Exemple #1
0
func dropList(drops []string) ([]string, error) {
	if utils.StringsContainsNoCase(drops, "all") {
		var newCaps []string
		for _, capName := range execdriver.GetAllCapabilities() {
			cap := execdriver.GetCapability(capName)
			logrus.Debugf("drop cap %s\n", cap.Key)
			numCap := fmt.Sprintf("%d", cap.Value)
			newCaps = append(newCaps, numCap)
		}
		return newCaps, nil
	}
	return []string{}, nil
}
Exemple #2
0
func dropList(drops []string) ([]string, error) {
	if utils.StringsContainsNoCase(drops, "all") {
		var newCaps []string
		for _, cap := range capabilities.GetAllCapabilities() {
			log.Debugf("drop cap %s\n", cap)
			realCap := capabilities.GetCapability(cap)
			if realCap == nil {
				return nil, fmt.Errorf("Invalid capability '%s'", cap)
			}
			numCap := fmt.Sprintf("%d", realCap.Value)
			newCaps = append(newCaps, numCap)
		}
		return newCaps, nil
	}
	return []string{}, nil
}
Exemple #3
0
func TweakCapabilities(basics, adds, drops []string) ([]string, error) {
	var (
		newCaps []string
		allCaps = GetAllCapabilities()
	)

	// look for invalid cap in the drop list
	for _, cap := range drops {
		if strings.ToLower(cap) == "all" {
			continue
		}
		if !utils.StringsContainsNoCase(allCaps, cap) {
			return nil, fmt.Errorf("Unknown capability drop: %q", cap)
		}
	}

	// handle --cap-add=all
	if utils.StringsContainsNoCase(adds, "all") {
		basics = allCaps
	}

	if !utils.StringsContainsNoCase(drops, "all") {
		for _, cap := range basics {
			// skip `all` aready handled above
			if strings.ToLower(cap) == "all" {
				continue
			}

			// if we don't drop `all`, add back all the non-dropped caps
			if !utils.StringsContainsNoCase(drops, cap) {
				newCaps = append(newCaps, strings.ToUpper(cap))
			}
		}
	}

	for _, cap := range adds {
		// skip `all` aready handled above
		if strings.ToLower(cap) == "all" {
			continue
		}

		if !utils.StringsContainsNoCase(allCaps, cap) {
			return nil, fmt.Errorf("Unknown capability to add: %q", cap)
		}

		// add cap if not already in the list
		if !utils.StringsContainsNoCase(newCaps, cap) {
			newCaps = append(newCaps, strings.ToUpper(cap))
		}
	}

	return newCaps, nil
}