docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #5907 from vmarmol/caps 

Don't drop CAP_FOWNER in the container.
This commit is contained in:
Michael Crosby 2014-05-19 10:06:29 -07:00
parent 265de539ff 0abad3ae22
commit a3a26cd349
1 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
daemon/execdriver/native/template/default_template.go
View File

@ -10,12 +10,13 @@ import (
func New() *libcontainer.Container { func New() *libcontainer.Container {
container := &libcontainer.Container{ container := &libcontainer.Container{
Capabilities: []string{ Capabilities: []string{
"MKNOD",
"SETUID",
"SETGID",
"CHOWN", "CHOWN",
"NET_RAW",
"DAC_OVERRIDE", "DAC_OVERRIDE",
"FOWNER",
"MKNOD",
"NET_RAW",
"SETGID",
"SETUID",
}, },
Namespaces: map[string]bool{ Namespaces: map[string]bool{
"NEWNS": true, "NEWNS": true,