2019-03-01 00:32:08 +00:00
|
|
|
// Package capabilities allows to generically handle capabilities.
|
2019-04-10 14:59:33 +00:00
|
|
|
package capabilities // import "github.com/docker/docker/pkg/capabilities"
|
2019-03-01 00:32:08 +00:00
|
|
|
|
|
|
|
// Set represents a set of capabilities.
|
|
|
|
type Set map[string]struct{}
|
|
|
|
|
|
|
|
// Match tries to match set with caps, which is an OR list of AND lists of capabilities.
|
|
|
|
// The matched AND list of capabilities is returned; or nil if none are matched.
|
|
|
|
func (set Set) Match(caps [][]string) []string {
|
|
|
|
if set == nil {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
anyof:
|
|
|
|
for _, andList := range caps {
|
|
|
|
for _, cap := range andList {
|
|
|
|
if _, ok := set[cap]; !ok {
|
|
|
|
continue anyof
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return andList
|
|
|
|
}
|
2019-03-25 22:40:19 +00:00
|
|
|
// match anything
|
2019-03-01 00:32:08 +00:00
|
|
|
return nil
|
|
|
|
}
|