Make libcontainer's CapabilitiesMask into a []string (Capabilities).

Docker-DCO-1.1-Signed-off-by: Victor Marmol <vmarmol@google.com> (github: vmarmol)
2014-05-17 00:44:10 +00:00 · 2014-05-17 00:44:10 +00:00 · 73f678f6f8
commit 73f678f6f8
parent 724c84c6fc
5 changed files with 41 additions and 45 deletions
--- a/libcontainer/security/capabilities/capabilities.go
+++ b/libcontainer/security/capabilities/capabilities.go
@ -26,14 +26,12 @@ func DropCapabilities(container *libcontainer.Container) error {
 	return nil
 }

-// getCapabilitiesMask returns the capabilities that should not be dropped by the container.
+// getEnabledCapabilities returns the capabilities that should not be dropped by the container.
 func getEnabledCapabilities(container *libcontainer.Container) []capability.Cap {
 	keep := []capability.Cap{}
-	for key, enabled := range container.CapabilitiesMask {
-		if enabled {
-			if c := libcontainer.GetCapability(key); c != nil {
-				keep = append(keep, c.Value)
-			}
+	for _, capability := range container.Capabilities {
+		if c := libcontainer.GetCapability(capability); c != nil {
+			keep = append(keep, c.Value)
 		}
 	}
 	return keep