys/fs/cgroup
- run: useradd tester
- run: chown -R tester:tester /sys/fs/cgroup
Expand All @@ -28,7 +28,7 @@ jobs:
image: ubuntu:24.04
options: --security-opt seccomp=unconfined --privileged --security-opt systempaths=unconfined # needed to make clone3() work in the container, and mount cgroup2 read-write, and /proc mountable
steps:
- run: sysctl -w kernel.apparmor_restrict_unprivileged_userns=0
- run: echo 0 > /proc/sys/kernel/apparmor_restrict_unprivileged_userns
- run: mount -t cgroup2 -o nsdelegate,remount none /sys/fs/cgroup
- run: useradd tester
- run: chown -R tester:tester /sys/fs/cgroup
Expand All @@ -48,7 +48,7 @@ jobs:
image: fedora:39
options: --security-opt seccomp=unconfined --privileged --security-opt systempaths=unconfined # needed to make clone3() work in the container, and mount cgroup2 read-write, and /proc mountable
steps:
- run: sysctl -w kernel.apparmor_restrict_unprivileged_userns=0
- run: echo 0 > /proc/sys/kernel/apparmor_restrict_unprivileged_userns
- run: mount -t cgroup2 -o nsdelegate,remount none /sys/fs/cgroup
- run: useradd tester
- run: chown -R tester:tester /sys/fs/cgroup
Expand All @@ -67,7 +67,7 @@ jobs:
image: archlinux
options: --security-opt seccomp=unconfined --privileged --security-opt systempaths=unconfined # needed to make clone3() work in the container, and mount cgroup2 read-write, and /proc mountable
steps:
- run: sysctl -w kernel.apparmor_restrict_unprivileged_userns=0
- run: echo 0 > /proc/sys/kernel/apparmor_restrict_unprivileged_userns
- run: mount -t cgroup2 -o nsdelegate,remount none /sys/fs/cgroup
- run: useradd tester
- run: chown -R tester:tester /sys/fs/cgroup
Expand All @@ -86,7 +86,7 @@ jobs:
image: debian:bookworm
options: --security-opt seccomp=unconfined --privileged --security-opt systempaths=unconfined # needed to make clone3() work in the container, and mount cgroup2 read-write, and /proc mountable
steps:
- run: sysctl -w kernel.apparmor_restrict_unprivileged_userns=0
- run: echo 0 > /proc/sys/kernel/apparmor_restrict_unprivileged_userns
- run: mount -t cgroup2 -o nsdelegate,remount none /sys/fs/cgroup
- run: useradd tester
- run: chown -R tester:tester /sys/fs/cgroup
Expand All @@ -107,7 +107,7 @@ jobs:
image: debian:bookworm
options: --security-opt seccomp=unconfined --privileged --security-opt systempaths=unconfined # needed to make clone3() work in the container, and mount cgroup2 read-write, and /proc mountable
steps:
- run: sysctl -w kernel.apparmor_restrict_unprivileged_userns=0
- run: echo 0 > /proc/sys/kernel/apparmor_restrict_unprivileged_userns
- run: mount -t cgroup2 -o nsdelegate,remount none /sys/fs/cgroup
- run: useradd tester
- run: chown -R tester:tester /sys/fs/cgroup
Expand All @@ -127,7 +127,7 @@ jobs:
image: ubuntu:24.04
options: --security-opt seccomp=unconfined --privileged --security-opt systempaths=unconfined # needed to make clone3() work in the container, and mount cgroup2 read-write, and /proc mountable
steps:
- run: sysctl -w kernel.apparmor_restrict_unprivileged_userns=0
- run: echo 0 > /proc/sys/kernel/apparmor_restrict_unprivileged_userns
- run: mount -t cgroup2 -o nsdelegate,remount none /sys/fs/cgroup
- run: useradd tester
- run: chown -R tester:tester /sys/fs/cgroup
Expand All @@ -147,7 +147,7 @@ jobs:
image: fedora:39
options: --security-opt seccomp=unconfined --privileged --security-opt systempaths=unconfined # needed to make clone3() work in the container, and mount cgroup2 read-write, and /proc mountable
steps:
- run: sysctl -w kernel.apparmor_restrict_unprivileged_userns=0
- run: echo 0 > /proc/sys/kernel/apparmor_restrict_unprivileged_userns
- run: mount -t cgroup2 -o nsdelegate,remount none /sys/fs/cgroup
- run: useradd tester
- run: chown -R tester:tester /sys/fs/cgroup
Expand All @@ -166,7 +166,7 @@ jobs:
image: archlinux
options: --security-opt seccomp=unconfined --privileged --security-opt systempaths=unconfined # needed to make clone3() work in the container, and mount cgroup2 read-write, and /proc mountable
steps:
- run: sysctl -w kernel.apparmor_restrict_unprivileged_userns=0
- run: echo 0 > /proc/sys/kernel/apparmor_restrict_unprivileged_userns
- run: mount -t cgroup2 -o nsdelegate,remount none /sys/fs/cgroup
- run: useradd tester
- run: chown -R tester:tester /sys/fs/cgroup
Expand All @@ -185,7 +185,7 @@ jobs:
image: debian:bookworm
options: --security-opt seccomp=unconfined --privileged --security-opt systempaths=unconfined # needed to make clone3() work in the container, and mount cgroup2 read-write, and /proc mountable
steps:
- run: sysctl -w kernel.apparmor_restrict_unprivileged_userns=0
- run: echo 0 > /proc/sys/kernel/apparmor_restrict_unprivileged_userns
- run: mount -t cgroup2 -o nsdelegate,remount none /sys/fs/cgroup
- run: useradd tester
- run: chown -R tester:tester /sys/fs/cgroup
Expand Down

0 comments on commit 2e6cae4

Please sign in to comment.