diff options
| author | OpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com> | 2021-01-07 09:44:37 -0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-01-07 09:44:37 -0500 |
| commit | 3cf41c4a7349d2f2529ce94801de2de9898ae27f (patch) | |
| tree | 0982a64d3ffd90561a8f1465be0581edfca489d3 /libpod/oci.go | |
| parent | 74af9254b98eb21e25c9776b0cf0664d3cb2c46e (diff) | |
| parent | db71759b1aa575633649091b97ea9b856aebc687 (diff) | |
| download | podman-3cf41c4a7349d2f2529ce94801de2de9898ae27f.tar.gz podman-3cf41c4a7349d2f2529ce94801de2de9898ae27f.tar.bz2 podman-3cf41c4a7349d2f2529ce94801de2de9898ae27f.zip | |
Merge pull request #8821 from rhatdan/caps
Containers should not get inheritable caps by default
Diffstat (limited to 'libpod/oci.go')
| -rw-r--r-- | libpod/oci.go | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/libpod/oci.go b/libpod/oci.go index 157c42c38..6948e6425 100644 --- a/libpod/oci.go +++ b/libpod/oci.go @@ -151,8 +151,6 @@ type OCIRuntime interface { type ExecOptions struct { // Cmd is the command to execute. Cmd []string - // CapAdd is a set of capabilities to add to the executed command. - CapAdd []string // Env is a set of environment variables to add to the container. Env map[string]string // Terminal is whether to create a new TTY for the exec session. @@ -181,6 +179,8 @@ type ExecOptions struct { // ExitCommandDelay is a delay (in seconds) between the exec session // exiting, and the exit command being invoked. ExitCommandDelay uint + // Privileged indicates the execed process will be launched in Privileged mode + Privileged bool } // HTTPAttachStreams informs the HTTPAttach endpoint which of the container's |