[docker-eventd] limit privileged flag for eventd container (#16750)

### Why I did it
HLD implementation: Container Hardening (https://github.com/sonic-net/SONiC/pull/1364)
##### Work item tracking
- Microsoft ADO **(number only)**: 14807420

#### How I did it
Reduce linux capabilities in privileged flag
#### How to verify it
Run eventd sonic-mgmt tests
This commit is contained in:
Mai Bui 2023-10-02 12:51:24 -04:00 committed by GitHub
parent 0299ab8dee
commit f8a85c0a9f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -32,7 +32,7 @@ SONIC_INSTALL_DOCKER_DBG_IMAGES += $(DOCKER_EVENTD_DBG)
$(DOCKER_EVENTD)_FILES += $(SUPERVISOR_PROC_EXIT_LISTENER_SCRIPT)
$(DOCKER_EVENTD)_CONTAINER_NAME = eventd
$(DOCKER_EVENTD)_RUN_OPT += --privileged -t
$(DOCKER_EVENTD)_RUN_OPT += -t
$(DOCKER_EVENTD)_RUN_OPT += -v /etc/sonic:/etc/sonic:ro
$(DOCKER_EVENTD)_RUN_OPT += -v /etc/timezone:/etc/timezone:ro