diff options
| author | Daniel J Walsh <dwalsh@redhat.com> | 2018-09-14 22:25:08 -0400 |
|---|---|---|
| committer | Atomic Bot <atomic-devel@projectatomic.io> | 2018-09-15 10:58:55 +0000 |
| commit | 5e4f7e915ebec279f20329bba5701a7b8d8dfe32 (patch) | |
| tree | 92cd8bbf3ed49cca9cf8b46322bfe57848bd39c4 /vendor/github.com/projectatomic/buildah/run.go | |
| parent | 70189f0223cc01a2949cea436e06f3aee316d0db (diff) | |
| download | podman-5e4f7e915ebec279f20329bba5701a7b8d8dfe32.tar.gz podman-5e4f7e915ebec279f20329bba5701a7b8d8dfe32.tar.bz2 podman-5e4f7e915ebec279f20329bba5701a7b8d8dfe32.zip | |
Vendor in latest projectatomic/buildah
Buildah
Fixes to COPY and ADD to properly follow symbolic links is SRC is a symbolic link
Print out a digest message on successful push.
We should not drop the Bounding set when running as a non priv user in podman build
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1483
Approved by: rhatdan
Diffstat (limited to 'vendor/github.com/projectatomic/buildah/run.go')
| -rw-r--r-- | vendor/github.com/projectatomic/buildah/run.go | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/vendor/github.com/projectatomic/buildah/run.go b/vendor/github.com/projectatomic/buildah/run.go index 12560de3c..2ce5add39 100644 --- a/vendor/github.com/projectatomic/buildah/run.go +++ b/vendor/github.com/projectatomic/buildah/run.go @@ -868,9 +868,11 @@ func (b *Builder) configureUIDGID(g *generate.Generator, mountPoint string, opti g.AddProcessAdditionalGid(gid) } - // Remove capabilities if not running as root + // Remove capabilities if not running as root except Bounding set if user.UID != 0 { + bounding := g.Config.Process.Capabilities.Bounding g.ClearProcessCapabilities() + g.Config.Process.Capabilities.Bounding = bounding } return nil |