summaryrefslogtreecommitdiff
path: root/vendor/github.com/containers/buildah/chroot/run.go
diff options
context:
space:
mode:
Diffstat (limited to 'vendor/github.com/containers/buildah/chroot/run.go')
-rw-r--r--vendor/github.com/containers/buildah/chroot/run.go9
1 files changed, 5 insertions, 4 deletions
diff --git a/vendor/github.com/containers/buildah/chroot/run.go b/vendor/github.com/containers/buildah/chroot/run.go
index a373c4053..badb51e34 100644
--- a/vendor/github.com/containers/buildah/chroot/run.go
+++ b/vendor/github.com/containers/buildah/chroot/run.go
@@ -902,29 +902,30 @@ func setCapabilities(spec *specs.Spec, keepCaps ...string) error {
capability.AMBIENT: spec.Process.Capabilities.Ambient,
}
knownCaps := capability.List()
+ noCap := capability.Cap(-1)
for capType, capList := range capMap {
for _, capToSet := range capList {
- cap := capability.CAP_LAST_CAP
+ cap := noCap
for _, c := range knownCaps {
if strings.EqualFold("CAP_"+c.String(), capToSet) {
cap = c
break
}
}
- if cap == capability.CAP_LAST_CAP {
+ if cap == noCap {
return errors.Errorf("error mapping capability %q to a number", capToSet)
}
caps.Set(capType, cap)
}
for _, capToSet := range keepCaps {
- cap := capability.CAP_LAST_CAP
+ cap := noCap
for _, c := range knownCaps {
if strings.EqualFold("CAP_"+c.String(), capToSet) {
cap = c
break
}
}
- if cap == capability.CAP_LAST_CAP {
+ if cap == noCap {
return errors.Errorf("error mapping capability %q to a number", capToSet)
}
if currentCaps.Get(capType, cap) {
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-12-26 09:03:24 +0000