vbatts/cri-o
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

container_create: handle cap add/drop ALL

Browse source 
Kubelet can send cap add/drop ALL. Handle that in CRI-O as well.
Also, this PR is re-vendoring runtime-tools to fix capabilities add to
add caps to _all_ caps set **and** fix a shared memory issue (caps set
were initialized with the same slice, if one modifies one slice, it's
reflected on the other slices, the vendoring fixes this as well)

Signed-off-by: Antonio Murdaca <runcom@redhat.com>
This commit is contained in:
Antonio Murdaca 2017-09-06 13:25:19 +02:00
parent 7f4f630b98
commit af0a494251
No known key found for this signature in database
GPG key ID: B2BEAD150DE936B9
25 changed files with 2057 additions and 283 deletions
Download patch file Download diff file Expand all files Collapse all files

4
vendor.conf
View file

@ -13,7 +13,7 @@ github.com/containernetworking/cni v0.4.0
google.golang.org/grpc v1.0.4 https://github.com/grpc/grpc-go
github.com/opencontainers/selinux v1.0.0-rc1
github.com/opencontainers/go-digest v1.0.0-rc0
github.com/opencontainers/runtime-tools 6bcd3b417fd6962ea04dafdbc2c07444e750572d
github.com/opencontainers/runtime-tools d3f7e9e9e631c7e87552d67dc7c86de33c3fb68a
github.com/opencontainers/runc 45bde006ca8c90e089894508708bcf0e2cdf9e13
github.com/mrunalp/fileutils master
github.com/vishvananda/netlink master
@ -100,3 +100,5 @@ github.com/beorn7/perks 3ac7bf7a47d159a033b107610db8a1b6575507a4
github.com/containerd/cgroups 7a5fdd8330119dc70d850260db8f3594d89d6943
github.com/go-zoo/bone 031b4005dfe248ccba241a0c9de0f9e112fd6b7c
github.com/soheilhy/cmux v0.1.3
github.com/hashicorp/go-multierror 83588e72410abfbe4df460eeb6f30841ae47d4c4
github.com/hashicorp/errwrap 7554cd9344cec97297fa6649b055a8c98c2a1e55