containers: T4006: Add capabilities net-bind-service

Signed-off-by: Anthony Rabbito <hello@anthonyrabbito.com>

1 files changed, 6 insertions, 2 deletions

diff --git a/interface-definitions/containers.xml.in b/interface-definitions/containers.xml.in
index 1e9c36ee5..30c7110b8 100644
--- a/interface-definitions/containers.xml.in
+++ b/interface-definitions/containers.xml.in
@@ -25,13 +25,17 @@
             <properties>
               <help>Container capabilities/permissions</help>
               <completionHelp>
-                <list>net-admin net-raw setpcap sys-admin sys-time</list>
+                <list>net-admin net-bind-service net-raw setpcap sys-admin sys-time</list>
               </completionHelp>
               <valueHelp>
                 <format>net-admin</format>
                 <description>Network operations (interface, firewall, routing tables)</description>
               </valueHelp>
               <valueHelp>
+                <format>net-bind-service</format>
+                <description>Bind a socket to privileged ports (port numbers less than 1024)</description>
+              </valueHelp>
+              <valueHelp>
                 <format>net-raw</format>
                 <description>Permission to create raw network sockets</description>
               </valueHelp>
@@ -48,7 +52,7 @@
                 <description>Permission to set system clock</description>
               </valueHelp>
               <constraint>
-                <regex>^(net-admin|net-raw|setpcap|sys-admin|sys-time)$</regex>
+                <regex>^(net-admin|net-bind-service|net-raw|setpcap|sys-admin|sys-time)$</regex>
               </constraint>
               <multi/>
             </properties>