File tree Expand file tree Collapse file tree 1 file changed +81
-81
lines changed Expand file tree Collapse file tree 1 file changed +81
-81
lines changed Original file line number Diff line number Diff line change @@ -60,87 +60,87 @@ defaultMountFlags := unix.MS_NOEXEC | unix.MS_NOSUID | unix.MS_NODEV
6060config := &configs.Config {
6161 Rootfs : " /your/path/to/rootfs"
6262 Capabilities : &configs.Capabilities {
63- Bounding: []string {
64- " CAP_CHOWN"
65- " CAP_DAC_OVERRIDE"
66- " CAP_FSETID"
67- " CAP_FOWNER"
68- " CAP_MKNOD"
69- " CAP_NET_RAW"
70- " CAP_SETGID"
71- " CAP_SETUID"
72- " CAP_SETFCAP"
73- " CAP_SETPCAP"
74- " CAP_NET_BIND_SERVICE"
75- " CAP_SYS_CHROOT"
76- " CAP_KILL"
77- " CAP_AUDIT_WRITE"
78- },
79- Effective: []string {
80- " CAP_CHOWN"
81- " CAP_DAC_OVERRIDE"
82- " CAP_FSETID"
83- " CAP_FOWNER"
84- " CAP_MKNOD"
85- " CAP_NET_RAW"
86- " CAP_SETGID"
87- " CAP_SETUID"
88- " CAP_SETFCAP"
89- " CAP_SETPCAP"
90- " CAP_NET_BIND_SERVICE"
91- " CAP_SYS_CHROOT"
92- " CAP_KILL"
93- " CAP_AUDIT_WRITE"
94- },
95- Inheritable: []string {
96- " CAP_CHOWN"
97- " CAP_DAC_OVERRIDE"
98- " CAP_FSETID"
99- " CAP_FOWNER"
100- " CAP_MKNOD"
101- " CAP_NET_RAW"
102- " CAP_SETGID"
103- " CAP_SETUID"
104- " CAP_SETFCAP"
105- " CAP_SETPCAP"
106- " CAP_NET_BIND_SERVICE"
107- " CAP_SYS_CHROOT"
108- " CAP_KILL"
109- " CAP_AUDIT_WRITE"
110- },
111- Permitted: []string {
112- " CAP_CHOWN"
113- " CAP_DAC_OVERRIDE"
114- " CAP_FSETID"
115- " CAP_FOWNER"
116- " CAP_MKNOD"
117- " CAP_NET_RAW"
118- " CAP_SETGID"
119- " CAP_SETUID"
120- " CAP_SETFCAP"
121- " CAP_SETPCAP"
122- " CAP_NET_BIND_SERVICE"
123- " CAP_SYS_CHROOT"
124- " CAP_KILL"
125- " CAP_AUDIT_WRITE"
126- },
127- Ambient: []string {
128- " CAP_CHOWN"
129- " CAP_DAC_OVERRIDE"
130- " CAP_FSETID"
131- " CAP_FOWNER"
132- " CAP_MKNOD"
133- " CAP_NET_RAW"
134- " CAP_SETGID"
135- " CAP_SETUID"
136- " CAP_SETFCAP"
137- " CAP_SETPCAP"
138- " CAP_NET_BIND_SERVICE"
139- " CAP_SYS_CHROOT"
140- " CAP_KILL"
141- " CAP_AUDIT_WRITE"
142- },
143- },
63+ Bounding: []string {
64+ " CAP_CHOWN"
65+ " CAP_DAC_OVERRIDE"
66+ " CAP_FSETID"
67+ " CAP_FOWNER"
68+ " CAP_MKNOD"
69+ " CAP_NET_RAW"
70+ " CAP_SETGID"
71+ " CAP_SETUID"
72+ " CAP_SETFCAP"
73+ " CAP_SETPCAP"
74+ " CAP_NET_BIND_SERVICE"
75+ " CAP_SYS_CHROOT"
76+ " CAP_KILL"
77+ " CAP_AUDIT_WRITE"
78+ },
79+ Effective: []string {
80+ " CAP_CHOWN"
81+ " CAP_DAC_OVERRIDE"
82+ " CAP_FSETID"
83+ " CAP_FOWNER"
84+ " CAP_MKNOD"
85+ " CAP_NET_RAW"
86+ " CAP_SETGID"
87+ " CAP_SETUID"
88+ " CAP_SETFCAP"
89+ " CAP_SETPCAP"
90+ " CAP_NET_BIND_SERVICE"
91+ " CAP_SYS_CHROOT"
92+ " CAP_KILL"
93+ " CAP_AUDIT_WRITE"
94+ },
95+ Inheritable: []string {
96+ " CAP_CHOWN"
97+ " CAP_DAC_OVERRIDE"
98+ " CAP_FSETID"
99+ " CAP_FOWNER"
100+ " CAP_MKNOD"
101+ " CAP_NET_RAW"
102+ " CAP_SETGID"
103+ " CAP_SETUID"
104+ " CAP_SETFCAP"
105+ " CAP_SETPCAP"
106+ " CAP_NET_BIND_SERVICE"
107+ " CAP_SYS_CHROOT"
108+ " CAP_KILL"
109+ " CAP_AUDIT_WRITE"
110+ },
111+ Permitted: []string {
112+ " CAP_CHOWN"
113+ " CAP_DAC_OVERRIDE"
114+ " CAP_FSETID"
115+ " CAP_FOWNER"
116+ " CAP_MKNOD"
117+ " CAP_NET_RAW"
118+ " CAP_SETGID"
119+ " CAP_SETUID"
120+ " CAP_SETFCAP"
121+ " CAP_SETPCAP"
122+ " CAP_NET_BIND_SERVICE"
123+ " CAP_SYS_CHROOT"
124+ " CAP_KILL"
125+ " CAP_AUDIT_WRITE"
126+ },
127+ Ambient: []string {
128+ " CAP_CHOWN"
129+ " CAP_DAC_OVERRIDE"
130+ " CAP_FSETID"
131+ " CAP_FOWNER"
132+ " CAP_MKNOD"
133+ " CAP_NET_RAW"
134+ " CAP_SETGID"
135+ " CAP_SETUID"
136+ " CAP_SETFCAP"
137+ " CAP_SETPCAP"
138+ " CAP_NET_BIND_SERVICE"
139+ " CAP_SYS_CHROOT"
140+ " CAP_KILL"
141+ " CAP_AUDIT_WRITE"
142+ },
143+ },
144144 Namespaces : configs.Namespaces ([]configs.Namespace {
145145 {Type: configs.NEWNS },
146146 {Type: configs.NEWUTS },
You can’t perform that action at this time.
0 commit comments