Skip to content

Commit b7fdd52

Browse files
kolyshkinkolyshkin
committed
libct: use slices package
As we're no longer supporting Go < 1.21. Signed-off-by: Kir Kolyshkin <[email protected]>
1 parent a1e87f8 commit b7fdd52

File tree

1 file changed

+4
-13
lines changed

1 file changed

+4
-13
lines changed

libcontainer/container_linux.go

Lines changed: 4 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,7 @@ import (
1010
"path"
1111
"path/filepath"
1212
"reflect"
13+
"slices"
1314
"strconv"
1415
"strings"
1516
"sync"
@@ -452,16 +453,6 @@ func (c *Container) includeExecFifo(cmd *exec.Cmd) error {
452453
return nil
453454
}
454455

455-
// No longer needed in Go 1.21.
456-
func slicesContains[S ~[]E, E comparable](slice S, needle E) bool {
457-
for _, val := range slice {
458-
if val == needle {
459-
return true
460-
}
461-
}
462-
return false
463-
}
464-
465456
func isDmzBinarySafe(c *configs.Config) bool {
466457
// Because we set the dumpable flag in nsexec, the only time when it is
467458
// unsafe to use runc-dmz is when the container process would be able to
@@ -472,9 +463,9 @@ func isDmzBinarySafe(c *configs.Config) bool {
472463
// inheritable, or ambient sets). Luckily, most containers do not have this
473464
// capability.
474465
if c.Capabilities == nil ||
475-
(!slicesContains(c.Capabilities.Bounding, "CAP_SYS_PTRACE") &&
476-
!slicesContains(c.Capabilities.Inheritable, "CAP_SYS_PTRACE") &&
477-
!slicesContains(c.Capabilities.Ambient, "CAP_SYS_PTRACE")) {
466+
(!slices.Contains(c.Capabilities.Bounding, "CAP_SYS_PTRACE") &&
467+
!slices.Contains(c.Capabilities.Inheritable, "CAP_SYS_PTRACE") &&
468+
!slices.Contains(c.Capabilities.Ambient, "CAP_SYS_PTRACE")) {
478469
return true
479470
}
480471

0 commit comments

Comments
 (0)