diff options
Diffstat (limited to 'vendor/github.com/projectatomic/buildah/util/types.go')
| -rw-r--r-- | vendor/github.com/projectatomic/buildah/util/types.go | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/vendor/github.com/projectatomic/buildah/util/types.go b/vendor/github.com/projectatomic/buildah/util/types.go index bce419c02..974b707fb 100644 --- a/vendor/github.com/projectatomic/buildah/util/types.go +++ b/vendor/github.com/projectatomic/buildah/util/types.go @@ -8,3 +8,23 @@ const ( // DefaultCNIConfigDir is the default location of CNI configuration files. DefaultCNIConfigDir = "/etc/cni/net.d" ) + +var ( + // DefaultCapabilities is the list of capabilities which we grant by + // default to containers which are running under UID 0. + DefaultCapabilities = []string{ + "CAP_AUDIT_WRITE", + "CAP_CHOWN", + "CAP_DAC_OVERRIDE", + "CAP_FOWNER", + "CAP_FSETID", + "CAP_KILL", + "CAP_MKNOD", + "CAP_NET_BIND_SERVICE", + "CAP_SETFCAP", + "CAP_SETGID", + "CAP_SETPCAP", + "CAP_SETUID", + "CAP_SYS_CHROOT", + } +) |