From 910bf426e00bc351628d277cbb8d699affce374e Mon Sep 17 00:00:00 2001
From: Derek Su <derek.su@suse.com>
Date: Sat, 2 Dec 2023 13:55:33 +0000
Subject: [PATCH] Revert "Run the container of the helper pod in privileged
 mode"

This reverts commit bd0bc3128029ced34de5d350befeb6a941db38f0.

Signed-off-by: Derek Su <derek.su@suse.com>
---
 provisioner.go | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/provisioner.go b/provisioner.go
index 20548ee8..b226a214 100644
--- a/provisioner.go
+++ b/provisioner.go
@@ -567,7 +567,6 @@ func (p *LocalPathProvisioner) createHelperPod(action ActionType, cmd []string,
 	if o.Node != "" {
 		helperPod.Spec.NodeName = o.Node
 	}
-	privileged := true
 	helperPod.Spec.ServiceAccountName = p.serviceAccountName
 	helperPod.Spec.RestartPolicy = v1.RestartPolicyNever
 	helperPod.Spec.Tolerations = append(helperPod.Spec.Tolerations, lpvTolerations...)
@@ -578,9 +577,6 @@ func (p *LocalPathProvisioner) createHelperPod(action ActionType, cmd []string,
 		"-s", strconv.FormatInt(o.SizeInBytes, 10),
 		"-m", string(o.Mode),
 		"-a", string(action)}
-	helperPod.Spec.Containers[0].SecurityContext = &v1.SecurityContext{
-		Privileged: &privileged,
-	}
 
 	// If it already exists due to some previous errors, the pod will be cleaned up later automatically
 	// https://github.com/rancher/local-path-provisioner/issues/27
-- 
GitLab