moby/pkg/capabilities/caps.go

25 lines
649 B
Go
Raw Normal View History

// Package capabilities allows to generically handle capabilities.
package capabilities // import "github.com/docker/docker/pkg/capabilities"
// Set represents a set of capabilities.
type Set map[string]struct{}
// Match tries to match set with caps, which is an OR list of AND lists of capabilities.
// The matched AND list of capabilities is returned; or nil if none are matched.
func (set Set) Match(caps [][]string) []string {
if set == nil {
return nil
}
anyof:
for _, andList := range caps {
for _, cap := range andList {
if _, ok := set[cap]; !ok {
continue anyof
}
}
return andList
}
// match anything
return nil
}