Package capabilities

import "github.com/opencontainers/runc/libcontainer/capabilities"

Overview

Index

Overview ▹

Overview ▾

Index ▹

Index ▾

func KnownCapabilities() []string

type Caps

func New(capConfig *configs.Capabilities) (*Caps, error)

func (c *Caps) ApplyBoundingSet() error

func (c *Caps) ApplyCaps() error

Package files

capabilities.go

func KnownCapabilities ¶

func KnownCapabilities() []string

KnownCapabilities returns the list of the known capabilities. Used by `runc features`.

type Caps ¶

Caps holds the capabilities for a container.

type Caps struct {
    // contains filtered or unexported fields
}

func New ¶

func New(capConfig *configs.Capabilities) (*Caps, error)

New creates a new Caps from the given Capabilities config. Unknown Capabilities or Capabilities that are unavailable in the current environment are ignored, printing a warning instead.

func (*Caps) ApplyBoundingSet ¶

func (c *Caps) ApplyBoundingSet() error

ApplyBoundingSet sets the capability bounding set to those specified in the whitelist.

func (*Caps) ApplyCaps ¶

func (c *Caps) ApplyCaps() error

Apply sets all the capabilities for the current process in the config.