tangled.org / core
Monorepo for Tangled tangled.org
fork atom

spindle/engine: mount /tmp as world-writeable

Signed-off-by: Anirudh Oppiliappan <anirudh@tangled.sh>

anirudh.fi 935b6304 3a3a98e0

verified
options
unified split
Changed files
+7 -4
spindle
engine
engine.go
+7 -4
spindle/engine/engine.go
··· 253 253 254 254 select { 255 255 case <-waitDone: 256 - // container finished normally 257 - stepCancel() 258 256 259 257 // wait for tailing to complete 260 258 <-tailDone 259 + stepCancel() 261 260 262 261 case <-stepCtx.Done(): 263 262 e.l.Warn("step timed out; killing container", "container", resp.ID, "timeout", stepTimeout) ··· 491 490 Target: "/nix", 492 491 }, 493 492 { 494 - Type: mount.TypeTmpfs, 495 - Target: "/tmp", 493 + Type: mount.TypeTmpfs, 494 + Target: "/tmp", 495 + ReadOnly: false, 496 + TmpfsOptions: &mount.TmpfsOptions{ 497 + Mode: 0o1777, // world-writeable sticky bit 498 + }, 496 499 }, 497 500 }, 498 501 ReadonlyRootfs: false,