mirror of
https://github.com/containers/podman.git
synced 2025-05-31 15:42:48 +08:00
414642efdb
Move the options for the podman build doc to a common md that can be used by both podman build and podman farm build. Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
714 B
714 B
####> This option file is used in: ####> podman build, farm build ####> If file is edited, make sure the changes ####> are applicable to all of those.
--cap-drop=CAP_xxx
When executing RUN instructions, run the command specified in the instruction with the specified capability removed from its capability set. The CAP_CHOWN, CAP_DAC_OVERRIDE, CAP_FOWNER, CAP_FSETID, CAP_KILL, CAP_NET_BIND_SERVICE, CAP_SETFCAP, CAP_SETGID, CAP_SETPCAP, and CAP_SETUID capabilities are granted by default; this option can be used to remove them.
If a capability is specified to both the --cap-add and --cap-drop options, it is dropped, regardless of the order in which the options were given.