swarmd: allow all capabilities

The existing set was randomly rather than carefully chosen, lets just be honest and use "all" until the proper set can be determined. Signed-off-by: Ian Campbell <ian.campbell@docker.com>
2025-09-04 08:26:42 +00:00 · 2017-04-05 16:36:29 +01:00
parent abb19f847d
commit 6d495fc92f
1 changed files with 1 additions and 14 deletions
--- a/projects/swarmd/swarmd.yml
+++ b/projects/swarmd/swarmd.yml
@@ -32,20 +32,7 @@ services:
    image: "linuxkit/swarmd:a2f57f14f07fb6d7cded7832b2dabe878b28554e"
    command: ["/usr/bin/swarmd", "--containerd-addr=/run/containerd/containerd.sock", "--log-level=debug", "--state-dir=/var/lib/swarmd"]
    capabilities:
-     - CAP_CHOWN
-     - CAP_DAC_OVERRIDE
-     - CAP_FSETID
-     - CAP_FOWNER
-     - CAP_MKNOD
-     - CAP_NET_RAW
-     - CAP_SETGID
-     - CAP_SETUID
-     - CAP_SETFCAP
-     - CAP_SETPCAP
-     - CAP_NET_BIND_SERVICE
-     - CAP_SYS_CHROOT
-     - CAP_KILL
-     - CAP_AUDIT_WRITE
+     - all
    pid: host
    net: host
    binds: