summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--docs/podman-inspect.1.md5
-rw-r--r--libpod/container_inspect.go2
-rw-r--r--pkg/inspect/inspect.go2
3 files changed, 9 insertions, 0 deletions
diff --git a/docs/podman-inspect.1.md b/docs/podman-inspect.1.md
index 47a189e39..ef68e929c 100644
--- a/docs/podman-inspect.1.md
+++ b/docs/podman-inspect.1.md
@@ -96,6 +96,11 @@ overlay
size: 4405240
```
+```
+podman inspect --latest --format {{.EffectiveCaps}}
+[CAP_CHOWN CAP_DAC_OVERRIDE CAP_FSETID CAP_FOWNER CAP_MKNOD CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SETFCAP CAP_SETPCAP CAP_NET_BIND_SERVICE CAP_SYS_CHROOT CAP_KILL CAP_AUDIT_WRITE]
+```
+
## SEE ALSO
podman(1)
diff --git a/libpod/container_inspect.go b/libpod/container_inspect.go
index 7ed9f9be9..f2e54aeef 100644
--- a/libpod/container_inspect.go
+++ b/libpod/container_inspect.go
@@ -79,6 +79,8 @@ func (c *Container) getContainerInspectData(size bool, driverData *inspect.Data)
Name: config.Name,
Driver: driverData.Name,
MountLabel: config.MountLabel,
+ EffectiveCaps: spec.Process.Capabilities.Effective,
+ BoundingCaps: spec.Process.Capabilities.Bounding,
ProcessLabel: spec.Process.SelinuxLabel,
AppArmorProfile: spec.Process.ApparmorProfile,
ExecIDs: execIDs,
diff --git a/pkg/inspect/inspect.go b/pkg/inspect/inspect.go
index b9230027c..62ba53147 100644
--- a/pkg/inspect/inspect.go
+++ b/pkg/inspect/inspect.go
@@ -161,6 +161,8 @@ type ContainerInspectData struct {
MountLabel string `json:"MountLabel"`
ProcessLabel string `json:"ProcessLabel"`
AppArmorProfile string `json:"AppArmorProfile"`
+ EffectiveCaps []string `json:"EffectiveCaps"`
+ BoundingCaps []string `json:"BoundingCaps"`
ExecIDs []string `json:"ExecIDs"`
GraphDriver *Data `json:"GraphDriver"`
SizeRw int64 `json:"SizeRw,omitempty"`