From 914bbf5e49ad69ad7415353e209c183c0c3f5b2d Mon Sep 17 00:00:00 2001
From: Lokesh Mandvekar <lsm5@fedoraproject.org>
Date: Thu, 22 Oct 2020 12:17:58 -0400
Subject: replace net_raw with setuid

podman does not allow setting CAP_NET_RAW

Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
---
 test/e2e/run_security_labels.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'test/e2e')

diff --git a/test/e2e/run_security_labels.go b/test/e2e/run_security_labels.go
index 2a0b0467d..0c5621e3f 100644
--- a/test/e2e/run_security_labels.go
+++ b/test/e2e/run_security_labels.go
@@ -94,7 +94,7 @@ var _ = Describe("Podman generate kube", func() {
 		test1.WaitWithDefaultTimeout()
 		Expect(test1.ExitCode()).To(BeZero())
 
-		commit := podmanTest.Podman([]string{"commit", "-c", "label=io.containers.capabilities=sys_chroot,net_raw", "test1", "image1"})
+		commit := podmanTest.Podman([]string{"commit", "-c", "label=io.containers.capabilities=sys_chroot,setuid", "test1", "image1"})
 		commit.WaitWithDefaultTimeout()
 		Expect(commit.ExitCode()).To(BeZero())
 
@@ -108,7 +108,7 @@ var _ = Describe("Podman generate kube", func() {
 
 		ctr := inspect.InspectContainerToJSON()
 		caps := strings.Join(ctr[0].EffectiveCaps, ",")
-		Expect(caps).To(Equal("CAP_SYS_CHROOT,CAP_NET_RAW"))
+		Expect(caps).To(Equal("CAP_SYS_CHROOT,CAP_SETUID"))
 
 	})
 
-- 
cgit v1.2.3-54-g00ecf