зеркало из https://github.com/microsoft/docker.git
fcf2e9a910
We need SETFCAP to be able to mark files as having caps, which is heavily used by fedora. See https://github.com/dotcloud/docker/issues/5928 We also need SETPCAP, for instance systemd needs this to set caps on its childen. Both of these are safe in the sense that they can never ever result in a process with a capability not in the bounding set of the container. We also add NET_BIND_SERVICE caps, to be able to bind to ports lower than 1024. Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com> (github: alexlarsson) |
||
|---|---|---|
| .. | ||
| execdrivers | ||
| lxc | ||
| native | ||
| MAINTAINERS | ||
| driver.go | ||
| pipes.go | ||
| termconsole.go | ||