FC: Removed redundant --seccomp-level jailer parameter

Firecracker has removed redundant `--seccomp-level` jailer parameter since it can be simply forwarded to the Firecracker executable using "end of command options" convention. Related PR: firecracker-microvm/firecracker#1491 Since kata is just using default seccomp level for firecracker, here then we just removed the setting for jailer. Fixes: #2504 Signed-off-by: Penny Zheng <[email protected]>
kata-containers · Mar 23, 2020 · 2945bcd · 2945bcd
1 parent d2cae59
commit 2945bcd
Showing 1 changed file with 0 additions and 1 deletion.
diff --git a/virtcontainers/fc.go b/virtcontainers/fc.go
@@ -361,7 +361,6 @@ func (fc *firecracker) fcInit(timeout int) error {
 		jailedArgs := []string{
 			"--id", fc.id,
 			"--node", "0", //FIXME: Comprehend NUMA topology or explicit ignore
-			"--seccomp-level", "2",
 			"--exec-file", fc.config.HypervisorPath,
 			"--uid", "0", //https://github.com/kata-containers/runtime/issues/1869
 			"--gid", "0",