diff options
| author | Daniel J Walsh <dwalsh@redhat.com> | 2020-08-17 06:28:45 -0400 |
|---|---|---|
| committer | Daniel J Walsh <dwalsh@redhat.com> | 2020-08-21 10:55:22 -0400 |
| commit | 7ed653804cbd9a74156cfa9ec4bbe67887d03884 (patch) | |
| tree | 11953b3cbebe7f10dce45cf72a6d56e334228f41 /vendor | |
| parent | 11372c4c4d75d731f346c6be06e41bfe9600ce81 (diff) | |
| download | podman-7ed653804cbd9a74156cfa9ec4bbe67887d03884.tar.gz podman-7ed653804cbd9a74156cfa9ec4bbe67887d03884.tar.bz2 podman-7ed653804cbd9a74156cfa9ec4bbe67887d03884.zip | |
In podman 1.* regression on --cap-add
In podman 1.0 if you executed a command like:
podman run --user dwalsh --cap-add net_bind_service alpine nc -l 80
It would work, and the user dwalsh would get the capability, in
podman 2.0, only root and the binding set gets the capability.
This change restores us back to the way podman 1.0 worked.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Diffstat (limited to 'vendor')
| -rw-r--r-- | vendor/github.com/containers/common/pkg/capabilities/capabilities.go | 10 | ||||
| -rw-r--r-- | vendor/github.com/containers/common/version/version.go | 2 | ||||
| -rw-r--r-- | vendor/modules.txt | 2 |
3 files changed, 7 insertions, 7 deletions
diff --git a/vendor/github.com/containers/common/pkg/capabilities/capabilities.go b/vendor/github.com/containers/common/pkg/capabilities/capabilities.go index 941177489..ddfa53be8 100644 --- a/vendor/github.com/containers/common/pkg/capabilities/capabilities.go +++ b/vendor/github.com/containers/common/pkg/capabilities/capabilities.go @@ -57,9 +57,9 @@ func AllCapabilities() []string { return capabilityList } -// normalizeCapabilities normalizes caps by adding a "CAP_" prefix (if not yet +// NormalizeCapabilities normalizes caps by adding a "CAP_" prefix (if not yet // present). -func normalizeCapabilities(caps []string) ([]string, error) { +func NormalizeCapabilities(caps []string) ([]string, error) { normalized := make([]string, len(caps)) for i, c := range caps { c = strings.ToUpper(c) @@ -98,7 +98,7 @@ func MergeCapabilities(base, adds, drops []string) ([]string, error) { var caps []string // Normalize the base capabilities - base, err := normalizeCapabilities(base) + base, err := NormalizeCapabilities(base) if err != nil { return nil, err } @@ -106,11 +106,11 @@ func MergeCapabilities(base, adds, drops []string) ([]string, error) { // Nothing to tweak; we're done return base, nil } - capDrop, err := normalizeCapabilities(drops) + capDrop, err := NormalizeCapabilities(drops) if err != nil { return nil, err } - capAdd, err := normalizeCapabilities(adds) + capAdd, err := NormalizeCapabilities(adds) if err != nil { return nil, err } diff --git a/vendor/github.com/containers/common/version/version.go b/vendor/github.com/containers/common/version/version.go index cce745b59..267e2b49a 100644 --- a/vendor/github.com/containers/common/version/version.go +++ b/vendor/github.com/containers/common/version/version.go @@ -1,4 +1,4 @@ package version // Version is the version of the build. -const Version = "0.14.7-dev" +const Version = "0.14.8" diff --git a/vendor/modules.txt b/vendor/modules.txt index 9e3152def..217f04ca5 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -84,7 +84,7 @@ github.com/containers/buildah/pkg/secrets github.com/containers/buildah/pkg/supplemented github.com/containers/buildah/pkg/umask github.com/containers/buildah/util -# github.com/containers/common v0.14.7 +# github.com/containers/common v0.14.8 github.com/containers/common/pkg/apparmor github.com/containers/common/pkg/auth github.com/containers/common/pkg/capabilities |