diff --git a/drivers/exec/driver.go b/drivers/exec/driver.go index 06cc15bf5..3ae3a1f64 100644 --- a/drivers/exec/driver.go +++ b/drivers/exec/driver.go @@ -167,8 +167,8 @@ type Config struct { // running on this node. AllowCaps []string `codec:"allow_caps"` - DeniedHostUidsStr string `codec:"denied_host_uids"` - DeniedHostGidsStr string `codec:"denied_host_gids"` + DeniedHostUids string `codec:"denied_host_uids"` + DeniedHostGids string `codec:"denied_host_gids"` } func (c *Config) validate() error { @@ -312,7 +312,7 @@ func (d *Driver) SetConfig(cfg *base.Config) error { } if d.userIDValidator == nil { - idValidator, err := validators.NewValidator(d.logger, config.DeniedHostUidsStr, config.DeniedHostGidsStr) + idValidator, err := validators.NewValidator(d.logger, config.DeniedHostUids, config.DeniedHostGids) if err != nil { return fmt.Errorf("unable to start validator: %w", err) } diff --git a/drivers/exec/driver_test.go b/drivers/exec/driver_test.go index 53c168b44..37dace107 100644 --- a/drivers/exec/driver_test.go +++ b/drivers/exec/driver_test.go @@ -881,11 +881,11 @@ func TestDriver_Config_setDeniedIds(t *testing.T) { defer harness.Kill() config := &Config{ - NoPivotRoot: false, - DefaultModePID: executor.IsolationModePrivate, - DefaultModeIPC: executor.IsolationModePrivate, - DeniedHostUidsStr: tc.uidRanges, - DeniedHostGidsStr: tc.gidRanges, + NoPivotRoot: false, + DefaultModePID: executor.IsolationModePrivate, + DefaultModeIPC: executor.IsolationModePrivate, + DeniedHostUids: tc.uidRanges, + DeniedHostGids: tc.gidRanges, } var data []byte diff --git a/drivers/rawexec/__debug_bin1797543248 b/drivers/rawexec/__debug_bin1797543248 deleted file mode 100755 index 6c1166b31..000000000 Binary files a/drivers/rawexec/__debug_bin1797543248 and /dev/null differ diff --git a/drivers/rawexec/driver.go b/drivers/rawexec/driver.go index 99b44fe7e..52a6108d7 100644 --- a/drivers/rawexec/driver.go +++ b/drivers/rawexec/driver.go @@ -150,8 +150,8 @@ type Config struct { // Enabled is set to true to enable the raw_exec driver Enabled bool `codec:"enabled"` - DeniedHostUidsStr string `codec:"denied_host_uids"` - DeniedHostGidsStr string `codec:"denied_host_gids"` + DeniedHostUids string `codec:"denied_host_uids"` + DeniedHostGids string `codec:"denied_host_gids"` } // TaskConfig is the driver configuration of a task within a job @@ -215,7 +215,7 @@ func (d *Driver) SetConfig(cfg *base.Config) error { } if d.userIDValidator == nil { - idValidator, err := validators.NewValidator(d.logger, config.DeniedHostUidsStr, config.DeniedHostGidsStr) + idValidator, err := validators.NewValidator(d.logger, config.DeniedHostUids, config.DeniedHostGids) if err != nil { return fmt.Errorf("unable to start validator: %w", err) } diff --git a/drivers/rawexec/driver_test.go b/drivers/rawexec/driver_test.go index d46e1d5ae..f2825379f 100644 --- a/drivers/rawexec/driver_test.go +++ b/drivers/rawexec/driver_test.go @@ -135,7 +135,7 @@ func TestRawExecDriver_SetConfig(t *testing.T) { // Turns on uid/gid restrictions, and sets the range to a bad value and // force the recreation of the validator. d.(*Driver).userIDValidator = nil - config.DeniedHostUidsStr = "100-1" + config.DeniedHostUids = "100-1" data = []byte{} must.NoError(t, basePlug.MsgPackEncode(&data, config)) diff --git a/drivers/rawexec/driver_unix_test.go b/drivers/rawexec/driver_unix_test.go index 4d5ca1b28..81ba252ca 100644 --- a/drivers/rawexec/driver_unix_test.go +++ b/drivers/rawexec/driver_unix_test.go @@ -558,8 +558,8 @@ func TestRawExec_Validate(t *testing.T) { allowAll := "" denyCurrent := current.Uid - configAllowCurrent := Config{DeniedHostUidsStr: allowAll} - configDenyCurrent := Config{DeniedHostUidsStr: denyCurrent} + configAllowCurrent := Config{DeniedHostUids: allowAll} + configDenyCurrent := Config{DeniedHostUids: denyCurrent} driverConfigNoUserSpecified := drivers.TaskConfig{} driverTaskConfig := drivers.TaskConfig{User: current.Name}