From eb101936e6ab21009b130a9e3ddfa939f416ca40 Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Fri, 17 Apr 2020 14:16:28 -0400 Subject: Handle Linux Capabilities correctly If user sets capabilities list we need handle minimal capabilities. Also handle seccomp-policy being passed in. Signed-off-by: Daniel J Walsh --- cmd/podman/common/specgen.go | 1 + 1 file changed, 1 insertion(+) (limited to 'cmd/podman') diff --git a/cmd/podman/common/specgen.go b/cmd/podman/common/specgen.go index b8526993c..7550bf784 100644 --- a/cmd/podman/common/specgen.go +++ b/cmd/podman/common/specgen.go @@ -424,6 +424,7 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string } } + s.SeccompPolicy = c.SeccompPolicy // TODO any idea why this was done // storage.go from spec/ // grab it -- cgit v1.2.3-54-g00ecf