1. docker
  2. Commit e1c7abe8905d4cc034f1ed49e9d102846e412424
Browse code

Add the rest of the caps so that they are retained in privilged mode

Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)

Michael Crosby authored on 2014/05/17 11:03:26
Showing 1 changed files
pkg/libcontainer/types.go
History View file @ e1c7abe
... ... 
@@ -61,6 +61,23 @@ var (
61 61 
 		{Key: "NET_RAW", Value: capability.CAP_NET_RAW},
62 62 
 		{Key: "DAC_OVERRIDE", Value: capability.CAP_DAC_OVERRIDE},
63 63 
 		{Key: "FOWNER", Value: capability.CAP_FOWNER},
64 
+		{Key: "DAC_READ_SEARCH", Value: capability.CAP_DAC_READ_SEARCH},
65 
+		{Key: "FSETID", Value: capability.CAP_FSETID},
66 
+		{Key: "KILL", Value: capability.CAP_KILL},
67 
+		{Key: "SETGID", Value: capability.CAP_SETGID},
68 
+		{Key: "SETUID", Value: capability.CAP_SETUID},
69 
+		{Key: "LINUX_IMMUTABLE", Value: capability.CAP_LINUX_IMMUTABLE},
70 
+		{Key: "NET_BIND_SERVICE", Value: capability.CAP_NET_BIND_SERVICE},
71 
+		{Key: "NET_BROADCAST", Value: capability.CAP_NET_BROADCAST},
72 
+		{Key: "IPC_LOCK", Value: capability.CAP_IPC_LOCK},
73 
+		{Key: "IPC_OWNER", Value: capability.CAP_IPC_OWNER},
74 
+		{Key: "SYS_CHROOT", Value: capability.CAP_SYS_CHROOT},
75 
+		{Key: "SYS_PTRACE", Value: capability.CAP_SYS_PTRACE},
76 
+		{Key: "SYS_BOOT", Value: capability.CAP_SYS_BOOT},
77 
+		{Key: "LEASE", Value: capability.CAP_LEASE},
78 
+		{Key: "SETFCAP", Value: capability.CAP_SETFCAP},
79 
+		{Key: "WAKE_ALARM", Value: capability.CAP_WAKE_ALARM},
80 
+		{Key: "BLOCK_SUSPEND", Value: capability.CAP_BLOCK_SUSPEND},
64 81 
 	}
65 82 
 )
66 83