File tree 1 file changed +10
-5
lines changed
1 file changed +10
-5
lines changed Original file line number Diff line number Diff line change @@ -16,12 +16,17 @@ func ApplyCapability(c *syscall.Credential) error {
1616 return err
1717 }
1818
19- caps .Set (capability .CAPS | capability .BOUNDS | capability .AMBIENT , capability .CAP_NET_ADMIN | capability .CAP_SYS_ADMIN )
20- if err := caps .Apply (capability .CAPS | capability .BOUNDS | capability .AMBIENT ); err != nil {
21- return err
22- }
19+ allCapabilityTypes := capability .CAPS | capability .BOUNDS | capability .AMBS
2320
24- return nil
21+ caps .Clear (capability .CAPS | capability .BOUNDS | capability .AMBS )
22+ caps .Set (capability .BOUNDS , capability .CAP_NET_ADMIN , capability .CAP_SYS_ADMIN )
23+ caps .Set (capability .PERMITTED , capability .CAP_NET_ADMIN , capability .CAP_SYS_ADMIN )
24+ caps .Set (capability .INHERITABLE , capability .CAP_NET_ADMIN , capability .CAP_SYS_ADMIN )
25+ caps .Set (capability .EFFECTIVE , capability .CAP_NET_ADMIN , capability .CAP_SYS_ADMIN )
26+
27+ caps .Clear (capability .AMBIENT )
28+
29+ return caps .Apply (allCapabilityTypes )
2530}
2631
2732func EnableKeepCapability () error {
You can’t perform that action at this time.
0 commit comments