From 2f59e7063812f215f5cad4a1d9a866365277138e Mon Sep 17 00:00:00 2001
From: Daniel J Walsh <dwalsh@redhat.com>
Date: Mon, 21 Sep 2020 12:07:36 -0400
Subject: [PATCH] Add SYS_CHROOT back into default capabilities

---
 containers.conf | 1 +
 skopeo.spec     | 5 ++++-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/containers.conf b/containers.conf
index acae3dc..f5ad076 100644
--- a/containers.conf
+++ b/containers.conf
@@ -69,6 +69,7 @@ default_capabilities = [
     "SETGID",
     "SETPCAP",
     "SETUID",
+    "SYS_CHROOT"
 ]
 
 # A list of sysctls to be set in containers by default,
diff --git a/skopeo.spec b/skopeo.spec
index 5f40a89..a0067f0 100644
--- a/skopeo.spec
+++ b/skopeo.spec
@@ -46,7 +46,7 @@ Epoch: 1
 Epoch: 2
 %endif
 Version: 1.1.1
-Release: 48.dev.git%{shortcommit0}%{?dist}
+Release: 49.dev.git%{shortcommit0}%{?dist}
 Summary: Inspect container images and repositories on registries
 License: ASL 2.0
 URL: %{git0}
@@ -447,6 +447,9 @@ export GOPATH=%{buildroot}/%{gopath}:$(pwd)/vendor:%{gopath}
 %{_datadir}/%{name}/test
 
 %changelog
+* Mon Sep 21 2020 Dan Walsh <dwalsh@fedoraproject.org> - 1:1.1.1-49.dev.git5d5756c
+- Add SYS_CHROOT back into default capabilities
+
 * Mon Sep 21 2020 Dan Walsh <dwalsh@fedoraproject.org> - 1:1.1.1-48.dev.git5d5756c
 - Remove fchmodat2 from seccomp.json (This syscall does not exist yet)