485cf38d48
In situations where docker runs in an environment where capabilities are limited, sucn as docker-in-docker in a container created by older versions of docker, or in a container where some capabilities have been disabled, starting a privileged container may fail, because even though the _kernel_ supports a capability, the capability is not available. This patch attempts to address this problem by limiting the list of "known" capa- bilities on the set of effective capabilties for the current process. This code is based on the code in containerd's "caps" package. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
8 lines
147 B
Go
8 lines
147 B
Go
//go:build !linux
|
|
// +build !linux
|
|
|
|
package caps // import "github.com/docker/docker/oci/caps"
|
|
|
|
func initCaps() {
|
|
// no capabilities on Windows
|
|
}
|