nfs: do not run privileged nfs container

At the moment, we bindmount the dbus socket from the host, this requires
to run the container with --privileged.
Since we now run a dedicated dbus daemon inside the same container, we
can stop running privileged nfs-ganesha containers

Related ceph-container PR : ceph/ceph-container#1517

Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1725254

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
pull/4766/head
Guillaume Abrioux 2019-11-21 16:28:42 +01:00
parent c878e99589
commit d06158e9d9
1 changed files with 0 additions and 4 deletions

View File

@ -18,10 +18,6 @@ ExecStart=/usr/bin/{{ container_binary }} run --rm --net=host \
-v /etc/ganesha:/etc/ganesha:z \
-v /var/run/ceph:/var/run/ceph:z \
-v /var/log/ceph:/var/log/ceph:z \
{% if ceph_nfs_dynamic_exports %}
--privileged \
-v /var/run/dbus/system_bus_socket:/var/run/dbus/system_bus_socket \
{% endif -%}
-v /etc/localtime:/etc/localtime:ro \
-e CLUSTER={{ cluster }} \
-e CEPH_DAEMON=NFS \