mirror of
https://github.com/containers/podman.git
synced 2025-11-03 07:47:19 +08:00
In podman 1.* regression on --cap-add
In podman 1.0 if you executed a command like: podman run --user dwalsh --cap-add net_bind_service alpine nc -l 80 It would work, and the user dwalsh would get the capability, in podman 2.0, only root and the binding set gets the capability. This change restores us back to the way podman 1.0 worked. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
This commit is contained in:
Daniel J Walsh
5
vendor/github.com/containers/common/pkg/config/config.go
generated
vendored
5
vendor/github.com/containers/common/pkg/config/config.go
generated
vendored
@ -244,6 +244,11 @@ type EngineConfig struct {
|
||||
// LockType is the type of locking to use.
|
||||
LockType string `toml:"lock_type,omitempty"`
|
||||
|
||||
// MultiImageArchive - if true, the container engine allows for storing
|
||||
// archives (e.g., of the docker-archive transport) with multiple
|
||||
// images. By default, Podman creates single-image archives.
|
||||
MultiImageArchive bool `toml:"multi_image_archive,omitempty"`
|
||||
|
||||
// Namespace is the engine namespace to use. Namespaces are used to create
|
||||
// scopes to separate containers and pods in the state. When namespace is
|
||||
// set, engine will only view containers and pods in the same namespace. All
|
||||
|
||||
Reference in New Issue
Block a user