github/linuxkit
1
0
Fork 0
mirror of https://github.com/linuxkit/linuxkit.git synced 2025-07-21 18:11:35 +00:00
Code Issues Projects Releases Wiki Activity

swarmd: allow all capabilities

Browse Source 
The existing set was randomly rather than carefully chosen, lets just be honest
and use "all" until the proper set can be determined.

Signed-off-by: Ian Campbell <ian.campbell@docker.com>
This commit is contained in:
Ian Campbell 2017-04-05 16:36:29 +01:00
parent abb19f847d
commit 6d495fc92f
1 changed files with 1 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
projects/swarmd/swarmd.yml
View File

@ -32,20 +32,7 @@ services:
image: "linuxkit/swarmd:a2f57f14f07fb6d7cded7832b2dabe878b28554e" image: "linuxkit/swarmd:a2f57f14f07fb6d7cded7832b2dabe878b28554e"
command: ["/usr/bin/swarmd", "--containerd-addr=/run/containerd/containerd.sock", "--log-level=debug", "--state-dir=/var/lib/swarmd"] command: ["/usr/bin/swarmd", "--containerd-addr=/run/containerd/containerd.sock", "--log-level=debug", "--state-dir=/var/lib/swarmd"]
capabilities: capabilities:
- CAP_CHOWN - all
- CAP_DAC_OVERRIDE
- CAP_FSETID
- CAP_FOWNER
- CAP_MKNOD
- CAP_NET_RAW
- CAP_SETGID
- CAP_SETUID
- CAP_SETFCAP
- CAP_SETPCAP
- CAP_NET_BIND_SERVICE
- CAP_SYS_CHROOT
- CAP_KILL
- CAP_AUDIT_WRITE
pid: host pid: host
net: host net: host
binds: binds: