summaryrefslogtreecommitdiff
path: root/interface-definitions/container.xml.in
diff options
context:
space:
mode:
authorChristian Breunig <christian@breunig.cc>2023-09-04 06:41:35 +0200
committerGitHub <noreply@github.com>2023-09-04 06:41:35 +0200
commitbbcf94bba674e4c001d9439439b8fd405f39501a (patch)
tree696375a02287c750318fde0a5765b890b9e18f69 /interface-definitions/container.xml.in
parent630d40046b4fd1b58060c42a075e19d870ac69ba (diff)
parentd9b0551c8517078514b2962cb37806776464c12e (diff)
downloadvyos-1x-bbcf94bba674e4c001d9439439b8fd405f39501a.tar.gz
vyos-1x-bbcf94bba674e4c001d9439439b8fd405f39501a.zip
Merge pull request #2197 from anthr76/cap-sys-module
feat(T5544): Allow CAP_SYS_MODULE to be set on containers
Diffstat (limited to 'interface-definitions/container.xml.in')
-rw-r--r--interface-definitions/container.xml.in8
1 files changed, 6 insertions, 2 deletions
diff --git a/interface-definitions/container.xml.in b/interface-definitions/container.xml.in
index 6b712a70f..b35ba8d1c 100644
--- a/interface-definitions/container.xml.in
+++ b/interface-definitions/container.xml.in
@@ -25,7 +25,7 @@
<properties>
<help>Container capabilities/permissions</help>
<completionHelp>
- <list>net-admin net-bind-service net-raw setpcap sys-admin sys-time</list>
+ <list>net-admin net-bind-service net-raw setpcap sys-admin sys-module sys-time</list>
</completionHelp>
<valueHelp>
<format>net-admin</format>
@@ -48,11 +48,15 @@
<description>Administation operations (quotactl, mount, sethostname, setdomainame)</description>
</valueHelp>
<valueHelp>
+ <format>sys-module</format>
+ <description>Load, unload and delete kernel modules</description>
+ </valueHelp>
+ <valueHelp>
<format>sys-time</format>
<description>Permission to set system clock</description>
</valueHelp>
<constraint>
- <regex>(net-admin|net-bind-service|net-raw|setpcap|sys-admin|sys-time)</regex>
+ <regex>(net-admin|net-bind-service|net-raw|setpcap|sys-admin|sys-module|sys-time)</regex>
</constraint>
<multi/>
</properties>