Skip to content

Commit a6195f9

Browse files
prezhaprezha
committed
add default sysctls to allow privileged ports with no capabilities
1 parent 3c2a23e commit a6195f9

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

pkg/minikube/cruntime/crio.go

+1-1
Original file line numberDiff line numberDiff line change
@@ -94,7 +94,7 @@ func generateCRIOConfig(cr CommandRunner, imageRepository string, kv semver.Vers
9494
// note: cri-o supports 'efault_sysctls' option since v1.12.0 (Oct 19, 2018) (ref: https://github.com/cri-o/cri-o/releases/tag/v1.12.0; https://github.com/cri-o/cri-o/pull/1721)
9595
if kv.GTE(semver.Version{Major: 1, Minor: 22}) {
9696
// remove any existing 'net.ipv4.ip_unprivileged_port_start' settings
97-
if _, err := cr.RunCmd(exec.Command("sh", "-c", fmt.Sprintf(`sudo sed -i '/^ *"net.ipv4.ip_unprivileged_port_start = .*"/d' %s`, crioConfigFile))); err != nil {
97+
if _, err := cr.RunCmd(exec.Command("sh", "-c", fmt.Sprintf(`sudo sed -i '/^ *"net.ipv4.ip_unprivileged_port_start=.*"/d' %s`, crioConfigFile))); err != nil {
9898
return errors.Wrap(err, "removing net.ipv4.ip_unprivileged_port_start")
9999
}
100100
// insert 'default_sysctls' list, if not already present

0 commit comments

Comments
 (0)