diff options
author | Nicolas Lacasse <nlacasse@google.com> | 2018-11-13 15:16:11 -0800 |
---|---|---|
committer | Shentubot <shentubot@google.com> | 2018-11-13 15:17:19 -0800 |
commit | 7f558eda44bf93c31dfbbe621c2bb84d55b5701f (patch) | |
tree | 5be2aeed61c2f59622b9bb63ad5cab93f3adb497 /runsc/specutils | |
parent | 6c2d320138300dbea519028d16e12d66baa23c9d (diff) |
Internal change.
PiperOrigin-RevId: 221343421
Change-Id: I418b5204c5ed4fe1e0af25ef36ee66b9b571928e
Diffstat (limited to 'runsc/specutils')
-rw-r--r-- | runsc/specutils/specutils.go | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/runsc/specutils/specutils.go b/runsc/specutils/specutils.go index ab14ed1fc..0e0961801 100644 --- a/runsc/specutils/specutils.go +++ b/runsc/specutils/specutils.go @@ -216,6 +216,21 @@ func Capabilities(specCaps *specs.LinuxCapabilities) (*auth.TaskCapabilities, er return &caps, nil } +// AllCapabilities returns a LinuxCapabilities struct with all capabilities. +func AllCapabilities() *specs.LinuxCapabilities { + var names []string + for n := range capFromName { + names = append(names, n) + } + return &specs.LinuxCapabilities{ + Bounding: names, + Effective: names, + Inheritable: names, + Permitted: names, + Ambient: names, + } +} + var capFromName = map[string]linux.Capability{ "CAP_CHOWN": linux.CAP_CHOWN, "CAP_DAC_OVERRIDE": linux.CAP_DAC_OVERRIDE, |