Browse code
Update CAP_ prefix for new spec format
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
Michael Crosby authored on 2015/09/22 08:06:08Showing 3 changed files
| ... | ... |
@@ -65,7 +65,13 @@ func (d *Driver) createContainer(ctx context.Context, c *execdriver.Command, hoo |
| 65 | 65 |
return nil, err |
| 66 | 66 |
} |
| 67 | 67 |
} |
| 68 |
- |
|
| 68 |
+ // add CAP_ prefix to all caps for new libcontainer update to match |
|
| 69 |
+ // the spec format. |
|
| 70 |
+ for i, s := range container.Capabilities {
|
|
| 71 |
+ if !strings.HasPrefix(s, "CAP_") {
|
|
| 72 |
+ container.Capabilities[i] = fmt.Sprintf("CAP_%s", s)
|
|
| 73 |
+ } |
|
| 74 |
+ } |
|
| 69 | 75 |
container.AdditionalGroups = c.GroupAdd |
| 70 | 76 |
|
| 71 | 77 |
if c.AppArmorProfile != "" {
|
| ... | ... |
@@ -6,6 +6,7 @@ import ( |
| 6 | 6 |
"fmt" |
| 7 | 7 |
"os" |
| 8 | 8 |
"os/exec" |
| 9 |
+ "strings" |
|
| 9 | 10 |
"syscall" |
| 10 | 11 |
|
| 11 | 12 |
"github.com/docker/docker/context" |
| ... | ... |
@@ -36,6 +37,13 @@ func (d *Driver) Exec(ctx context.Context, c *execdriver.Command, processConfig |
| 36 | 36 |
if processConfig.Privileged {
|
| 37 | 37 |
p.Capabilities = execdriver.GetAllCapabilities() |
| 38 | 38 |
} |
| 39 |
+ // add CAP_ prefix to all caps for new libcontainer update to match |
|
| 40 |
+ // the spec format. |
|
| 41 |
+ for i, s := range p.Capabilities {
|
|
| 42 |
+ if !strings.HasPrefix(s, "CAP_") {
|
|
| 43 |
+ p.Capabilities[i] = fmt.Sprintf("CAP_%s", s)
|
|
| 44 |
+ } |
|
| 45 |
+ } |
|
| 39 | 46 |
|
| 40 | 47 |
config := active.Config() |
| 41 | 48 |
if err := setupPipes(&config, processConfig, p, pipes); err != nil {
|