vbatts/containerd
1
0
Fork 0
Code Pull requests Releases Activity

Add process cap support to add process rpc

Browse source 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
This commit is contained in:
Michael Crosby 2016-03-07 11:01:28 -08:00
parent a46c45d05d
commit 44d6a60e7e
4 changed files with 151 additions and 123 deletions
Download patch file Download diff file Expand all files Collapse all files

16
api/grpc/server/server_linux.go
View file

@ -248,12 +248,20 @@ func setUserFieldsInProcess(p *types.Process, oldProc specs.ProcessSpec) {
Gid: oldProc.User.GID,
AdditionalGids: oldProc.User.AdditionalGids,
}
p.Capabilities = oldProc.Capabilities
p.ApparmorProfile = oldProc.ApparmorProfile
p.SelinuxLabel = oldProc.SelinuxLabel
p.NoNewPrivileges = oldProc.NoNewPrivileges
}
func setPlatformRuntimeProcessSpecUserFields(r *types.User, process *specs.ProcessSpec) {
func setPlatformRuntimeProcessSpecUserFields(r *types.AddProcessRequest, process *specs.ProcessSpec) {
process.User = ocs.User{
UID: r.Uid,
GID: r.Gid,
AdditionalGids: r.AdditionalGids,
UID: r.User.Uid,
GID: r.User.Gid,
AdditionalGids: r.User.AdditionalGids,
}
process.Capabilities = r.Capabilities
process.ApparmorProfile = r.ApparmorProfile
process.SelinuxLabel = r.SelinuxLabel
process.NoNewPrivileges = r.NoNewPrivileges
}