This repository has been archived by the owner on Jan 1, 2021. It is now read-only.
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
3 changed files
with
91 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,7 +1,8 @@ | ||
AUX 1172-ambient-tag.patch 2971 SHA256 79c7abd6461de961ea36b413fc7854fc5f717b8a6244a908eddbeb32ace76351 SHA512 b1078f413e43c81b495479300656d4ef1e1d8bd2d11a495df4f4ecb8498323c4ce24ba8da3ee76e41737f9ffd8ca4f9b5b85a96cd276e5b60cebcf405df92ee7 WHIRLPOOL e2696b1abc740c75170190c0a7ad10635fbb1879a72d9e914818e6e0afa2a4bcb9e0a88f0268778b1df80cb739470c1c13461f2a1af87962c9f07083d23fedd3 | ||
DIST runc-0.1.1.tar.gz 496416 SHA256 f9955daed1e73e842b2f28a258fba51f4e72a6b4b64cc3fc06415481d55ce000 SHA512 074482636fd2342c490c450d7a379cd14cd6c7b1ec6109cf729c4b451cc8cfb0e6b286d0df8e0cc0dba7b24d63d12bd5978013e08301a785db5e4280c595fdaa WHIRLPOOL f605e70d2bea88b5ba10f6375543824167509630cc3ed839575d5e0d3b05bb07edcac8fcee168aa3ae89adaf0ccf5ab816a201b27022ddcf31fd0218bd59c357 | ||
DIST runc-1.0.0_rc1.tar.gz 532162 SHA256 77f9d4df1657fecc939be0261fcccccd34d5b22c02b8a49abad23fac33b4059a SHA512 88210bd7c2114f08f24bdf71e2d1b449b422edc7f6be069079d5e25bae909b3c3de069159185bb543181575bfe281b08d2430d2470430d84fb8f7e832b0f0a6e WHIRLPOOL 0b027a7b1d52c8d2d399252ecf3ec931e51c5e42fed9d20e846c61c240de4554f9fcd2d0fb7e132a561ff9fab63b66b24bede0d2d000d1ec08cddecba267902d | ||
DIST runc-1.0.0_rc2.tar.gz 550449 SHA256 638742c48426b9a3281aeb619e27513d972de228bdbd43b478baea99c186d491 SHA512 83a3d45efbb86d3d583b96062202b9e60121d250af2c0dd37d07fda574b642aa6f05e29cac6644ad3d624647400db694082e280383e41ca9f31dc0a33b87ed76 WHIRLPOOL 990a45739689db80bbeed43b0fd3a4ce4d0563ea833361b9112e750782313f19e638c4bfbd455f5dd1882d64c724dcf0213701322029c2c9f98f624863c744f3 | ||
EBUILD runc-0.1.1.ebuild 1504 SHA256 ad4f7c3934103c5e122e9aeb30478fd33aa0b12a177b8d4e0cf71b2caaaa5430 SHA512 e6b1fdd9e4f7668694687f78c37956fed73fed8f6870beb5b6a91848e7ab116914f3ce36a2491524101f03c5cded8e9f78e610c37933878252d6f6399c639355 WHIRLPOOL fe430351f83613812bac6ab84cc8b4563c4ebdb593f3fc3dba08e65b3ea5ff8962b55f1e12d13d75f538efa7a006ab103776d2f8bf7ac3d308276a758c0017c0 | ||
EBUILD runc-1.0.0_rc1.ebuild 1506 SHA256 a75f1cf2cb2f52ab08023f5b9cabd3acd7fdc9356ed54af5cb55306cfe397f9c SHA512 e767a2884892fdffab1a5acc462d255af76d307872d4b08c535f1c96a04a02c9812a31cf51d3086b6b27b09b95776be300baba1e5dcebbf27af20b0a7fe6305a WHIRLPOOL 171bc7017394728527ca34d2189a9ff8bcc2e015042a1723d7ce0d895d370f7979cbc128f45018f7f584f360189a4cd656eecbedc729f00c94e358c66c7ca2e8 | ||
EBUILD runc-1.0.0_rc2.ebuild 1368 SHA256 5233d28ec382486e45d3782fe7cbaba936104a4232fd1e9980aeaa80455b714d SHA512 05588e1ede9f7d06d213c1acf77f854862865405f9a30de70dbc3f9aabe70fcdbd1710d5fc1132e72b61c595314e91bb3d6bc413784f1fd7757c1387bd3fa6e4 WHIRLPOOL 165ef927b393caf0df44f4e3c34918b1bd063165214a9bd76d634964dba5f02c3da7693d1a9d5a5da5d2fd56250ed0976ccc748a75bf5eca2c26162c09e0e226 | ||
EBUILD runc-1.0.0_rc2.ebuild 1526 SHA256 2124b9ecedde64a68cddc6dbbec6ab363d99419c69fded85481c0f2f999672cd SHA512 d310021b7e9844ed88cfa39ff6755873997f8b888165ba221227c29bd6c0d24df59eb1fc02dc5a68345650ab683d8c621666ebb7f709c9fbc111866759bc7f7f WHIRLPOOL 53286b69cae53271a1ea5736ed6745ceeb415daa7c036521ef5d135775489c63c354418e5058c61b27f8ffb379035fbe91a0b12f3596b4da8ac81da320cb41cd | ||
