From 13b0684cf6991a6704e4232bcbdb6b0f89f5163d Mon Sep 17 00:00:00 2001
From: Dinindu Senanayake <dinindusen@gmail.com>
Date: Sun, 28 Jul 2024 18:19:15 +1200
Subject: [PATCH] disable escalated privileges

---
 vars/ondemand-config.yml.example | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/vars/ondemand-config.yml.example b/vars/ondemand-config.yml.example
index 748a636..cb19c85 100644
--- a/vars/ondemand-config.yml.example
+++ b/vars/ondemand-config.yml.example
@@ -118,12 +118,12 @@ ood_apps:
     k8s_container: ghcr.io/nesi/training-environment-jupyter-introduction-shell-app:v0.3.0
     repo: https://github.com/nesi/training-environment-jupyter-introduction-shell-app.git
     version: 'v0.3.0'
-    enabled: true
+    enabled: false
     pre_pull: false
 
 # this is currently required for containers and nextflow apps to run properly (fakeroot)
 # Note: you should probably set to false unless you are running a containers workshop
-enable_privileged_pods: true
+enable_privileged_pods: false
 
 # pull the images defined in ood_apps onto all k8s worker nodes
 # Note: make sure the worker nodes have enough `worker_disksize` (especially if many apps are enabled)