diff options
author | Viacheslav <v.gletenko@vyos.io> | 2021-10-15 18:18:39 +0000 |
---|---|---|
committer | Viacheslav <v.gletenko@vyos.io> | 2021-10-15 18:18:39 +0000 |
commit | a633bdd2ed65971b2f137d5f985f8f3d85b9acfc (patch) | |
tree | 058f7c2743efe777796647dc03a8de45fcf17b5b /src/conf_mode/containers.py | |
parent | d4c5e78fc94a375487a968083f88d96323b67301 (diff) | |
download | vyos-1x-a633bdd2ed65971b2f137d5f985f8f3d85b9acfc.tar.gz vyos-1x-a633bdd2ed65971b2f137d5f985f8f3d85b9acfc.zip |
containers: T3676: Allow to set capabilities
Diffstat (limited to 'src/conf_mode/containers.py')
-rwxr-xr-x | src/conf_mode/containers.py | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/src/conf_mode/containers.py b/src/conf_mode/containers.py index 1e0197a13..cc34f9d39 100755 --- a/src/conf_mode/containers.py +++ b/src/conf_mode/containers.py @@ -271,6 +271,14 @@ def apply(container): tmp = run(f'podman image exists {image}') if tmp != 0: print(os.system(f'podman pull {image}')) + # Add capability options. Should be in uppercase + cap_add = '' + if 'cap_add' in container_config: + for c in container_config['cap_add']: + c = c.upper() + c = c.replace('-', '_') + cap_add += f' --cap-add={c}' + # Check/set environment options "-e foo=bar" env_opt = '' if 'environment' in container_config: @@ -299,7 +307,7 @@ def apply(container): dvol = vol_config['destination'] volume += f' -v {svol}:{dvol}' - container_base_cmd = f'podman run --detach --interactive --tty --replace ' \ + container_base_cmd = f'podman run --detach --interactive --tty --replace {cap_add} ' \ f'--memory {memory}m --memory-swap 0 --restart {restart} ' \ f'--name {name} {port} {volume} {env_opt}' if 'allow_host_networks' in container_config: |