mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-23 15:31:05 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix(app-emulation/docker): fix cap_kill problem

Browse Source
This commit is contained in:
Brandon Philips 2014-06-08 11:29:29 -07:00
parent 9634c1fdcd
commit 0c56836084
2 changed files with 27 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-9999.ebuild vendored
View File

@ -133,6 +133,7 @@ pkg_setup() {
src_prepare() { src_prepare() {
epatch "${FILESDIR}"/Disable-timeout-for-push.patch epatch "${FILESDIR}"/Disable-timeout-for-push.patch
epatch "${FILESDIR}"/Add-CAP_KILL-to-unprivileged-containers.patch
} }
src_compile() { src_compile() {

26
sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/Add-CAP_KILL-to-unprivileged-containers.patch vendored Normal file
View File

@ -0,0 +1,26 @@
From fa72eb3a58ebfec8ef1b27d8e7aa8cbdb41733a2 Mon Sep 17 00:00:00 2001
From: Michael Crosby <michael@crosbymichael.com>
Date: Sat, 7 Jun 2014 15:18:18 -0700
Subject: [PATCH] Add CAP_KILL to unprivileged containers
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com>
(github: crosbymichael)
---
daemon/execdriver/native/template/default_template.go | 1 +
1 file changed, 1 insertion(+)
diff --git a/daemon/execdriver/native/template/default_template.go b/daemon/execdriver/native/template/default_template.go
index e7d3143..3488b20 100644
--- a/daemon/execdriver/native/template/default_template.go
+++ b/daemon/execdriver/native/template/default_template.go
@@ -21,6 +21,7 @@ func New() *libcontainer.Container {
"SETPCAP",
"NET_BIND_SERVICE",
"SYS_CHROOT",
+ "KILL",
},
Namespaces: map[string]bool{
"NEWNS": true,
--
1.8.1.4