summaryrefslogtreecommitdiff
path: root/libpod
diff options
context:
space:
mode:
authorDaniel J Walsh <dwalsh@redhat.com>2018-08-24 05:47:37 -0400
committerAtomic Bot <atomic-devel@projectatomic.io>2018-08-24 12:16:19 +0000
commite7fbf329c206397b77f39b60e1bed0c8b9de45c6 (patch)
tree753e01de94b2c3d3b99e2ced9d5d9c8c2313a6ac /libpod
parent16465007d0ea1226b63efccc98f1adc8dc279fd3 (diff)
downloadpodman-e7fbf329c206397b77f39b60e1bed0c8b9de45c6.tar.gz
podman-e7fbf329c206397b77f39b60e1bed0c8b9de45c6.tar.bz2
podman-e7fbf329c206397b77f39b60e1bed0c8b9de45c6.zip
Reveal information about container capabilities
I am often asked about the list of capabilities availabel to a container. We should be listing this data in the inspect command for effective capabilities and the bounding set. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1335 Approved by: TomSweeneyRedHat
Diffstat (limited to 'libpod')
-rw-r--r--libpod/container_inspect.go2
1 files changed, 2 insertions, 0 deletions
diff --git a/libpod/container_inspect.go b/libpod/container_inspect.go
index 7ed9f9be9..f2e54aeef 100644
--- a/libpod/container_inspect.go
+++ b/libpod/container_inspect.go
@@ -79,6 +79,8 @@ func (c *Container) getContainerInspectData(size bool, driverData *inspect.Data)
Name: config.Name,
Driver: driverData.Name,
MountLabel: config.MountLabel,
+ EffectiveCaps: spec.Process.Capabilities.Effective,
+ BoundingCaps: spec.Process.Capabilities.Bounding,
ProcessLabel: spec.Process.SelinuxLabel,
AppArmorProfile: spec.Process.ApparmorProfile,
ExecIDs: execIDs,