mirror of
https://github.com/siderolabs/talos.git
synced 2025-12-11 12:31:44 +01:00
33d1c3e425
For the `trustd`, this change is simple as it doesn't access any files on the host filesystem. For the `apid`, there are more things involved: * `apid.sock` used for internal API calls should be createable by `apid` * `runtime.sock` used for apid to COSI communication should be accessible for `apid` * `machined.sock` used for proxying calls to machined should be as well made available to the `apid`. Plus fixes default permissions for `tmpfs` mountpoints. Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>