From 957b2447574845b5977154d8742cf3c132cf0232 Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Fri, 2 Oct 2020 13:08:06 -0400 Subject: [PATCH] Add SETFCAP back into default capabilities Remove AUDIT_WRITE from default capabilities --- containers.conf | 2 +- skopeo.spec | 6 +++++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/containers.conf b/containers.conf index 1abf943..3e53958 100644 --- a/containers.conf +++ b/containers.conf @@ -60,13 +60,13 @@ # the default capabilities defined in the container engine will be added. # default_capabilities = [ - "AUDIT_WRITE", "CHOWN", "DAC_OVERRIDE", "FOWNER", "FSETID", "KILL", "NET_BIND_SERVICE", + "SETFCAP", "SETGID", "SETPCAP", "SETUID", diff --git a/skopeo.spec b/skopeo.spec index 878b8e5..8f1d4ce 100644 --- a/skopeo.spec +++ b/skopeo.spec @@ -46,7 +46,7 @@ Epoch: 1 Epoch: 2 %endif Version: 1.2.1 -Release: 4.dev.git%{shortcommit0}%{?dist} +Release: 5.dev.git%{shortcommit0}%{?dist} Summary: Inspect container images and repositories on registries License: ASL 2.0 URL: %{git0} @@ -447,6 +447,10 @@ export GOPATH=%{buildroot}/%{gopath}:$(pwd)/vendor:%{gopath} %{_datadir}/%{name}/test %changelog +* Fri Oct 2 2020 Dan Walsh - 1:1.2.1-5.dev.gitd8bc8b6 +- Add SETFCAP back into default capabilities +- Remove AUDIT_WRITE from default capabilities + * Fri Oct 2 2020 RH Container Bot - 1:1.2.1-4.dev.gitd8bc8b6 - autobuilt d8bc8b6