EBUILD runc-9999.ebuild 1361 SHA256 a8e8b40b8f119acd4a3ea4dd9d03a5d23da9c2b8a5e11bce88a4865155421bb3 SHA512 7b8f3b4be4ce7d5f784e48fca3d92a9d634212171fc74cc44d5f05ac8b73712bb6cbd8157e0dcbc0a4fd606db06c1e142c98e5da6e6e8102b997b534796d80d3 WHIRLPOOL 8ff68d0edd62ec6a975b9acbc22844a6a2a6065591e297690522d2efa146118981b66137239c70ff1f59f9903f2cf743df235e9d1b2c34bdcd87ad020dacd84b |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,83 @@ | ||
From 603c151e6c2a4a37c7fae887960d9cf46a105266 Mon Sep 17 00:00:00 2001 | ||
From: Michael Crosby <crosbymichael@gmail.com> | ||
Date: Wed, 2 Nov 2016 10:47:22 -0700 | ||
Subject: [PATCH] Move ambient capabilties behind build tag | ||
|
||
This moves the ambient capability support behind an `ambient` build tag | ||
so that it is only compiled upon request. | ||
|
||
Signed-off-by: Michael Crosby <crosbymichael@gmail.com> | ||
--- | ||
Makefile | 2 +- | ||
README.md | 1 + | ||
libcontainer/capabilities_ambient.go | 7 +++++++ | ||
libcontainer/capabilities_linux.go | 2 -- | ||
libcontainer/capabilities_noambient.go | 7 +++++++ | ||
5 files changed, 16 insertions(+), 3 deletions(-) | ||
create mode 100644 libcontainer/capabilities_ambient.go | ||
create mode 100644 libcontainer/capabilities_noambient.go | ||
|
||
diff --git a/Makefile b/Makefile | ||
index 9b72ed6..779be92 100644 | ||
--- a/Makefile | ||
+++ b/Makefile | ||
@@ -33,7 +33,7 @@ static: $(RUNC_LINK) | ||
CGO_ENABLED=1 go build -i -tags "$(BUILDTAGS) cgo static_build" -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION}" -o runc . | ||
|
||
release: $(RUNC_LINK) | ||
- @flag_list=(seccomp selinux apparmor static); \ | ||
+ @flag_list=(seccomp selinux apparmor static ambient); \ | ||
unset expression; \ | ||
for flag in "$${flag_list[@]}"; do \ | ||
expression+="' '{'',$${flag}}"; \ | ||
diff --git a/README.md b/README.md | ||
index b8ed43f..6c6d1d4 100644 | ||
--- a/README.md | ||
+++ b/README.md | ||
@@ -48,6 +48,7 @@ make BUILDTAGS='seccomp apparmor' | ||
| seccomp | Syscall filtering | libseccomp | | ||
| selinux | selinux process and mount labeling | <none> | | ||
| apparmor | apparmor profile support | libapparmor | | ||
+| ambient | ambient capability support | kernel 4.3 | | ||
|
||
|
||
### Running the test suite | ||
diff --git a/libcontainer/capabilities_ambient.go b/libcontainer/capabilities_ambient.go | ||
new file mode 100644 | ||
index 0000000..50da283 | ||
--- /dev/null | ||
+++ b/libcontainer/capabilities_ambient.go | ||
@@ -0,0 +1,7 @@ | ||
+// +build linux,ambient | ||
+ | ||
+package libcontainer | ||
+ | ||
+import "github.com/syndtr/gocapability/capability" | ||
+ | ||
+const allCapabilityTypes = capability.CAPS | capability.BOUNDS | capability.AMBS | ||
diff --git a/libcontainer/capabilities_linux.go b/libcontainer/capabilities_linux.go | ||
index 48338a1..31fd0dc 100644 | ||
--- a/libcontainer/capabilities_linux.go | ||
+++ b/libcontainer/capabilities_linux.go | ||
@@ -10,8 +10,6 @@ import ( | ||
"github.com/syndtr/gocapability/capability" | ||
) | ||
|
||
-const allCapabilityTypes = capability.CAPS | capability.BOUNDS | capability.AMBS | ||
- | ||
var capabilityMap map[string]capability.Cap | ||
|
||
func init() { | ||
diff --git a/libcontainer/capabilities_noambient.go b/libcontainer/capabilities_noambient.go | ||
new file mode 100644 | ||
index 0000000..752c4e5 | ||
--- /dev/null | ||
+++ b/libcontainer/capabilities_noambient.go | ||
@@ -0,0 +1,7 @@ | ||
+// +build !ambient,linux | ||
+ | ||
+package libcontainer | ||
+ | ||
+import "github.com/syndtr/gocapability/capability" | ||
+ | ||
+const allCapabilityTypes = capability.CAPS | capability.BOUNDS |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters