summaryrefslogtreecommitdiff
path: root/cmd/podman
diff options
context:
space:
mode:
authorDaniel J Walsh <dwalsh@redhat.com>2020-04-17 14:16:28 -0400
committerDaniel J Walsh <dwalsh@redhat.com>2020-04-20 15:50:46 -0400
commiteb101936e6ab21009b130a9e3ddfa939f416ca40 (patch)
tree1adf4fadc679747575983c67e275853a42607ba9 /cmd/podman
parenta2ad5bb9e1541707af39a19ec18997f6f0d77a0e (diff)
downloadpodman-eb101936e6ab21009b130a9e3ddfa939f416ca40.tar.gz
podman-eb101936e6ab21009b130a9e3ddfa939f416ca40.tar.bz2
podman-eb101936e6ab21009b130a9e3ddfa939f416ca40.zip
Handle Linux Capabilities correctly
If user sets capabilities list we need handle minimal capabilities. Also handle seccomp-policy being passed in. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Diffstat (limited to 'cmd/podman')
-rw-r--r--cmd/podman/common/specgen.go1
1 files changed, 1 insertions, 0 deletions
diff --git a/cmd/podman/common/specgen.go b/cmd/podman/common/specgen.go
index b8526993c..7550bf784 100644
--- a/cmd/podman/common/specgen.go
+++ b/cmd/podman/common/specgen.go
@@ -424,6 +424,7 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string
}
}
+ s.SeccompPolicy = c.SeccompPolicy
// TODO any idea why this was done
// storage.go from spec/
// grab it