vendor: update docker v28 and c/{common,image}

Update to the latest c/{common,image} which inclused an update to docker v28, that update is NOT backwards compatible so I had to fix a few types. NOTE: handler.ExecCreateConfig is used directly by the bindings. Thus this is an API break for pkg/bindings. Including docker types as part of any stable pkg/bindings API was a very bad idea. I see no way to avoid that unless we never want to docker v28, which is not easy as the update comes in from c/image and maybe other packages. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
2025-12-09 07:09:03 +08:00 · 2025-03-10 13:26:31 +01:00
parent 264c8da0b9
commit 91a08235d1
304 changed files with 11537 additions and 4023 deletions
--- a/vendor/github.com/containers/common/pkg/config/config_linux.go
+++ b/vendor/github.com/containers/common/pkg/config/config_linux.go
@@ -1,6 +1,7 @@
 package config

 import (
+	"github.com/containers/common/pkg/capabilities"
 	selinux "github.com/opencontainers/selinux/go-selinux"
 )

@@ -26,3 +27,21 @@ var defaultHelperBinariesDir = []string{
 	"/usr/libexec/podman",
 	"/usr/lib/podman",
 }
+
+// Capabilities returns the capabilities parses the Add and Drop capability
+// list from the default capabilities for the container
+func (c *Config) Capabilities(user string, addCapabilities, dropCapabilities []string) ([]string, error) {
+	userNotRoot := func(user string) bool {
+		if user == "" || user == "root" || user == "0" {
+			return false
+		}
+		return true
+	}
+
+	defaultCapabilities := c.Containers.DefaultCapabilities.Get()
+	if userNotRoot(user) {
+		defaultCapabilities = []string{}
+	}
+
+	return capabilities.MergeCapabilities(defaultCapabilities, addCapabilities, dropCapabilities)
+}