unshare: Add CAP_SYS_ADMIN to needed capabilities

Some container storage operations (e.g., mounting the home directory
for containers/storage) require CAP_SYS_ADMIN.

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
This commit is contained in:
Giuseppe Scrivano 2025-05-30 15:15:44 +02:00
parent dc88f3211b
commit 50f414a7cf
No known key found for this signature in database
GPG Key ID: 67E38F7A8BA21772

View File

@ -16,6 +16,7 @@ var neededCapabilities = []capability.Cap{
capability.CAP_FSETID,
capability.CAP_MKNOD,
capability.CAP_SETFCAP,
capability.CAP_SYS_ADMIN,
}
func maybeReexec() error {